rpms / gimp

Clone
Source Code
GIT

Blame SOURCES/gimp-2.8.22-CVE-2017-17789.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-2.8 c8-containeronly-stream-flatpak c8-stream-2.8 c8s-stream-2.8 c9 c9-beta
  1.   c8-beta-stream-2.8
  2.   SOURCES
  3.   gimp-2.8.22-CVE-2017-17789.patch
Blob History Raw
f4b35e 
diff -urNp old/plug-ins/common/file-psp.c new/plug-ins/common/file-psp.c
f4b35e 
--- old/plug-ins/common/file-psp.c	2018-01-04 12:04:14.636811394 +0100
f4b35e 
+++ new/plug-ins/common/file-psp.c	2018-01-04 12:12:41.717877789 +0100
f4b35e 
@@ -1777,6 +1777,15 @@ load_image (const gchar  *filename,
f4b35e 
     {
f4b35e 
       block_start = ftell (f);
f4b35e
f4b35e 
+      if (block_start + block_total_len > st.st_size)
f4b35e 
+        {
f4b35e 
+          g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
f4b35e 
+                       _("Could not open '%s' for reading: %s"),
f4b35e 
+                       gimp_filename_to_utf8 (filename),
f4b35e 
+                       _("invalid block size"));
f4b35e 
+          goto error;
f4b35e 
+        }
f4b35e 
+
f4b35e 
       if (id == PSP_IMAGE_BLOCK)
f4b35e 
         {
f4b35e 
           if (block_number != 0)

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation