Hello community, here is the log from the commit of package gdk-pixbuf for openSUSE:Factory checked in at 2020-07-28 17:24:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gdk-pixbuf (Old) and /work/SRC/openSUSE:Factory/.gdk-pixbuf.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gdk-pixbuf" Tue Jul 28 17:24:27 2020 rev:79 rq:822966 version:2.40.0 Changes: -------- --- /work/SRC/openSUSE:Factory/gdk-pixbuf/gdk-pixbuf.changes 2020-02-29 21:21:09.894118774 +0100 +++ /work/SRC/openSUSE:Factory/.gdk-pixbuf.new.3592/gdk-pixbuf.changes 2020-07-28 17:25:04.273886551 +0200 @@ -1,0 +2,7 @@ +Mon Jul 27 06:56:15 UTC 2020 - Jia Zhaocong <zc...@suse.com> + +- Add gdk-pixbuf-boo1174307-io-gif-overflow.patch: Avoid overflows + by checking the memset length argument (boo#1174307). +- Raise dependency glib-2.0 version. + +------------------------------------------------------------------- New: ---- gdk-pixbuf-boo1174307-io-gif-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gdk-pixbuf.spec ++++++ --- /var/tmp/diff_new_pack.ebrKz2/_old 2020-07-28 17:25:05.861888353 +0200 +++ /var/tmp/diff_new_pack.ebrKz2/_new 2020-07-28 17:25:05.865888357 +0200 @@ -37,6 +37,9 @@ Source3: gdk-pixbuf-rpmlintrc Source99: baselibs.conf +# PATCH-FIX-UPSTREAM gdk-pixbuf-boo1174307-io-gif-overflow.patch boo#1174307 glgo#GNOME/gdk-pixbuf#132 zc...@suse.com -- Avoid overflows by checking the memset length argument +Patch0: gdk-pixbuf-boo1174307-io-gif-overflow.patch + BuildRequires: docbook-xsl-stylesheets BuildRequires: gtk-doc BuildRequires: libjpeg-devel @@ -46,7 +49,7 @@ BuildRequires: translation-update-upstream BuildRequires: unzip BuildRequires: xsltproc -BuildRequires: pkgconfig(glib-2.0) >= 2.48.0 +BuildRequires: pkgconfig(glib-2.0) >= 2.56.0 BuildRequires: pkgconfig(gobject-introspection-1.0) BuildRequires: pkgconfig(libpng) BuildRequires: pkgconfig(x11) @@ -135,6 +138,7 @@ %setup -c -T -q unzip -P gecko %{SOURCE0} translation-update-upstream +%patch0 -p1 %if "%{_lib}" == "lib64" cp -a %{SOURCE2} . %endif ++++++ gdk-pixbuf-boo1174307-io-gif-overflow.patch ++++++ >From 43ec8f286e3d499d82735c16bbca83d7a1c03efa Mon Sep 17 00:00:00 2001 From: Emmanuele Bassi <eba...@gnome.org> Date: Wed, 1 Apr 2020 18:11:55 +0100 Subject: [PATCH] Check the memset length argument Avoid overflows by using the checked multiplication macro for gsize. Fixes: #132 --- gdk-pixbuf/io-gif-animation.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/gdk-pixbuf/io-gif-animation.c b/gdk-pixbuf/io-gif-animation.c index a3155e065..d74296337 100644 --- a/gdk-pixbuf/io-gif-animation.c +++ b/gdk-pixbuf/io-gif-animation.c @@ -411,11 +411,15 @@ gdk_pixbuf_gif_anim_iter_get_pixbuf (GdkPixbufAnimationIter *anim_iter) /* If no rendered frame, render the first frame */ if (anim->last_frame == NULL) { + gsize len = 0; if (anim->last_frame_data == NULL) anim->last_frame_data = gdk_pixbuf_new (GDK_COLORSPACE_RGB, TRUE, 8, anim->width, anim->height); if (anim->last_frame_data == NULL) return NULL; - memset (gdk_pixbuf_get_pixels (anim->last_frame_data), 0, gdk_pixbuf_get_rowstride (anim->last_frame_data) * anim->height); + if (g_size_checked_mul (&len, gdk_pixbuf_get_rowstride (anim->last_frame_data), anim->height)) + memset (gdk_pixbuf_get_pixels (anim->last_frame_data), 0, len); + else + return NULL; composite_frame (anim, g_list_nth_data (anim->frames, 0)); } -- GitLab