- update to 10.47.17
- add couple of missign overflow checks
This commit is contained in:
parent
e498cdb11e
commit
6e4c1e5a53
@ -1 +1 @@
|
|||||||
netpbm-10.47.16.tar.xz
|
netpbm-10.47.17.tar.xz
|
||||||
|
@ -878,6 +878,102 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtomitsu.c.security netpbm-10.47.04/con
|
|||||||
medias.maxcols *= 2;
|
medias.maxcols *= 2;
|
||||||
medias.maxrows *= 2;
|
medias.maxrows *= 2;
|
||||||
}
|
}
|
||||||
|
diff -up netpbm-10.47.04/converter/ppm/ppmtompeg/iframe.c.security netpbm-10.47.04/converter/ppm/ppmtompeg/iframe.c
|
||||||
|
--- netpbm-10.47.04/converter/ppm/ppmtompeg/iframe.c.security 2009-10-21 13:39:09.000000000 +0200
|
||||||
|
+++ netpbm-10.47.04/converter/ppm/ppmtompeg/iframe.c 2009-10-21 15:09:33.000000000 +0200
|
||||||
|
@@ -800,7 +800,8 @@ BlockComputeSNR(MpegFrame * const curren
|
||||||
|
if (needs_init) {
|
||||||
|
int ysz = (Fsize_y>>3) * sizeof(int32 *);
|
||||||
|
int xsz = (Fsize_x>>3);
|
||||||
|
-
|
||||||
|
+
|
||||||
|
+ overflow2((Fsize_y>>3), sizeof(int32 *));
|
||||||
|
needs_init = FALSE;
|
||||||
|
for (y=0; y<3; y++) {
|
||||||
|
varDiff[y] = ratio[y] = total[y] = 0.0;
|
||||||
|
@@ -819,6 +820,7 @@ BlockComputeSNR(MpegFrame * const curren
|
||||||
|
fprintf(stderr, "Out of memory in BlockComputeSNR\n");
|
||||||
|
exit(-1);
|
||||||
|
}
|
||||||
|
+ overflow2(xsz,4);
|
||||||
|
for (y = 0; y < ySize[0]>>3; y++) {
|
||||||
|
SignalY[y] = (int32 *) calloc(xsz,4);
|
||||||
|
SignalCr[y] = (int32 *) calloc(xsz,4);
|
||||||
|
diff -up netpbm-10.47.04/converter/ppm/ppmtompeg/parallel.c.security netpbm-10.47.04/converter/ppm/ppmtompeg/parallel.c
|
||||||
|
--- netpbm-10.47.04/converter/ppm/ppmtompeg/parallel.c.security 2009-10-21 13:39:10.000000000 +0200
|
||||||
|
+++ netpbm-10.47.04/converter/ppm/ppmtompeg/parallel.c 2009-10-21 15:09:33.000000000 +0200
|
||||||
|
@@ -2161,7 +2161,9 @@ DecodeServer(int const numInput
|
||||||
|
const char * error;
|
||||||
|
|
||||||
|
/* should keep list of port numbers to notify when frames become ready */
|
||||||
|
-
|
||||||
|
+
|
||||||
|
+ overflow2(numInputFiles, sizeof(int));
|
||||||
|
+ overflow2(numInputFiles, sizeof(boolean));
|
||||||
|
ready = (boolean *) calloc(numInputFiles, sizeof(boolean));
|
||||||
|
waitMachine = (int *) calloc(numInputFiles, sizeof(int));
|
||||||
|
waitPort = (int *) malloc(numMachines*sizeof(int));
|
||||||
|
diff -up netpbm-10.47.04/converter/ppm/ppmtompeg/psearch.c.security netpbm-10.47.04/converter/ppm/ppmtompeg/psearch.c
|
||||||
|
--- netpbm-10.47.04/converter/ppm/ppmtompeg/psearch.c.security 2009-10-21 13:39:10.000000000 +0200
|
||||||
|
+++ netpbm-10.47.04/converter/ppm/ppmtompeg/psearch.c 2009-10-21 15:09:33.000000000 +0200
|
||||||
|
@@ -216,7 +216,14 @@ SetSearchRange(int const pixelsP, int co
|
||||||
|
int const max_search = max(searchRangeP, searchRangeB);
|
||||||
|
|
||||||
|
int index;
|
||||||
|
-
|
||||||
|
+
|
||||||
|
+ overflow2(searchRangeP, 2);
|
||||||
|
+ overflow2(searchRangeB, 2);
|
||||||
|
+ overflow_add(searchRangeP*2, 3);
|
||||||
|
+ overflow_add(searchRangeB*2, 3);
|
||||||
|
+ overflow2(2*searchRangeB+3, sizeof(int));
|
||||||
|
+ overflow2(2*searchRangeP+3, sizeof(int));
|
||||||
|
+
|
||||||
|
pmvHistogram = (int **) malloc((2*searchRangeP+3)*sizeof(int *));
|
||||||
|
bbmvHistogram = (int **) malloc((2*searchRangeB+3)*sizeof(int *));
|
||||||
|
bfmvHistogram = (int **) malloc((2*searchRangeB+3)*sizeof(int *));
|
||||||
|
@@ -800,6 +807,9 @@ ShowPMVHistogram(fpointer)
|
||||||
|
int *columnTotals;
