Date: Sun, 15 Apr 2018 19:12:19 +0000 (UTC) From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r467404 - in head/graphics/freeimage: . files Message-ID: <201804151912.w3FJCJeU055859@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sunpoet Date: Sun Apr 15 19:12:19 2018 New Revision: 467404 URL: https://svnweb.freebsd.org/changeset/ports/467404 Log: Fix CVE-2016-5684 - Bump PORTREVISION for package change Obtained from: https://sourceforge.net/p/freeimage/svn/1735/ https://sourceforge.net/p/freeimage/svn/1740/ Security: 5b1631dc-eafd-11e6-9ac1-a4badb2f4699 MFH: 2018Q2 Added: head/graphics/freeimage/files/patch-Source-FreeImage-PluginXPM.cpp (contents, props changed) Modified: head/graphics/freeimage/Makefile Modified: head/graphics/freeimage/Makefile ============================================================================== --- head/graphics/freeimage/Makefile Sun Apr 15 17:56:25 2018 (r467403) +++ head/graphics/freeimage/Makefile Sun Apr 15 19:12:19 2018 (r467404) @@ -3,7 +3,7 @@ PORTNAME= freeimage PORTVERSION= 3.16.0 -PORTREVISION= 3 +PORTREVISION= 4 # Version 3.17.0 is available, but does not build on i386 (and probably # other 32-bit arches) without some not-quite-trivial patching. If one # decides to update the port, please make sure 32-bit builds are tested! Added: head/graphics/freeimage/files/patch-Source-FreeImage-PluginXPM.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/graphics/freeimage/files/patch-Source-FreeImage-PluginXPM.cpp Sun Apr 15 19:12:19 2018 (r467404) @@ -0,0 +1,23 @@ +--- Source/FreeImage/PluginXPM.cpp.orig 2013-11-29 19:29:14 UTC ++++ Source/FreeImage/PluginXPM.cpp +@@ -181,6 +181,11 @@ Load(FreeImageIO *io, fi_handle handle, + } + free(str); + ++ // check info string ++ if((width <= 0) || (height <= 0) || (colors <= 0) || (cpp <= 0)) { ++ throw "Improperly formed info string"; ++ } ++ + if (colors > 256) { + dib = FreeImage_AllocateHeader(header_only, width, height, 24, FI_RGBA_RED_MASK, FI_RGBA_GREEN_MASK, FI_RGBA_BLUE_MASK); + } else { +@@ -193,7 +198,7 @@ Load(FreeImageIO *io, fi_handle handle, + FILE_RGBA rgba; + + str = ReadString(io, handle); +- if(!str) ++ if(!str || (strlen(str) < (size_t)cpp)) + throw "Error reading color strings"; + + std::string chrs(str,cpp); //create a string for the color chars using the first cpp chars
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804151912.w3FJCJeU055859>