diff options
author | Olivier Crête <tester@gentoo.org> | 2009-06-06 21:18:46 +0000 |
---|---|---|
committer | Olivier Crête <tester@gentoo.org> | 2009-06-06 21:18:46 +0000 |
commit | aec057f588841461c089c9fa663acc332ba87b3b (patch) | |
tree | 6efc23ed42b10c9f1316356e1c7e3b69cb6591ec /media-libs | |
parent | Add warning about .la files removal and fix. (diff) | |
download | gentoo-2-aec057f588841461c089c9fa663acc332ba87b3b.tar.gz gentoo-2-aec057f588841461c089c9fa663acc332ba87b3b.tar.bz2 gentoo-2-aec057f588841461c089c9fa663acc332ba87b3b.zip |
Add patch for pngdec bug, CVE-2009-1932, bug #272972
(Portage version: 2.1.6.11/cvs/Linux i686)
Diffstat (limited to 'media-libs')
3 files changed, 140 insertions, 1 deletions
diff --git a/media-libs/gst-plugins-good/ChangeLog b/media-libs/gst-plugins-good/ChangeLog index ecc4cc255d67..3512daf02513 100644 --- a/media-libs/gst-plugins-good/ChangeLog +++ b/media-libs/gst-plugins-good/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for media-libs/gst-plugins-good # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/gst-plugins-good/ChangeLog,v 1.66 2009/05/23 03:35:45 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/gst-plugins-good/ChangeLog,v 1.67 2009/06/06 21:18:46 tester Exp $ + +*gst-plugins-good-0.10.14-r1 (06 Jun 2009) + + 06 Jun 2009; Olivier Crête <tester@gentoo.org> + +files/gst-plugins-good-0.10.15-CVE-2009-1932.patch, + +gst-plugins-good-0.10.14-r1.ebuild: + Add patch for pngdec bug, CVE-2009-1932, bug #272972 23 May 2009; Jeroen Roovers <jer@gentoo.org> gst-plugins-good-0.10.14.ebuild: diff --git a/media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch b/media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch new file mode 100644 index 000000000000..e07289bc0fd0 --- /dev/null +++ b/media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch @@ -0,0 +1,63 @@ +From d9544bcc44adcef769cbdf7f6453e140058a3adc Mon Sep 17 00:00:00 2001 +From: Jan Schmidt <thaytan@noraisin.net> +Date: Wed, 27 May 2009 16:06:34 +0000 +Subject: pngdec: Avoid possible overflow in calculations + +A malformed (or simply huge) PNG file can lead to integer overflow in +calculating the size of the output buffer, leading to crashes or buffer +overflows later. Fixes SA35205 security advisory. +--- +diff --git a/ext/libpng/gstpngdec.c b/ext/libpng/gstpngdec.c +index 524b468..dde459d 100644 +--- a/ext/libpng/gstpngdec.c ++++ b/ext/libpng/gstpngdec.c +@@ -201,7 +201,14 @@ user_info_callback (png_structp png_ptr, png_infop info) + + /* Allocate output buffer */ + pngdec->rowbytes = png_get_rowbytes (pngdec->png, pngdec->info); +- buffer_size = pngdec->height * GST_ROUND_UP_4 (pngdec->rowbytes); ++ if (pngdec->rowbytes > (G_MAXUINT32 - 3) ++ || pngdec->height > G_MAXUINT32 / pngdec->rowbytes) { ++ ret = GST_FLOW_ERROR; ++ goto beach; ++ } ++ pngdec->rowbytes = GST_ROUND_UP_4 (pngdec->rowbytes); ++ buffer_size = pngdec->height * pngdec->rowbytes; ++ + ret = + gst_pad_alloc_buffer_and_set_caps (pngdec->srcpad, GST_BUFFER_OFFSET_NONE, + buffer_size, GST_PAD_CAPS (pngdec->srcpad), &buffer); +@@ -228,7 +235,7 @@ user_endrow_callback (png_structp png_ptr, png_bytep new_row, + /* If buffer_out doesn't exist, it means buffer_alloc failed, which + * will already have set the return code */ + if (GST_IS_BUFFER (pngdec->buffer_out)) { +- size_t offset = row_num * GST_ROUND_UP_4 (pngdec->rowbytes); ++ size_t offset = row_num * pngdec->rowbytes; + + GST_LOG ("got row %u, copying in buffer %p at offset %" G_GSIZE_FORMAT, + (guint) row_num, pngdec->buffer_out, offset); +@@ -496,7 +503,12 @@ gst_pngdec_task (GstPad * pad) + + /* Allocate output buffer */ + rowbytes = png_get_rowbytes (pngdec->png, pngdec->info); +- buffer_size = pngdec->height * GST_ROUND_UP_4 (rowbytes); ++ if (rowbytes > (G_MAXUINT32 - 3) || pngdec->height > G_MAXUINT32 / rowbytes) { ++ ret = GST_FLOW_ERROR; ++ goto pause; ++ } ++ rowbytes = GST_ROUND_UP_4 (rowbytes); ++ buffer_size = pngdec->height * rowbytes; + ret = + gst_pad_alloc_buffer_and_set_caps (pngdec->srcpad, GST_BUFFER_OFFSET_NONE, + buffer_size, GST_PAD_CAPS (pngdec->srcpad), &buffer); +@@ -509,7 +521,7 @@ gst_pngdec_task (GstPad * pad) + + for (i = 0; i < pngdec->height; i++) { + rows[i] = inp; +- inp += GST_ROUND_UP_4 (rowbytes); ++ inp += rowbytes; + } + + /* Read the actual picture */ +-- +cgit v0.8.2 diff --git a/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild b/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild new file mode 100644 index 000000000000..054d561d2be4 --- /dev/null +++ b/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild,v 1.1 2009/06/06 21:18:46 tester Exp $ + +# order is important, gnome2 after gst-plugins +inherit gst-plugins-good gst-plugins10 gnome2 eutils flag-o-matic libtool + +DESCRIPTION="Basepack of plugins for gstreamer" +HOMEPAGE="http://gstreamer.net/" +SRC_URI="http://gstreamer.freedesktop.org/src/${PN}/${P}.tar.bz2" + +LICENSE="LGPL-2.1" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="" + +RDEPEND=">=media-libs/gst-plugins-base-0.10.22 + >=media-libs/gstreamer-0.10.22 + >=dev-libs/liboil-0.3.14" +DEPEND="${RDEPEND} + >=sys-devel/gettext-0.11.5 + dev-util/pkgconfig + !<media-libs/gst-plugins-bad-0.10.10" + +# overrides the eclass +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}/gst-plugins-good-0.10.15-CVE-2009-1932.patch" + + # Required for FreeBSD sane .so versioning + elibtoolize +} + +src_compile() { + # gst doesnt handle optimisations well + strip-flags + replace-flags "-O3" "-O2" + filter-flags "-fprefetch-loop-arrays" # see bug 22249 + + gst-plugins-good_src_configure \ + --with-default-audiosink=autoaudiosink \ + --with-default-visualizer=goom + + emake || die "emake failed." +} + +# override eclass +src_install() { + gnome2_src_install +} + +DOCS="AUTHORS README RELEASE" + +pkg_postinst () { + gnome2_pkg_postinst + + echo + elog "The Gstreamer plugins setup has changed quite a bit on Gentoo," + elog "applications now should provide the basic plugins needed." + echo + elog "The new seperate plugins are all named 'gst-plugins-<plugin>'." + elog "To get a listing of currently available plugins execute 'emerge -s gst-plugins-'." + elog "In most cases it shouldn't be needed though to emerge extra plugins." +} + +pkg_postrm() { + gnome2_pkg_postrm +} |