rpms / exempi

Clone
Source Code
GIT

Blame CVE-2018-12648.patch

c4 c5 c5-plus c6 c6-plus c7 c8-beta f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 fc6 master
  1.   436502030a502561b540c037c27a1c3b1a8816f0
  2.   CVE-2018-12648.patch
Blob History Raw
Nikola Forró 436502 
From 487f4136013d9fa3351b863e5f861463a1cbddcf Mon Sep 17 00:00:00 2001
Nikola Forró 436502 
From: Victor Rodriguez <victor.rodriguez.bahena@intel.com>
Nikola Forró 436502 
Date: Sat, 18 Aug 2018 13:54:55 +0000
Nikola Forró 436502 
Subject: [PATCH] Issue #9 - Fix null-pointer-dereference (CVE-2018-12648)
Nikola Forró 436502 
MIME-Version: 1.0
Nikola Forró 436502 
Content-Type: text/plain; charset=UTF-8
Nikola Forró 436502 
Content-Transfer-Encoding: 8bit
Nikola Forró 436502
Nikola Forró 436502 
The WEBP::GetLE32 function in
Nikola Forró 436502 
XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a
Nikola Forró 436502 
NULL pointer dereference.
Nikola Forró 436502
Nikola Forró 436502 
https://bugs.freedesktop.org/show_bug.cgi?id=106981
Nikola Forró 436502 
https://gitlab.freedesktop.org/libopenraw/exempi/issues/9
Nikola Forró 436502
Nikola Forró 436502 
Signed-off-by: Victor Rodriguez <victor.rodriguez.bahena@intel.com>
Nikola Forró 436502 
Signed-off-by: Hubert Figuière <hub@figuiere.net>
Nikola Forró 436502 
---
Nikola Forró 436502 
 XMPFiles/source/FormatSupport/WEBP_Support.cpp | 8 +++++---
Nikola Forró 436502 
 1 file changed, 5 insertions(+), 3 deletions(-)
Nikola Forró 436502
Nikola Forró 436502 
diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp
Nikola Forró 436502 
index ffaf220..4fe705b 100644
Nikola Forró 436502 
--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp
Nikola Forró 436502 
+++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp
Nikola Forró 436502 
@@ -160,9 +160,11 @@ bool VP8XChunk::xmp()
Nikola Forró 436502 
 }
Nikola Forró 436502 
 void VP8XChunk::xmp(bool hasXMP)
Nikola Forró 436502 
 {
Nikola Forró 436502 
-    XMP_Uns32 flags = GetLE32(&this->data[0]);
Nikola Forró 436502 
-    flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT);
Nikola Forró 436502 
-    PutLE32(&this->data[0], flags);
Nikola Forró 436502 
+    if (&this->data[0] != NULL) {
Nikola Forró 436502 
+        XMP_Uns32 flags = GetLE32(&this->data[0]);
Nikola Forró 436502 
+        flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT);
Nikola Forró 436502 
+        PutLE32(&this->data[0], flags);
Nikola Forró 436502 
+    }
Nikola Forró 436502 
 }
Nikola Forró 436502
Nikola Forró 436502 
 Container::Container(WEBP_MetaHandler* handler) : Chunk(NULL, handler)
Nikola Forró 436502 
--
Nikola Forró 436502 
2.17.1
Nikola Forró 436502

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation