Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch')
-rw-r--r--media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch17
1 files changed, 17 insertions, 0 deletions
diff --git a/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch b/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch
new file mode 100644
index 000000000000..6c9f2db1d270
--- /dev/null
+++ b/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch
@@ -0,0 +1,17 @@
+http://bugs.gentoo.org/297760
+
+--- src-IL/src/il_dicom.c
++++ src-IL/src/il_dicom.c
+@@ -427,9 +427,11 @@ ILboolean GetUID(ILubyte *UID)
+ return IL_FALSE;
+
+ ValLen = GetLittleUShort();
++ if (ValLen > 64)
++ return IL_FALSE;
+ if (iread(UID, ValLen, 1) != 1)
+ return IL_FALSE;
+- UID[64] = 0; // Just to make sure that our string is terminated.
++ UID[ValLen] = 0; // Just to make sure that our string is terminated.
+
+ return IL_TRUE;
+ }