Date: Saturday, December 16, 2017 @ 20:00:48 Author: heftig Revision: 312975
1.4.1+6+gf08c25d-2 Modified: colord/trunk/0001-Make-cd_color_get_blackbody_rgb_full-safer.patch colord/trunk/0002-Avoid-buffer-overflow-when-reading-profile_id.patch colord/trunk/PKGBUILD ----------------------------------------------------------+ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch | 2 0002-Avoid-buffer-overflow-when-reading-profile_id.patch | 38 ++++++++----- PKGBUILD | 6 +- 3 files changed, 29 insertions(+), 17 deletions(-) Modified: 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch =================================================================== --- 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 2017-12-16 19:51:07 UTC (rev 312974) +++ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 2017-12-16 20:00:48 UTC (rev 312975) @@ -1,5 +1,5 @@ From 264981ddfd1984b25c629d8e3ef6cf25c70cc61a Mon Sep 17 00:00:00 2001 -Message-Id: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> +Message-Id: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513454215.git.jan.steff...@gmail.com> From: "Jan Alexander Steffens (heftig)" <jan.steff...@gmail.com> Date: Sat, 16 Dec 2017 04:18:01 +0100 Subject: [PATCH 1/2] Make cd_color_get_blackbody_rgb_full safer Modified: 0002-Avoid-buffer-overflow-when-reading-profile_id.patch =================================================================== --- 0002-Avoid-buffer-overflow-when-reading-profile_id.patch 2017-12-16 19:51:07 UTC (rev 312974) +++ 0002-Avoid-buffer-overflow-when-reading-profile_id.patch 2017-12-16 20:00:48 UTC (rev 312975) @@ -1,7 +1,7 @@ -From 1b9d7f1c7e32c831157868b536bfaf4ce436c1ee Mon Sep 17 00:00:00 2001 -Message-Id: <1b9d7f1c7e32c831157868b536bfaf4ce436c1ee.1513453349.git.jan.steff...@gmail.com> -In-Reply-To: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> -References: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513453349.git.jan.steff...@gmail.com> +From 9b1b755e4dc9b6e91554ee7cd5777f96063a2a0d Mon Sep 17 00:00:00 2001 +Message-Id: <9b1b755e4dc9b6e91554ee7cd5777f96063a2a0d.1513454215.git.jan.steff...@gmail.com> +In-Reply-To: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513454215.git.jan.steff...@gmail.com> +References: <264981ddfd1984b25c629d8e3ef6cf25c70cc61a.1513454215.git.jan.steff...@gmail.com> From: "Jan Alexander Steffens (heftig)" <jan.steff...@gmail.com> Date: Sat, 16 Dec 2017 20:40:51 +0100 Subject: [PATCH 2/2] Avoid buffer overflow when reading profile_id @@ -9,11 +9,11 @@ The profile ID is 16 bytes, not 4 bytes. Use the union type specified by the LCMS API. --- - lib/colord/cd-icc.c | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) + lib/colord/cd-icc.c | 26 +++++++++++++++++++------- + 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/lib/colord/cd-icc.c b/lib/colord/cd-icc.c -index 99fa27b2988b26d0..8b7841fdd66de3f6 100644 +index 99fa27b2988b26d0..0404278f8f2dba39 100644 --- a/lib/colord/cd-icc.c +++ b/lib/colord/cd-icc.c @@ -227,20 +227,20 @@ gchar * @@ -38,7 +38,7 @@ g_return_val_if_fail (CD_IS_ICC (icc), NULL); -@@ -335,12 +335,12 @@ cd_icc_to_string (CdIcc *icc) +@@ -335,12 +335,24 @@ cd_icc_to_string (CdIcc *icc) g_string_append_printf (str, " Creator\t= %s\n", tag_str); /* profile ID */ @@ -49,11 +49,23 @@ - profile_id[2], - profile_id[3]); + cmsGetHeaderProfileID (priv->lcms_profile, profile_id.ID8); -+ g_string_append_printf (str, " Profile ID\t= %08x%08x%08x%08x\n", -+ profile_id.ID32[0], -+ profile_id.ID32[1], -+ profile_id.ID32[2], -+ profile_id.ID32[3]); ++ g_string_append_printf (str, " Profile ID\t= %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", ++ profile_id.ID8[0], ++ profile_id.ID8[1], ++ profile_id.ID8[2], ++ profile_id.ID8[3], ++ profile_id.ID8[4], ++ profile_id.ID8[5], ++ profile_id.ID8[6], ++ profile_id.ID8[7], ++ profile_id.ID8[8], ++ profile_id.ID8[9], ++ profile_id.ID8[10], ++ profile_id.ID8[11], ++ profile_id.ID8[12], ++ profile_id.ID8[13], ++ profile_id.ID8[14], ++ profile_id.ID8[15]); /* print tags */ g_string_append (str, "\n"); Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-12-16 19:51:07 UTC (rev 312974) +++ PKGBUILD 2017-12-16 20:00:48 UTC (rev 312975) @@ -4,7 +4,7 @@ pkgname=colord pkgver=1.4.1+6+gf08c25d -pkgrel=1 +pkgrel=2 pkgdesc="System daemon for managing color devices" arch=(x86_64) url="https://www.freedesktop.org/software/colord" @@ -21,8 +21,8 @@ 0001-Make-cd_color_get_blackbody_rgb_full-safer.patch 0002-Avoid-buffer-overflow-when-reading-profile_id.patch) sha256sums=('SKIP' - 'b804aa00631040fff7032af12c2c92c1b6de42b7adfd8d05671257071ef348ce' - 'db50941a8f35f819123f4dac55269acf6e1916287c69087e69d506499c0ee974') + '87a617f9fc08097ab702affa7507dd34bf74f97796ab1c0eda524c5ed51d6746' + '0d03501dd6142a76f2e74c1f9b8847b40532e0b140f9e4aa01b8ccdcc15b6f5f') validpgpkeys=('163EB50119225DB3DF8F49EA17ACBA8DFA970E17') pkgver() {