#12196: inkscape - fix out of bounds writes
-------------------------+-----------------------
Reporter: ken@… | Owner: blfs-book
Type: enhancement | Status: new
Priority: normal | Milestone: 8.5
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-----------------------
While I was testing "cheap" hardening CFLAGS/CXXFLAGS/defines, I played
with inkscape a bit more than I usually do, and it aborted ("internal
error") when I tried to use the bucket fill tool.
This, and similar issues with the text tool, were originally reported by
fedora, who removed -D_FORTIFY_SOURCE=2 from their build of inkscape. For
me, that did not solve the issue. But running gdb (on unstripped code!)
showed where it was failing and google eventually found some upstream
bugs. Those have now been fixed, so we ought to apply them (without them
it writes out of bounds but gets away with it if not fortified).
I've just uploaded a patch, but my current system is mostly frozen in an
old version, it will be a day or two before I can get to a more-recent
system to check this with the current toolchain. So, probably *after* the
elogind merge.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12196>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
