diff options
Diffstat (limited to 'meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch')
-rw-r--r-- | meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch deleted file mode 100644 index 54ef22cb62..0000000000 --- a/meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 6ab531ef0d82efb9e00236ee5ea23928335d221f Mon Sep 17 00:00:00 2001 -From: Catalin Enache <catalin.enache@windriver.com> -Date: Fri, 7 Apr 2017 12:30:22 +0300 -Subject: [PATCH] Fix DOS vulnerability in gdImageCreateFromGd2Ctx() - -We must not pretend that there are image data if there are none. Instead -we fail reading the image file gracefully. - -Upstream-Status: Backport -CVE: CVE-2016-10167 - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_gd2.c | 14 ++++++-------- - 1 file changed, 6 insertions(+), 8 deletions(-) - -diff --git a/src/gd_gd2.c b/src/gd_gd2.c -index 8df93c1..bae65ea 100644 ---- a/src/gd_gd2.c -+++ b/src/gd_gd2.c -@@ -445,18 +445,16 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGd2Ctx (gdIOCtxPtr in) - - if (im->trueColor) { - if (!gdGetInt (&im->tpixels[y][x], in)) { -- /*printf("EOF while reading\n"); */ -- /*gdImageDestroy(im); */ -- /*return 0; */ -- im->tpixels[y][x] = 0; -+ gd_error("gd2: EOF while reading\n"); -+ gdImageDestroy(im); -+ return NULL; - } - } else { - int ch; - if (!gdGetByte (&ch, in)) { -- /*printf("EOF while reading\n"); */ -- /*gdImageDestroy(im); */ -- /*return 0; */ -- ch = 0; -+ gd_error("gd2: EOF while reading\n"); -+ gdImageDestroy(im); -+ return NULL; - } - im->pixels[y][x] = ch; - } --- -2.10.2 - |