rpms/pixman
5
0
Fork 0
Code Issues Pull Requests Releases Activity
Pixel manipulation library
7 Commits 8 Branches 17 Tags 170 KiB
Shell 100%
c9s
Go to file
José Expósito b49f14e9cd Backport fix for CVE-2022-44638 
pixman < 0.42.2 is affected by an out-of-bounds write error in the
`rasterize_edges_8()` function due to an integer overflow in the
`pixman_sample_floor_y()` function.

For more information please check the upstream bug report [1].

This patch backports commit a1f88e842e02 ("Avoid integer overflow
leading to out-of-bounds write") [2] to fix CVE-2022-44638.

In order to test and validate the fix, a reproducer can be found in the
original bug report [3] and compiled with the following command:

    $ gcc -o poc poc.c -ldl -fsanitize=address \
      $(pkg-config --cflags --libs pixman-1)

[1] https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
[2] a1f88e842e
[3] https://gitlab.freedesktop.org/pixman/pixman/uploads/a55795e36afc03445ed838b0fda786f9/poc.c
Resolves: https://issues.redhat.com/browse/RHEL-11645
2023-10-04 12:55:03 +02:00
.gitignore RHEL 9.0.0 Alpha bootstrap 2020-10-14 16:03:25 -07:00
0001-Avoid-integer-overflow-leading-to-out-of-bounds-writ.patch Backport fix for CVE-2022-44638 2023-10-04 12:55:03 +02:00
gating.yaml enabling gating for el9 2021-06-16 13:43:26 +02:00
make-pixman-snapshot.sh RHEL 9.0.0 Alpha bootstrap 2020-10-14 16:03:25 -07:00
pixman-0.34.0-vmx.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 16:03:25 -07:00
pixman.spec Backport fix for CVE-2022-44638 2023-10-04 12:55:03 +02:00
sources RHEL 9.0.0 Alpha bootstrap 2020-10-14 16:03:25 -07:00