rpms/pixman
5
0
Fork 0
Code Issues Pull Requests Releases Activity
Pixel manipulation library
6 Commits 8 Branches 17 Tags 170 KiB
Shell 100%
c8s
Go to file
José Expósito 046693e14b Backport fix for CVE-2022-44638 
pixman < 0.42.2 is affected by an out-of-bounds write error in the
`rasterize_edges_8()` function due to an integer overflow in the
`pixman_sample_floor_y()` function.

For more information please check the upstream bug report [1].

This patch backports commit a1f88e842e02 ("Avoid integer overflow
leading to out-of-bounds write") [2] to fix CVE-2022-44638.

In order to test and validate the fix, a reproducer can be found in the
original bug report [3] and compiled with the following command:

    $ gcc -o poc poc.c -ldl -fsanitize=address \
      $(pkg-config --cflags --libs pixman-1)

[1] https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
[2] a1f88e842e
[3] https://gitlab.freedesktop.org/pixman/pixman/uploads/a55795e36afc03445ed838b0fda786f9/poc.c
Resolves: https://issues.redhat.com/browse/RHEL-7854
2023-10-04 10:59:02 +02:00
.gitignore Import rpm: c8s 2023-02-27 14:59:49 -05:00
0001-Avoid-integer-overflow-leading-to-out-of-bounds-writ.patch Backport fix for CVE-2022-44638 2023-10-04 10:59:02 +02:00
0001-Fix-bilinear-filter-computation-in-wide-pipeline.patch Fix bilinear filter computation in wide pipeline 2023-09-15 12:48:09 +02:00
0001-Initialize-temporary-buffers-in-general_composite_re.patch Auto sync2gitlab import of pixman-0.38.4-2.el8.src.rpm 2022-05-26 13:21:25 -04:00
gating.yaml Bring gating.yaml over from Brew dist-git 2023-03-10 11:14:13 -08:00
make-pixman-snapshot.sh Auto sync2gitlab import of pixman-0.38.4-2.el8.src.rpm 2022-05-26 13:21:25 -04:00
pixman.spec Backport fix for CVE-2022-44638 2023-10-04 10:59:02 +02:00
sources Auto sync2gitlab import of pixman-0.38.4-2.el8.src.rpm 2022-05-26 13:21:25 -04:00