- prevent from an infinite loop when decoding bad GIF images (#194520)

2006-07-10 13:18:54 +00:00 · 2006-07-10 13:18:54 +00:00 · 98cc7b6764
commit 98cc7b6764
parent 2e2f31aa92
2 changed files with 29 additions and 4 deletions
--- a/gd-loop.patch
+++ b/gd-loop.patch
@ -0,0 +1,23 @@
+--- gd-2.0.33/gd_gif_in.c.loop	2004-11-01 19:28:56.000000000 +0100
+++ gd-2.0.33/gd_gif_in.c	2006-07-10 14:59:42.000000000 +0200
+@@ -418,16 +418,17 @@
+                        return firstcode;
+                } else if (code == end_code) {
+                        int             count;
+					   int max_count = 1024;
+                        unsigned char   buf[260];
+ 
+                        if (*ZeroDataBlockP)
+                                return -2;
+ 
+-                       while ((count = GetDataBlock(fd, buf, ZeroDataBlockP)) > 0)
+                       while ((count = GetDataBlock(fd, buf, ZeroDataBlockP)) > 0 && --max_count >= 0 )
+                                ;
+ 
+-                       if (count != 0)
+-                       return -2;
+                       if (count != 0 || max_count < 0 )
+						 return -2;
+                }
+ 
+                incode = code;
--- a/gd.spec
+++ b/gd.spec
@ -1,7 +1,7 @@
 Summary:       A graphics library for quick creation of PNG or JPEG images
 Name:          gd
 Version:       2.0.33
-Release:       8
+Release:       9
 Group:         System Environment/Libraries
 License:       BSD-style
 URL:           http://www.boutell.com/gd/
@ -10,6 +10,7 @@ Patch0:        gd-2.0.33-freetype.patch
 Patch1:        gd-2.0.33-SetAAPixel.patch
 Patch2:        gd-2.0.33-security.patch
 Patch3:	       gd-2.0.33-multilib.patch
+Patch4:        gd-loop.patch
 BuildRoot:     %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: freetype-devel, fontconfig-devel, libX11-devel, libXpm-devel
 BuildRequires: libjpeg-devel, libpng-devel, zlib-devel, pkgconfig
@ -53,6 +54,7 @@ files for gd, a graphics library for creating PNG and JPEG graphics.
 %patch1 -p1 -b .SetAAPixel
 %patch2 -p1 -b .security
 %patch3 -p1 -b .mlib
+%patch4 -p1 -b .loop

 %build
 %configure --disable-rpath
@ -92,9 +94,9 @@ rm -rf $RPM_BUILD_ROOT


 %changelog
-* Tue Jun 06 2006 Karsten Hopp <karsten@redhat.de> 2.0.33-8
- buildrequire pkgconfig
-
+* Mon Jul 10 2006 Jitka Kudrnacova <jkudrnac@redhat.com> 2.0.33-9
+- prevent from an infinite loop when decoding bad GIF images (#194520)
+ 
 * Thu May 25 2006 Ivana Varekova <varekova@redhat.com> - 2.0.33-7
 - fix multilib problem (add pkgconfig)