mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
libwmf: patch CVE-2015-4695
Details: https://nvd.nist.gov/vuln/detail/CVE-2015-4695 Pick the commit that explicitly mentions the vulnerability ID. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Gyorgy Sarvari
committed by
Anuj Mittal
Anuj Mittal
parent
dbc98a00eb
commit
ee90f2d75e
@@ -0,0 +1,70 @@
|
||||
From 7a7f58c0ebb84b9a3c44c875a667ce8ba191b325 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
|
||||
Date: Wed, 8 Aug 2018 13:59:37 +0100
|
||||
Subject: [PATCH] CVE-2015-4695
|
||||
|
||||
CVE: CVE-2015-4695
|
||||
Upstream-Status: Backport [https://github.com/caolanm/libwmf/commit/b5ae5d1f3bbddf051a5c9dd01897bd835817f013]
|
||||
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||
---
|
||||
src/player/meta.h | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/player/meta.h b/src/player/meta.h
|
||||
index 252e68b..3e13688 100644
|
||||
--- a/src/player/meta.h
|
||||
+++ b/src/player/meta.h
|
||||
@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrlis
|
||||
objects = P->objects;
|
||||
|
||||
i = 0;
|
||||
- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
|
||||
+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
|
||||
|
||||
if (i == NUM_OBJECTS (API))
|
||||
{ WMF_ERROR (API,"Object out of range!");
|
||||
@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrlist
|
||||
objects = P->objects;
|
||||
|
||||
i = 0;
|
||||
- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
|
||||
+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
|
||||
|
||||
if (i == NUM_OBJECTS (API))
|
||||
{ WMF_ERROR (API,"Object out of range!");
|
||||
@@ -3067,7 +3067,7 @@ static int meta_pen_create (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrlis
|
||||
objects = P->objects;
|
||||
|
||||
i = 0;
|
||||
- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
|
||||
+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
|
||||
|
||||
if (i == NUM_OBJECTS (API))
|
||||
{ WMF_ERROR (API,"Object out of range!");
|
||||
@@ -3181,7 +3181,7 @@ static int meta_brush_create (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrl
|
||||
objects = P->objects;
|
||||
|
||||
i = 0;
|
||||
- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
|
||||
+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
|
||||
|
||||
if (i == NUM_OBJECTS (API))
|
||||
{ WMF_ERROR (API,"Object out of range!");
|
||||
@@ -3288,7 +3288,7 @@ static int meta_font_create (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrli
|
||||
objects = P->objects;
|
||||
|
||||
i = 0;
|
||||
- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
|
||||
+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
|
||||
|
||||
if (i == NUM_OBJECTS (API))
|
||||
{ WMF_ERROR (API,"Object out of range!");
|
||||
@@ -3396,7 +3396,7 @@ static int meta_palette_create (wmfAPI* API,wmfRecord* Record,wmfAttributes* att
|
||||
objects = P->objects;
|
||||
|
||||
i = 0;
|
||||
- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
|
||||
+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
|
||||
|
||||
if (i == NUM_OBJECTS (API))
|
||||
{ WMF_ERROR (API,"Object out of range!");
|
||||
@@ -20,6 +20,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/wvware/${BPN}/${PV}/${BPN}-${PV}.tar.gz;name=ta
|
||||
file://libwmf-0.2.8.4-useafterfree.patch \
|
||||
file://0001-configure-use-pkg-config-for-freetype.patch \
|
||||
file://CVE-2015-0848-CVE-2015-4588.patch \
|
||||
file://CVE-2015-4695.patch \
|
||||
"
|
||||
|
||||
SRC_URI[tarball.md5sum] = "d1177739bf1ceb07f57421f0cee191e0"
|
||||
|
||||
Reference in New Issue
Block a user