Your message dated Tue, 17 Oct 2006 20:52:49 +0200 with message-id <[EMAIL PROTECTED]> and subject line reporter and fixer has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: dvdauthor Version: 0.6.11-1 Severity: normal Tags: patch spumux doesn't validate button coordinates read from an XML file, and will happily read beyond the bounds of the image bitmaps if they are out of range. The following patch adds appropriate validation. --- dvdauthor-0.6.11/src/subgen-image.c 2005-02-01 02:26:22.000000000 +0000 +++ dvdauthor-0.6.11.new/src/subgen-image.c 2005-08-03 23:48:23.718731801 +0100 @@ -361,12 +361,25 @@ gs=malloc(ng*sizeof(palgroup)); memset(gs,0,ng*sizeof(palgroup)); + assert(!useimg || s->xd <= s->img.width); + assert(s->xd <= s->hlt.width); + assert(s->xd <= s->sel.width); + // fprintf(stderr,"attempt %d groups, %d useimg\n",ng,useimg); // find unique colors per button for( i=0; i<s->numbuttons; i++ ) { button *b=&s->buttons[i]; palgroup *bp=&bpgs[i]; + if( b->r.x0<0 || b->r.x0>b->r.x1 || b->r.x1>=s->xd + || b->r.y0<0 || b->r.y0>b->r.y1 || b->r.y1>=s->yd ) + { + if (debug > -1) + fprintf(stderr, + "ERR: Button coordinates out of range: (%d,%d)-(%d,%d)\n", + b->r.x0, b->r.y0, b->r.x1, b->r.y1); + exit(1); + } for( y=b->r.y0; y<b->r.y1; y++ ) for( x=b->r.x0; x<b->r.x1; x++ ) if( !checkcolor(bp,gettricolor(s,y*s->xd+x,useimg)) ) -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (990, 'testing'), (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Versions of packages dvdauthor depends on: ii libbz2-1.0 1.0.2-7 high-quality block-sorting file co ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libdps1 4.3.0.dfsg.1-14 Display PostScript (DPS) client li ii libdvdread3 0.9.4-5 Simple foundation for reading DVDs ii libfreetype6 2.1.7-2.4 FreeType 2 font engine, shared lib ii libfribidi0 0.10.4-6 Free Implementation of the Unicode ii libice6 4.3.0.dfsg.1-14 Inter-Client Exchange library ii libjasper-1.701-1 1.701.0-2 The JasPer JPEG-2000 runtime libra ii libjpeg62 6b-10 The Independent JPEG Group's JPEG ii liblcms1 1.13-1 Color management library ii libmagick6 6:6.0.6.2-2.4 Image manipulation library ii libpng12-0 1.2.8rel-1 PNG library - runtime ii libsm6 4.3.0.dfsg.1-14 X Window System Session Management ii libtiff4 3.7.2-3 Tag Image File Format (TIFF) libra ii libx11-6 4.3.0.dfsg.1-14 X Window System protocol client li ii libxext6 4.3.0.dfsg.1-14 X Window System miscellaneous exte ii libxml2 2.6.16-7 GNOME XML library ii libxt6 4.3.0.dfsg.1-14 X Toolkit Intrinsics ii xlibs 4.3.0.dfsg.1-14 X Keyboard Extension (XKB) configu ii zlib1g 1:1.2.2-4 compression library - runtime -- no debconf information
--- End Message ---
--- Begin Message ---Ben reported and provided a patch for this. tnx! -- greetz, marc I'm Rygel the Sixteenth, dominar to over six hundred billion people. I don't need to talk to you. Rygel - Premiere scorpius.homelinux.org 2.6.17 #2 Sun Sep 17 14:04:26 CEST 2006 GNU/Linux
signature.asc
Description: Digital signature
--- End Message ---
