[arch-commits] Commit in colord/repos/extra-x86_64 (5 files)
Date: Saturday, March 17, 2018 @ 20:02:52 Author: heftig Revision: 319561 archrelease: copy trunk to extra-x86_64 Added: colord/repos/extra-x86_64/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch (from rev 319560, colord/trunk/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch) colord/repos/extra-x86_64/PKGBUILD (from rev 319560, colord/trunk/PKGBUILD) Deleted: colord/repos/extra-x86_64/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch colord/repos/extra-x86_64/0002-Avoid-buffer-overflow-when-reading-profile_id.patch colord/repos/extra-x86_64/PKGBUILD --+ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch| 142 ++--- 0002-Avoid-buffer-overflow-when-reading-profile_id.patch | 62 - PKGBUILD | 117 +- 3 files changed, 125 insertions(+), 196 deletions(-) Deleted: 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch === --- 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 2018-03-17 19:54:55 UTC (rev 319560) +++ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 2018-03-17 20:02:52 UTC (rev 319561) @@ -1,74 +0,0 @@ -From 264981ddfd1984b25c629d8e3ef6cf25c70cc61a Mon Sep 17 00:00:00 2001 -Message-Id: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> -From: "Jan Alexander Steffens (heftig)"-Date: Sat, 16 Dec 2017 04:18:01 +0100 -Subject: [PATCH 1/2] Make cd_color_get_blackbody_rgb_full safer - -Validate arguments. If temp is divisible by 100, avoid interpolation -because it accesses beyond the data for temp == 1. - lib/colord/cd-color.c | 22 ++ - 1 file changed, 14 insertions(+), 8 deletions(-) - -diff --git a/lib/colord/cd-color.c b/lib/colord/cd-color.c -index 6062595187616846..3907a7349c1351ba 100644 a/lib/colord/cd-color.c -+++ b/lib/colord/cd-color.c -@@ -29,6 +29,7 @@ - #include "config.h" - - #include -+#include - #include - #include - -@@ -1444,33 +1445,38 @@ cd_color_get_blackbody_rgb_full (gdouble temp, -CdColorBlackbodyFlags flags) - { - gboolean ret = TRUE; -- gdouble alpha; -- gint temp_index; -+ div_t temp_int; - const CdColorRGB *blackbody_func = blackbody_data_d65modified; - -+ g_return_val_if_fail (!isnan (temp), FALSE); -+ g_return_val_if_fail (result != NULL, FALSE); -+ - /* use modified curve */ - if (flags & CD_COLOR_BLACKBODY_FLAG_USE_PLANCKIAN) - blackbody_func = blackbody_data_d65plankian; - - /* check lower bound */ - if (temp < 1000) { - ret = FALSE; - temp = 1000; - } - - /* check upper bound */ - if (temp > 1) { - ret = FALSE; - temp = 1; - } - - /* bilinear interpolate the blackbody data */ -- alpha = ((guint) temp % 100) / 100.0; -- temp_index = ((guint) temp - 1000) / 100; -- cd_color_rgb_interpolate (_func[temp_index], --_func[temp_index + 1], --alpha, --result); -+ temp_int = div (temp, 100); -+ if (temp_int.rem == 0) -+ *result = blackbody_func[temp_int.quot - 10]; -+ else -+ cd_color_rgb_interpolate (_func[temp_int.quot - 10], -+_func[temp_int.quot - 9], -+temp_int.rem / 100.0, -+result); -+ - return ret; - } - --- -2.15.1 - Copied: colord/repos/extra-x86_64/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch (from rev 319560, colord/trunk/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch) === --- 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch (rev 0) +++ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 2018-03-17 20:02:52 UTC (rev 319561) @@ -0,0 +1,68 @@ +From 6d7a6ae89bd12640e863a10fc88b6678f9dc9477 Mon Sep 17 00:00:00 2001 +Message-Id: <6d7a6ae89bd12640e863a10fc88b6678f9dc9477.1513518702.git.jan.steff...@gmail.com> +From: "Jan Alexander Steffens (heftig)" +Date: Sat, 16 Dec 2017 04:18:01 +0100 +Subject: [PATCH] Make cd_color_get_blackbody_rgb_full safer + +Validate arguments. If temp is divisible by 100, avoid interpolation +because it accesses beyond the data for temp == 1. +--- + lib/colord/cd-color.c | 23 +++ + 1 file changed, 15 insertions(+), 8 deletions(-) + +diff --git a/lib/colord/cd-color.c b/lib/colord/cd-color.c +index 6062595187616846..9960e7ecd247a289 100644 +--- a/lib/colord/cd-color.c b/lib/colord/cd-color.c +@@ -1444,33 +1444,40 @@
