*-x{c,li}b-Don-t-crash-when-swapping-a-0-sized-glyph.patch: Fix some
crashes when client and server endian don't match.
This commit is contained in:
Adam Jackson
parent
2cba0646a8
commit
768b1217ce
43
0001-xlib-Don-t-crash-when-swapping-a-0-sized-glyph.patch
Normal file
43
0001-xlib-Don-t-crash-when-swapping-a-0-sized-glyph.patch
Normal file
@ -0,0 +1,43 @@
|
||||
From 8dc3b629434ce256f8e6a584c5853ae9b4230c33 Mon Sep 17 00:00:00 2001
|
||||
From: Adam Jackson <ajax@redhat.com>
|
||||
Date: Wed, 31 Oct 2012 16:06:51 -0400
|
||||
Subject: [PATCH 1/2] xlib: Don't crash when swapping a 0-sized glyph
|
||||
|
||||
malloc(0) needn't return NULL, and on glibc, doesn't. Then we encounter
|
||||
a loop of the form do { ... } while (--c), which doesn't do quite what
|
||||
you were hoping for when c is initially 0.
|
||||
|
||||
Since there's nothing to swap in this case, just bomb out.
|
||||
|
||||
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
||||
---
|
||||
src/cairo-xlib-render-compositor.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/src/cairo-xlib-render-compositor.c b/src/cairo-xlib-render-compositor.c
|
||||
index 74c43e9..e38a659 100644
|
||||
--- a/src/cairo-xlib-render-compositor.c
|
||||
+++ b/src/cairo-xlib-render-compositor.c
|
||||
@@ -1251,6 +1251,9 @@ _cairo_xlib_surface_add_glyph (cairo_xlib_display_t *display,
|
||||
unsigned char *d;
|
||||
unsigned char *new, *n;
|
||||
|
||||
+ if (c == 0)
|
||||
+ break;
|
||||
+
|
||||
new = malloc (c);
|
||||
if (!new) {
|
||||
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
|
||||
@@ -1276,6 +1279,9 @@ _cairo_xlib_surface_add_glyph (cairo_xlib_display_t *display,
|
||||
const uint32_t *d;
|
||||
uint32_t *new, *n;
|
||||
|
||||
+ if (c == 0)
|
||||
+ break;
|
||||
+
|
||||
new = malloc (4 * c);
|
||||
if (unlikely (new == NULL)) {
|
||||
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
|
||||
--
|
||||
1.7.12.1
|
||||
|
||||
43
0002-xcb-Don-t-crash-when-swapping-a-0-sized-glyph.patch
Normal file
43
0002-xcb-Don-t-crash-when-swapping-a-0-sized-glyph.patch
Normal file
@ -0,0 +1,43 @@
|
||||
From 4cad9bf9f0744efe17f1b70548cd2059df071e81 Mon Sep 17 00:00:00 2001
|
||||
From: Adam Jackson <ajax@redhat.com>
|
||||
Date: Wed, 31 Oct 2012 16:12:58 -0400
|
||||
Subject: [PATCH 2/2] xcb: Don't crash when swapping a 0-sized glyph
|
||||
|
||||
malloc(0) needn't return NULL, and on glibc, doesn't. Then we encounter
|
||||
a loop of the form do { ... } while (--c), which doesn't do quite what
|
||||
you were hoping for when c is initially 0.
|
||||
|
||||
Since there's nothing to swap in this case, just bomb out.
|
||||
|
||||
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
||||
---
|
||||
src/cairo-xcb-surface-render.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/src/cairo-xcb-surface-render.c b/src/cairo-xcb-surface-render.c
|
||||
index 27ed113..16d1ef8 100644
|
||||
--- a/src/cairo-xcb-surface-render.c
|
||||
+++ b/src/cairo-xcb-surface-render.c
|
||||
@@ -4461,6 +4461,9 @@ _cairo_xcb_surface_add_glyph (cairo_xcb_connection_t *connection,
|
||||
const uint8_t *d;
|
||||
uint8_t *new, *n;
|
||||
|
||||
+ if (c == 0)
|
||||
+ break;
|
||||
+
|
||||
new = malloc (c);
|
||||
if (unlikely (new == NULL)) {
|
||||
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
|
||||
@@ -4489,6 +4492,9 @@ _cairo_xcb_surface_add_glyph (cairo_xcb_connection_t *connection,
|
||||
const uint32_t *d;
|
||||
uint32_t *new, *n;
|
||||
|
||||
+ if (c == 0)
|
||||
+ break;
|
||||
+
|
||||
new = malloc (4 * c);
|
||||
if (unlikely (new == NULL)) {
|
||||
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
|
||||
--
|
||||
1.7.12.1
|
||||
|
||||
11
cairo.spec
11
cairo.spec
@ -5,7 +5,7 @@
|
||||
Summary: A 2D graphics library
|
||||
Name: cairo
|
||||
Version: 1.12.6
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
URL: http://cairographics.org
|
||||
#VCS: git:git://git.freedesktop.org/git/cairo
|
||||
#Source0: http://cairographics.org/snapshots/%{name}-%{version}.tar.xz
|
||||
@ -13,6 +13,9 @@ Source0: http://cairographics.org/releases/%{name}-%{version}.tar.xz
|
||||
License: LGPLv2 or MPLv1.1
|
||||
Group: System Environment/Libraries
|
||||
|
||||
Patch0: 0001-xlib-Don-t-crash-when-swapping-a-0-sized-glyph.patch
|
||||
Patch1: 0002-xcb-Don-t-crash-when-swapping-a-0-sized-glyph.patch
|
||||
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: libXrender-devel
|
||||
BuildRequires: libX11-devel
|
||||
@ -89,6 +92,8 @@ This package contains tools for working with the cairo graphics library.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1 -b .xlib-swap
|
||||
%patch1 -p1 -b .xcb-swap
|
||||
|
||||
%build
|
||||
%configure --disable-static \
|
||||
@ -172,6 +177,10 @@ rm $RPM_BUILD_ROOT%{_libdir}/*.la
|
||||
%{_libdir}/cairo/
|
||||
|
||||
%changelog
|
||||
* Wed Oct 31 2012 Adam Jackson <ajax@redhat.com> 1.12.6-2
|
||||
- *-x{c,li}b-Don-t-crash-when-swapping-a-0-sized-glyph.patch: Fix some
|
||||
crashes when client and server endian don't match.
|
||||
|
||||
* Thu Oct 25 2012 Kalev Lember <kalevlember@gmail.com> - 1.12.6-1
|
||||
- Update to 1.12.6
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user