rpms/icoutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

prevent access to unallocated memory in wrestool (BZ #1249276)

Browse Source
This commit is contained in:
Martin Gieseking 2015-09-08 11:14:31 +02:00
parent 70215288f8
commit 1fddc18110
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
icoutils-wrestool-extract.patch Normal file
View File

@ -0,0 +1,22 @@
diff --git a/wrestool/extract.c b/wrestool/extract.c
index a203d04..8192a1f 100644
--- a/wrestool/extract.c
+++ b/wrestool/extract.c
@@ -237,13 +237,15 @@ extract_group_icon_cursor_resource(WinLibrary *fi, WinResource *wr, char *lang,
fileicondir->entries[c-skipped].dib_offset = offset;
/* transfer resource into file memory */
+ if (size > icondir->entries[c].bytes_in_res)
+ size = icondir->entries[c].bytes_in_res;
if (is_icon) {
- memcpy(&memory[offset], data, icondir->entries[c].bytes_in_res);
+ memcpy(&memory[offset], data, size);
} else {
fileicondir->entries[c-skipped].hotspot_x = ((uint16_t *) data)[0];
fileicondir->entries[c-skipped].hotspot_y = ((uint16_t *) data)[1];
memcpy(&memory[offset], data+sizeof(uint16_t)*2,
- icondir->entries[c].bytes_in_res-sizeof(uint16_t)*2);
+ size-sizeof(uint16_t)*2);
offset -= sizeof(uint16_t)*2;
}

10
icoutils.spec
View File

@ -1,6 +1,6 @@
Name: icoutils Name: icoutils
Version: 0.31.0 Version: 0.31.0
Release: 7%{?dist} Release: 8%{?dist}
Summary: Utility for extracting and converting Microsoft icon and cursor files Summary: Utility for extracting and converting Microsoft icon and cursor files
Group: Applications/Multimedia Group: Applications/Multimedia
@ -8,6 +8,10 @@ License: GPLv3+
URL: http://www.nongnu.org/icoutils/ URL: http://www.nongnu.org/icoutils/
Source0: http://savannah.nongnu.org/download/%{name}/%{name}-%{version}.tar.bz2 Source0: http://savannah.nongnu.org/download/%{name}/%{name}-%{version}.tar.bz2
# wrestool: ensure that reading the resource data doesn't exceed the
# allocated memory block
Patch0: %{name}-wrestool-extract.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: gettext BuildRequires: gettext
@ -24,6 +28,7 @@ libraries.
%prep %prep
%setup -q %setup -q
%patch0 -p1
autoreconf -i autoreconf -i
for f in AUTHORS NEWS; do for f in AUTHORS NEWS; do
@ -52,6 +57,9 @@ make install DESTDIR=%{buildroot}
%changelog %changelog
* Tue Sep 08 2015 Martin Gieseking <martin.gieseking@uos.de> 0.31.0-8
- Added patch to prevent wrestool to segfault when reading inconsistent resource data
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.0-7 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild