summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOlivier Crête <tester@gentoo.org>2009-06-06 21:18:46 +0000
committerOlivier Crête <tester@gentoo.org>2009-06-06 21:18:46 +0000
commitaec057f588841461c089c9fa663acc332ba87b3b (patch)
tree6efc23ed42b10c9f1316356e1c7e3b69cb6591ec /media-libs
parentAdd warning about .la files removal and fix. (diff)
downloadgentoo-2-aec057f588841461c089c9fa663acc332ba87b3b.tar.gz
gentoo-2-aec057f588841461c089c9fa663acc332ba87b3b.tar.bz2
gentoo-2-aec057f588841461c089c9fa663acc332ba87b3b.zip
Add patch for pngdec bug, CVE-2009-1932, bug #272972
(Portage version: 2.1.6.11/cvs/Linux i686)
Diffstat (limited to 'media-libs')
-rw-r--r--media-libs/gst-plugins-good/ChangeLog9
-rw-r--r--media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch63
-rw-r--r--media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild69
3 files changed, 140 insertions, 1 deletions
diff --git a/media-libs/gst-plugins-good/ChangeLog b/media-libs/gst-plugins-good/ChangeLog
index ecc4cc255d67..3512daf02513 100644
--- a/media-libs/gst-plugins-good/ChangeLog
+++ b/media-libs/gst-plugins-good/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for media-libs/gst-plugins-good
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/gst-plugins-good/ChangeLog,v 1.66 2009/05/23 03:35:45 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/gst-plugins-good/ChangeLog,v 1.67 2009/06/06 21:18:46 tester Exp $
+
+*gst-plugins-good-0.10.14-r1 (06 Jun 2009)
+
+ 06 Jun 2009; Olivier Crête <tester@gentoo.org>
+ +files/gst-plugins-good-0.10.15-CVE-2009-1932.patch,
+ +gst-plugins-good-0.10.14-r1.ebuild:
+ Add patch for pngdec bug, CVE-2009-1932, bug #272972
23 May 2009; Jeroen Roovers <jer@gentoo.org>
gst-plugins-good-0.10.14.ebuild:
diff --git a/media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch b/media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch
new file mode 100644
index 000000000000..e07289bc0fd0
--- /dev/null
+++ b/media-libs/gst-plugins-good/files/gst-plugins-good-0.10.15-CVE-2009-1932.patch
@@ -0,0 +1,63 @@
+From d9544bcc44adcef769cbdf7f6453e140058a3adc Mon Sep 17 00:00:00 2001
+From: Jan Schmidt <thaytan@noraisin.net>
+Date: Wed, 27 May 2009 16:06:34 +0000
+Subject: pngdec: Avoid possible overflow in calculations
+
+A malformed (or simply huge) PNG file can lead to integer overflow in
+calculating the size of the output buffer, leading to crashes or buffer
+overflows later. Fixes SA35205 security advisory.
+---
+diff --git a/ext/libpng/gstpngdec.c b/ext/libpng/gstpngdec.c
+index 524b468..dde459d 100644
+--- a/ext/libpng/gstpngdec.c
++++ b/ext/libpng/gstpngdec.c
+@@ -201,7 +201,14 @@ user_info_callback (png_structp png_ptr, png_infop info)
+
+ /* Allocate output buffer */
+ pngdec->rowbytes = png_get_rowbytes (pngdec->png, pngdec->info);
+- buffer_size = pngdec->height * GST_ROUND_UP_4 (pngdec->rowbytes);
++ if (pngdec->rowbytes > (G_MAXUINT32 - 3)
++ || pngdec->height > G_MAXUINT32 / pngdec->rowbytes) {
++ ret = GST_FLOW_ERROR;
++ goto beach;
++ }
++ pngdec->rowbytes = GST_ROUND_UP_4 (pngdec->rowbytes);
++ buffer_size = pngdec->height * pngdec->rowbytes;
++
+ ret =
+ gst_pad_alloc_buffer_and_set_caps (pngdec->srcpad, GST_BUFFER_OFFSET_NONE,
+ buffer_size, GST_PAD_CAPS (pngdec->srcpad), &buffer);
+@@ -228,7 +235,7 @@ user_endrow_callback (png_structp png_ptr, png_bytep new_row,
+ /* If buffer_out doesn't exist, it means buffer_alloc failed, which
+ * will already have set the return code */
+ if (GST_IS_BUFFER (pngdec->buffer_out)) {
+- size_t offset = row_num * GST_ROUND_UP_4 (pngdec->rowbytes);
++ size_t offset = row_num * pngdec->rowbytes;
+
+ GST_LOG ("got row %u, copying in buffer %p at offset %" G_GSIZE_FORMAT,
+ (guint) row_num, pngdec->buffer_out, offset);
+@@ -496,7 +503,12 @@ gst_pngdec_task (GstPad * pad)
+
+ /* Allocate output buffer */
+ rowbytes = png_get_rowbytes (pngdec->png, pngdec->info);
+- buffer_size = pngdec->height * GST_ROUND_UP_4 (rowbytes);
++ if (rowbytes > (G_MAXUINT32 - 3) || pngdec->height > G_MAXUINT32 / rowbytes) {
++ ret = GST_FLOW_ERROR;
++ goto pause;
++ }
++ rowbytes = GST_ROUND_UP_4 (rowbytes);
++ buffer_size = pngdec->height * rowbytes;
+ ret =
+ gst_pad_alloc_buffer_and_set_caps (pngdec->srcpad, GST_BUFFER_OFFSET_NONE,
+ buffer_size, GST_PAD_CAPS (pngdec->srcpad), &buffer);
+@@ -509,7 +521,7 @@ gst_pngdec_task (GstPad * pad)
+
+ for (i = 0; i < pngdec->height; i++) {
+ rows[i] = inp;
+- inp += GST_ROUND_UP_4 (rowbytes);
++ inp += rowbytes;
+ }
+
+ /* Read the actual picture */
+--
+cgit v0.8.2
diff --git a/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild b/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild
new file mode 100644
index 000000000000..054d561d2be4
--- /dev/null
+++ b/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/gst-plugins-good/gst-plugins-good-0.10.14-r1.ebuild,v 1.1 2009/06/06 21:18:46 tester Exp $
+
+# order is important, gnome2 after gst-plugins
+inherit gst-plugins-good gst-plugins10 gnome2 eutils flag-o-matic libtool
+
+DESCRIPTION="Basepack of plugins for gstreamer"
+HOMEPAGE="http://gstreamer.net/"
+SRC_URI="http://gstreamer.freedesktop.org/src/${PN}/${P}.tar.bz2"
+
+LICENSE="LGPL-2.1"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE=""
+
+RDEPEND=">=media-libs/gst-plugins-base-0.10.22
+ >=media-libs/gstreamer-0.10.22
+ >=dev-libs/liboil-0.3.14"
+DEPEND="${RDEPEND}
+ >=sys-devel/gettext-0.11.5
+ dev-util/pkgconfig
+ !<media-libs/gst-plugins-bad-0.10.10"
+
+# overrides the eclass
+src_unpack() {
+ unpack ${A}
+
+ cd "${S}"
+ epatch "${FILESDIR}/gst-plugins-good-0.10.15-CVE-2009-1932.patch"
+
+ # Required for FreeBSD sane .so versioning
+ elibtoolize
+}
+
+src_compile() {
+ # gst doesnt handle optimisations well
+ strip-flags
+ replace-flags "-O3" "-O2"
+ filter-flags "-fprefetch-loop-arrays" # see bug 22249
+
+ gst-plugins-good_src_configure \
+ --with-default-audiosink=autoaudiosink \
+ --with-default-visualizer=goom
+
+ emake || die "emake failed."
+}
+
+# override eclass
+src_install() {
+ gnome2_src_install
+}
+
+DOCS="AUTHORS README RELEASE"
+
+pkg_postinst () {
+ gnome2_pkg_postinst
+
+ echo
+ elog "The Gstreamer plugins setup has changed quite a bit on Gentoo,"
+ elog "applications now should provide the basic plugins needed."
+ echo
+ elog "The new seperate plugins are all named 'gst-plugins-<plugin>'."
+ elog "To get a listing of currently available plugins execute 'emerge -s gst-plugins-'."
+ elog "In most cases it shouldn't be needed though to emerge extra plugins."
+}
+
+pkg_postrm() {
+ gnome2_pkg_postrm
+}