pyrox.dev
graphicsmagick: 1.3.32 → 1.3.35
Fixes: CVE-2020-10938
authored by Martin Weinelt and committed by Frederik Rietdijk 459bad4b 8fe050fb
-42
pkgs/applications/graphics/graphicsmagick/1.3.32-darwin-png-strlcat-fix.patch
-42
pkgs/applications/graphics/graphicsmagick/1.3.32-darwin-png-strlcat-fix.patch
···
1
-
# reduced version of commit f30492f40f78d867b43422215057dd21de4ba447
2
-
# from upstream hg repository:
3
-
RegisterPNGImage(): Pass correct size value to strlcat().
4
-
5
-
diff -r 95c4711e8bee -r f30492f40f78 coders/png.c
6
-
--- a/coders/png.c Mon Jun 17 07:24:30 2019 -0500
7
-
+++ b/coders/png.c Mon Jun 17 18:54:43 2019 -0500
8
-
@@ -6427,26 +6427,26 @@
9
-
10
-
*version='\0';
11
-
#if defined(PNG_LIBPNG_VER_STRING)
12
-
- (void) strlcat(version,"libpng ",MaxTextExtent);
13
-
- (void) strlcat(version,PNG_LIBPNG_VER_STRING,MaxTextExtent);
14
-
+ (void) strlcat(version,"libpng ",sizeof(version));
15
-
+ (void) strlcat(version,PNG_LIBPNG_VER_STRING,sizeof(version));
16
-
#if (PNG_LIBPNG_VER > 10005)
17
-
if (LocaleCompare(PNG_LIBPNG_VER_STRING,png_get_header_ver(NULL)) != 0)
18
-
{
19
-
- (void) strlcat(version,",",MaxTextExtent);
20
-
- (void) strlcat(version,png_get_libpng_ver(NULL),MaxTextExtent);
21
-
+ (void) strlcat(version,",",sizeof(version));
22
-
+ (void) strlcat(version,png_get_libpng_ver(NULL),sizeof(version));
23
-
}
24
-
#endif
25
-
#endif
26
-
27
-
#if defined(ZLIB_VERSION)
28
-
if (*version != '\0')
29
-
- (void) strlcat(version,", ",MaxTextExtent);
30
-
- (void) strlcat(version,"zlib ",MaxTextExtent);
31
-
- (void) strlcat(version,ZLIB_VERSION,MaxTextExtent);
32
-
+ (void) strlcat(version,", ",sizeof(version));
33
-
+ (void) strlcat(version,"zlib ",sizeof(version));
34
-
+ (void) strlcat(version,ZLIB_VERSION,sizeof(version));
35
-
if (LocaleCompare(ZLIB_VERSION,zlib_version) != 0)
36
-
{
37
-
- (void) strlcat(version,",",MaxTextExtent);
38
-
- (void) strlcat(version,zlib_version,MaxTextExtent);
39
-
+ (void) strlcat(version,",",sizeof(version));
40
-
+ (void) strlcat(version,zlib_version,sizeof(version));
41
-
}
42
-
#endif
···
+2
-3
pkgs/applications/graphics/graphicsmagick/default.nix
+2
-3
pkgs/applications/graphics/graphicsmagick/default.nix
···
4
5
stdenv.mkDerivation rec {
6
pname = "graphicsmagick";
7
-
version = "1.3.32";
8
9
src = fetchurl {
10
url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
11
-
sha256 = "1qclp9i31idpcbbqswmnq2q11lmv0a7cvdb1y72xcky8sshaahmq";
12
};
13
14
patches = [
15
./disable-popen.patch
16
-
./1.3.32-darwin-png-strlcat-fix.patch
17
];
18
19
configureFlags = [
···
4
5
stdenv.mkDerivation rec {
6
pname = "graphicsmagick";
7
+
version = "1.3.35";
8
9
src = fetchurl {
10
url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
11
+
sha256 = "0l024l4hawm9s3jqrgi2j0lxgm61dqh8sgkj1017ma7y11hqv2hq";
12
};
13
14
patches = [
15
./disable-popen.patch
16
];
17
18
configureFlags = [