|
||||||
|
int rowTotal;
|
||||||
|
|
||||||
|
+ overflow2(searchRangeP, 2);
|
||||||
|
+ overflow_add(searchRangeP*2, 3);
|
||||||
|
+ overflow2(searchRangeP*2+3, sizeof(int));
|
||||||
|
columnTotals = (int *) calloc(2*searchRangeP+3, sizeof(int));
|
||||||
|
|
||||||
|
#ifdef COMPLETE_DISPLAY
|
||||||
|
@@ -847,6 +857,9 @@ ShowBBMVHistogram(fpointer)
|
||||||
|
|
||||||
|
fprintf(fpointer, "B-frame Backwards:\n");
|
||||||
|
|
||||||
|
+ overflow2(searchRangeB, 2);
|
||||||
|
+ overflow_add(searchRangeB*2, 3);
|
||||||
|
+ overflow2(searchRangeB*2+3, sizeof(int));
|
||||||
|
columnTotals = (int *) calloc(2*searchRangeB+3, sizeof(int));
|
||||||
|
|
||||||
|
#ifdef COMPLETE_DISPLAY
|
||||||
|
@@ -894,6 +907,9 @@ ShowBFMVHistogram(fpointer)
|
||||||
|
|
||||||
|
fprintf(fpointer, "B-frame Forwards:\n");
|
||||||
|
|
||||||
|
+ overflow2(searchRangeB, 2);
|
||||||
|
+ overflow_add(searchRangeB*2, 3);
|
||||||
|
+ overflow2(searchRangeB*2+3, sizeof(int));
|
||||||
|
columnTotals = (int *) calloc(2*searchRangeB+3, sizeof(int));
|
||||||
|
|
||||||
|
#ifdef COMPLETE_DISPLAY
|
||||||
|
diff -up netpbm-10.47.04/converter/ppm/ppmtompeg/rgbtoycc.c.security netpbm-10.47.04/converter/ppm/ppmtompeg/rgbtoycc.c
|
||||||
|
--- netpbm-10.47.04/converter/ppm/ppmtompeg/rgbtoycc.c.security 2009-10-21 13:39:10.000000000 +0200
|
||||||
|
+++ netpbm-10.47.04/converter/ppm/ppmtompeg/rgbtoycc.c 2009-10-21 15:09:33.000000000 +0200
|
||||||
|
@@ -72,6 +72,8 @@ compute_mult_tables(const pixval maxval)
|
||||||
|
}
|
||||||
|
table_maxval = maxval;
|
||||||
|
|
||||||
|
+ overflow_add(table_maxval, 1);
|
||||||
|
+ overflow2(table_maxval+1, sizeof(float));
|
||||||
|
mult299 = malloc((table_maxval+1)*sizeof(float));
|
||||||
|
mult587 = malloc((table_maxval+1)*sizeof(float));
|
||||||
|
mult114 = malloc((table_maxval+1)*sizeof(float));
|
||||||
diff -up netpbm-10.47.04/converter/ppm/ppmtopcx.c.security netpbm-10.47.04/converter/ppm/ppmtopcx.c
|
diff -up netpbm-10.47.04/converter/ppm/ppmtopcx.c.security netpbm-10.47.04/converter/ppm/ppmtopcx.c
|
||||||
--- netpbm-10.47.04/converter/ppm/ppmtopcx.c.security 2009-10-21 13:39:10.000000000 +0200
|
--- netpbm-10.47.04/converter/ppm/ppmtopcx.c.security 2009-10-21 13:39:10.000000000 +0200
|
||||||
+++ netpbm-10.47.04/converter/ppm/ppmtopcx.c 2009-10-21 15:09:33.000000000 +0200
|
+++ netpbm-10.47.04/converter/ppm/ppmtopcx.c 2009-10-21 15:09:33.000000000 +0200
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
Summary: A library for handling different graphics file formats
|
Summary: A library for handling different graphics file formats
|
||||||
Name: netpbm
|
Name: netpbm
|
||||||
Version: 10.47.16
|
Version: 10.47.17
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
# See copyright_summary for details
|
# See copyright_summary for details
|
||||||
License: BSD and GPLv2 and IJG and MIT and Public Domain
|
License: BSD and GPLv2 and IJG and MIT and Public Domain
|
||||||
@ -251,6 +251,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%doc userguide/*
|
%doc userguide/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jul 12 2010 Jindrich Novy <jnovy@redhat.com> 10.47.17-1
|
||||||
|
- update to 10.47.17
|
||||||
|
- add couple of missign overflow checks
|
||||||
|
|
||||||
* Fri Jun 18 2010 Jindrich Novy <jnovy@redhat.com> 10.47.16-1
|
* Fri Jun 18 2010 Jindrich Novy <jnovy@redhat.com> 10.47.16-1
|
||||||
- update to 10.47.16
|
- update to 10.47.16
|
||||||
- fixes pbmtext
|
- fixes pbmtext
|
||||||
|
Loading…
Reference in New Issue
Block a user