diff options
Diffstat (limited to 'media-libs/libcaca/files/CVE-2018-20546+20547.patch')
-rw-r--r-- | media-libs/libcaca/files/CVE-2018-20546+20547.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/media-libs/libcaca/files/CVE-2018-20546+20547.patch b/media-libs/libcaca/files/CVE-2018-20546+20547.patch new file mode 100644 index 000000000000..95b072bfc398 --- /dev/null +++ b/media-libs/libcaca/files/CVE-2018-20546+20547.patch @@ -0,0 +1,36 @@ +From 02a09ec9e5ed8981e7a810bfb6a0172dc24f0790 Mon Sep 17 00:00:00 2001 +From: Sam Hocevar <sam@hocevar.net> +Date: Sun, 30 Dec 2018 13:18:27 +0100 +Subject: [PATCH] dither: fix integer multiplication overflow that caused + crashes. + +Fixes: #38 (CVE-2018-20546) +Fixes: #39 (CVE-2018-20547) +--- + caca/dither.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/caca/dither.c b/caca/dither.c +index c6ebab1b..b2e24e55 100644 +--- a/caca/dither.c ++++ b/caca/dither.c +@@ -6,8 +6,8 @@ + * This library is free software. It comes without any warranty, to + * the extent permitted by applicable law. You can redistribute it + * and/or modify it under the terms of the Do What the Fuck You Want +- * to Public License, Version 2, as published by Sam Hocevar. See +- * http://www.wtfpl.net/ for more details. ++ * to Public License, Version 2, as published by the WTFPL Task Force. ++ * See http://www.wtfpl.net/ for more details. + */ + + /* +@@ -116,7 +116,7 @@ enum color_mode + struct caca_dither + { + int bpp, has_palette, has_alpha; +- int w, h, pitch; ++ size_t w, h, pitch; + int rmask, gmask, bmask, amask; + int rright, gright, bright, aright; + int rleft, gleft, bleft, aleft; |