diff options
Diffstat (limited to 'gnu/packages/patches/libgxps-CVE-2017-11590.patch')
-rw-r--r-- | gnu/packages/patches/libgxps-CVE-2017-11590.patch | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/gnu/packages/patches/libgxps-CVE-2017-11590.patch b/gnu/packages/patches/libgxps-CVE-2017-11590.patch new file mode 100644 index 0000000000..9caa79b6f0 --- /dev/null +++ b/gnu/packages/patches/libgxps-CVE-2017-11590.patch @@ -0,0 +1,48 @@ +Fix CVE-2017-11590: + +https://bugzilla.gnome.org/show_bug.cgi?id=785479 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11590 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/libgxps/commit/?id=9d5d292055250ed298f3b89dc332d6db4003a031 + +From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001 +From: Marek Kasik <mkasik@redhat.com> +Date: Wed, 26 Jul 2017 16:23:37 +0200 +Subject: archive: Check for pathname being NULL before dereferencing + +Check whether "archive_entry_pathname ()" returns a non-NULL pathname +before using it to avoid a NULL pointer being dereferenced. + +https://bugzilla.gnome.org/show_bug.cgi?id=785479 +--- + libgxps/gxps-archive.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c +index acf8d7d..e763773 100644 +--- a/libgxps/gxps-archive.c ++++ b/libgxps/gxps-archive.c +@@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable, + GXPSArchive *archive; + ZipArchive *zip; + struct archive_entry *entry; ++ const gchar *pathname; + + archive = GXPS_ARCHIVE (initable); + +@@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable, + + while (gxps_zip_archive_iter_next (zip, &entry)) { + /* FIXME: We can ignore directories here */ +- g_hash_table_add (archive->entries, g_strdup (archive_entry_pathname (entry))); ++ pathname = archive_entry_pathname (entry); ++ if (pathname != NULL) ++ g_hash_table_add (archive->entries, g_strdup (pathname)); + archive_read_data_skip (zip->archive); + } + +-- +cgit v0.12 + |