[arch-commits] Commit in colord/repos/extra-x86_64 (5 files)
Date: Saturday, December 16, 2017 @ 19:51:07 Author: heftig Revision: 312974 archrelease: copy trunk to extra-x86_64 Added: colord/repos/extra-x86_64/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch (from rev 312973, colord/trunk/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch) colord/repos/extra-x86_64/0002-Avoid-buffer-overflow-when-reading-profile_id.patch (from rev 312973, colord/trunk/0002-Avoid-buffer-overflow-when-reading-profile_id.patch) colord/repos/extra-x86_64/PKGBUILD (from rev 312973, colord/trunk/PKGBUILD) Deleted: colord/repos/extra-x86_64/PKGBUILD colord/repos/extra-x86_64/colord.install --+ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch| 74 0002-Avoid-buffer-overflow-when-reading-profile_id.patch | 62 ++ PKGBUILD | 119 ++--- colord.install |8 4 files changed, 196 insertions(+), 67 deletions(-) Copied: colord/repos/extra-x86_64/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch (from rev 312973, colord/trunk/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch) === --- 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch (rev 0) +++ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 2017-12-16 19:51:07 UTC (rev 312974) @@ -0,0 +1,74 @@ +From 264981ddfd1984b25c629d8e3ef6cf25c70cc61a Mon Sep 17 00:00:00 2001 +Message-Id: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> +From: "Jan Alexander Steffens (heftig)"+Date: Sat, 16 Dec 2017 04:18:01 +0100 +Subject: [PATCH 1/2] Make cd_color_get_blackbody_rgb_full safer + +Validate arguments. If temp is divisible by 100, avoid interpolation +because it accesses beyond the data for temp == 1. +--- + lib/colord/cd-color.c | 22 ++ + 1 file changed, 14 insertions(+), 8 deletions(-) + +diff --git a/lib/colord/cd-color.c b/lib/colord/cd-color.c +index 6062595187616846..3907a7349c1351ba 100644 +--- a/lib/colord/cd-color.c b/lib/colord/cd-color.c +@@ -29,6 +29,7 @@ + #include "config.h" + + #include ++#include + #include + #include + +@@ -1444,33 +1445,38 @@ cd_color_get_blackbody_rgb_full (gdouble temp, +CdColorBlackbodyFlags flags) + { + gboolean ret = TRUE; +- gdouble alpha; +- gint temp_index; ++ div_t temp_int; + const CdColorRGB *blackbody_func = blackbody_data_d65modified; + ++ g_return_val_if_fail (!isnan (temp), FALSE); ++ g_return_val_if_fail (result != NULL, FALSE); ++ + /* use modified curve */ + if (flags & CD_COLOR_BLACKBODY_FLAG_USE_PLANCKIAN) + blackbody_func = blackbody_data_d65plankian; + + /* check lower bound */ + if (temp < 1000) { + ret = FALSE; + temp = 1000; + } + + /* check upper bound */ + if (temp > 1) { + ret = FALSE; + temp = 1; + } + + /* bilinear interpolate the blackbody data */ +- alpha = ((guint) temp % 100) / 100.0; +- temp_index = ((guint) temp - 1000) / 100; +- cd_color_rgb_interpolate (_func[temp_index], +-_func[temp_index + 1], +-alpha, +-result); ++ temp_int = div (temp, 100); ++ if (temp_int.rem == 0) ++ *result = blackbody_func[temp_int.quot - 10]; ++ else ++ cd_color_rgb_interpolate (_func[temp_int.quot - 10], ++_func[temp_int.quot - 9], ++temp_int.rem / 100.0, ++result); ++ + return ret; + } + +-- +2.15.1 + Copied: colord/repos/extra-x86_64/0002-Avoid-buffer-overflow-when-reading-profile_id.patch (from rev 312973, colord/trunk/0002-Avoid-buffer-overflow-when-reading-profile_id.patch) === --- 0002-Avoid-buffer-overflow-when-reading-profile_id.patch (rev 0) +++ 0002-Avoid-buffer-overflow-when-reading-profile_id.patch2017-12-16 19:51:07 UTC (rev 312974) @@ -0,0 +1,62 @@ +From 1b9d7f1c7e32c831157868b536bfaf4ce436c1ee Mon Sep 17 00:00:00 2001 +Message-Id: <1b9d7f1c7e32c831157868b536bfaf4ce436c1ee.1513453349.git.jan.steff...@gmail.com> +In-Reply-To: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> +References: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> +From: "Jan Alexander Steffens (heftig)" +Date: Sat, 16 Dec 2017 20:40:51 +0100 +Subject: [PATCH 2/2] Avoid buffer overflow when reading profile_id + +The profile