rpms/autotrace
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed buffer overflow when parsing BMP files

Browse Source 
Resolves: CVE-2013-1953
This commit is contained in:
Jaroslav Škarvada 2013-06-28 11:11:00 +02:00
parent d385f9d169
commit b038d5c137
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
autotrace-0.31.1-CVE-2013-1953.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
--- autotrace-0.31.1/input-bmp.c.orig 2002-10-10 22:44:08.000000000 +0200
+++ autotrace-0.31.1/input-bmp.c 2013-06-28 10:24:58.336056959 +0200
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
/* 36 */
Maps = 4;
}
- else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
+ else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
{
if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
{

9
autotrace.spec
View File

@ -1,6 +1,6 @@
Name: autotrace Name: autotrace
Version: 0.31.1 Version: 0.31.1
Release: 33%{?dist} Release: 34%{?dist}
Summary: Utility for converting bitmaps to vector graphics Summary: Utility for converting bitmaps to vector graphics
Group: Applications/Multimedia Group: Applications/Multimedia
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
@ -9,6 +9,8 @@ Source0: http://download.sf.net/autotrace/autotrace-0.31.1.tar.gz
Patch1: autotrace-0001-Modify-GetOnePixel-usage-to-build-against-current-Im.patch Patch1: autotrace-0001-Modify-GetOnePixel-usage-to-build-against-current-Im.patch
Patch2: autotrace-0002-Fixed-underquoted-AM_PATH_AUTOTRACE-definition.patch Patch2: autotrace-0002-Fixed-underquoted-AM_PATH_AUTOTRACE-definition.patch
Patch3: autotrace-0003-libpng-fix.patch Patch3: autotrace-0003-libpng-fix.patch
# Sent upstream
Patch4: autotrace-0.31.1-CVE-2013-1953.patch
BuildRequires: ImageMagick-devel BuildRequires: ImageMagick-devel
BuildRequires: libpng-devel > 2:1.2 BuildRequires: libpng-devel > 2:1.2
BuildRequires: libexif-devel BuildRequires: libexif-devel
@ -46,6 +48,7 @@ This package contains header files and development libraries for autotrace.
%patch1 -p1 -b .GetOnePixel %patch1 -p1 -b .GetOnePixel
%patch2 -p1 -b .aclocal18 %patch2 -p1 -b .aclocal18
%patch3 -p1 -b .libpng15 %patch3 -p1 -b .libpng15
%patch4 -p1 -b .CVE-2013-1953
%build %build
%configure %configure
@ -80,6 +83,10 @@ find $RPM_BUILD_ROOT -type f -name "*.a" -exec rm -f {} ';'
%changelog %changelog
* Fri Jun 28 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 0.31.1-34
- Fixed buffer overflow when parsing BMP files
Resolves: CVE-2013-1953
* Mon Mar 18 2013 Jon Ciesla <limburgher@gmail.com> - 0.31.1-33 * Mon Mar 18 2013 Jon Ciesla <limburgher@gmail.com> - 0.31.1-33
- ImageMagick rebuild. - ImageMagick rebuild.