From 75e80cba805e4554621cc6f64a009de55ade9df7 Mon Sep 17 00:00:00 2001 From: Brian Pepple Date: Jan 29 2008 20:06:18 +0000 Subject: - Add patch to fix ILBM image buffer overflow. (#430693) --- diff --git a/SDL_image-IMG_lbm.patch b/SDL_image-IMG_lbm.patch new file mode 100644 index 0000000..cc4a29b --- /dev/null +++ b/SDL_image-IMG_lbm.patch @@ -0,0 +1,28 @@ +--- trunk/SDL_image/IMG_lbm.c 2007/07/20 04:37:11 3341 ++++ trunk/SDL_image/IMG_lbm.c 2008/01/03 20:05:34 3521 +@@ -28,6 +28,7 @@ + EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain + (http://www.multimania.com/mavati) in December 2003. + Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004. ++ Buffer overflow fix in RLE decompression by David Raulo in January 2008. + */ + + #include +@@ -328,7 +329,7 @@ + count ^= 0xFF; + count += 2; /* now it */ + +- if ( !SDL_RWread( src, &color, 1, 1 ) ) ++ if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) ) + { + error="error reading BODY chunk"; + goto done; +@@ -339,7 +340,7 @@ + { + ++count; + +- if ( !SDL_RWread( src, ptr, count, 1 ) ) ++ if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) ) + { + error="error reading BODY chunk"; + goto done; diff --git a/SDL_image.spec b/SDL_image.spec index cc4f725..ce0f78e 100644 --- a/SDL_image.spec +++ b/SDL_image.spec @@ -1,6 +1,6 @@ Name: SDL_image Version: 1.2.6 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Image loading library for SDL Group: System Environment/Libraries @@ -8,6 +8,7 @@ License: LGPLv2+ URL: http://www.libsdl.org/projects/SDL_image/ Source0: http://www.libsdl.org/projects/%{name}/release/%{name}-%{version}.tar.gz Patch0: %{name}-buffer-overflow.patch +Patch1: %{name}-IMG_lbm.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: SDL-devel >= 1.2.10 @@ -38,6 +39,7 @@ developing applications that use %{name}. %prep %setup -q %patch0 -p2 -b .overflow +%patch1 -p2 -b .ilbm %build # XCF support is crashy in 1.2.4 @@ -83,8 +85,11 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Tue Jan 29 2008 Brian Pepple - 1.2.6-5 +- Add patch to fix ILBM image buffer overflow. (#430693) + * Thu Jan 24 2008 Brian Pepple - 1.2.6-4 -- Add patch to fix buffer-overflow. (#430239) +- Add patch to fix buffer-overflow. (#430100) * Tue Aug 21 2007 Brian Pepple - 1.2.6-3 - Rebuild.