From a276486e2867b1ec0629ccd9a5ef6eab9c2bd255 Mon Sep 17 00:00:00 2001 From: Jindrich Novy Date: Wed, 27 Jan 2010 10:45:52 +0000 Subject: [PATCH] - fix buffer overflow in pnmtofiasco --- netpbm-fiasco-overflow.patch | 12 ++++++++++++ netpbm.spec | 7 ++++++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 netpbm-fiasco-overflow.patch diff --git a/netpbm-fiasco-overflow.patch b/netpbm-fiasco-overflow.patch new file mode 100644 index 0000000..850dbc3 --- /dev/null +++ b/netpbm-fiasco-overflow.patch @@ -0,0 +1,12 @@ +diff -up netpbm-10.47.09/converter/other/fiasco/lib/image.h.fiasco-overflow netpbm-10.47.09/converter/other/fiasco/lib/image.h +--- netpbm-10.47.09/converter/other/fiasco/lib/image.h.fiasco-overflow 2010-01-25 09:00:48.000000000 +0100 ++++ netpbm-10.47.09/converter/other/fiasco/lib/image.h 2010-01-27 10:29:48.000000000 +0100 +@@ -29,7 +29,7 @@ typedef struct image + * Image data + */ + { +- char id [7]; ++ char id [8]; + unsigned reference_count; + unsigned width; /* Width of the image */ + unsigned height; /* Height of the image */ diff --git a/netpbm.spec b/netpbm.spec index 531c971..f57e7dd 100644 --- a/netpbm.spec +++ b/netpbm.spec @@ -1,7 +1,7 @@ Summary: A library for handling different graphics file formats Name: netpbm Version: 10.47.09 -Release: 1%{?dist} +Release: 2%{?dist} # See copyright_summary for details License: BSD and GPLv2 and IJG and MIT and Public Domain Group: System Environment/Libraries @@ -27,6 +27,7 @@ Patch13: netpbm-glibc.patch Patch14: netpbm-svgtopam.patch Patch15: netpbm-docfix.patch Patch16: netpbm-ppmfadeusage.patch +Patch17: netpbm-fiasco-overflow.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libjpeg-devel, libpng-devel, libtiff-devel, flex BuildRequires: libX11-devel, python, jasper-devel @@ -84,6 +85,7 @@ netpbm-progs. You'll also need to install the netpbm package. %patch14 -p1 -b .svgtopam %patch15 -p1 -b .docfix %patch16 -p1 -b .ppmfadeusage +%patch17 -p1 -b .fiasco-overflow sed -i 's/STRIPFLAG = -s/STRIPFLAG =/g' config.mk.in @@ -212,6 +214,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/netpbm/ %changelog +* Wed Jan 27 2010 Jindrich Novy 10.47.09-2 +- fix buffer overflow in pnmtofiasco + * Mon Jan 25 2010 Jindrich Novy 10.47.09-1 - update to 10.47.09, fixes occassional crash in pamtosvg - fix documentation