Bug#298183: NMU diff

[Joey Hess]

It turns out that the older version of lesstif2 we have also had the
variables defined as signed ints, so the patch to fix CAN-2005-0605 in
lesstif2 is shorter than the fixes needed for newer versions of the
library. I combined this fix with the fix for lesstif1 that Martin Pitt
was kind enough to send and the result is the attached NMU diff.

Note that I haven't NMUed it yet, I'm still looking at the other open
security holes.

-- 
see shy jo

diff -ur old/lesstif1-1-0.93.94/debian/changelog 
lesstif1-1-0.93.94/debian/changelog
--- old/lesstif1-1-0.93.94/debian/changelog     2005-03-10 16:49:01.000000000 
-0500
+++ lesstif1-1-0.93.94/debian/changelog 2005-03-10 16:48:31.000000000 -0500
@@ -1,3 +1,12 @@
+lesstif1-1 (1:0.93.94-11.1) unstable; urgency=HIGH
+
+  * NMU
+  * Apply fix for newest libXpm buffer overflows in lesstif1, involving a
+    negative bitmap_unit value. Fixed both lesstif1 and lesstif2.
+    Closes: #298939 (CAN-2005-0605)
+
+ -- Joey Hess <[EMAIL PROTECTED]>  Thu, 10 Mar 2005 16:34:21 -0500
+
 lesstif1-1 (1:0.93.94-11) unstable; urgency=low
 
   * Mention CAN-2004-0688 in the 1:0.93.94-9 changelog.
diff -ur old/lesstif1-1-0.93.94/lib/Xm/LTXpm.c lesstif1-1-0.93.94/lib/Xm/LTXpm.c
--- old/lesstif1-1-0.93.94/lib/Xm/LTXpm.c       2005-03-10 16:49:00.000000000 
-0500
+++ lesstif1-1-0.93.94/lib/Xm/LTXpm.c   2005-03-10 16:36:47.000000000 -0500
@@ -6395,6 +6395,9 @@
     ibpp = image->bits_per_pixel;
     offset = image->xoffset;
 
+    if (image->bitmap_unit < 0)
+        return (_LtXpmNoMemory);
+    
     if ((image->bits_per_pixel | image->depth) == 1) {
        ibu = image->bitmap_unit;
        for (y = 0; y < height; y++)
diff -ur old/lesstif1-1-0.93.94/lib/Xm-2.1/Xpm.c 
lesstif1-1-0.93.94/lib/Xm-2.1/Xpm.c
--- old/lesstif1-1-0.93.94/lib/Xm-2.1/Xpm.c     2005-03-10 16:49:01.000000000 
-0500
+++ lesstif1-1-0.93.94/lib/Xm-2.1/Xpm.c 2005-03-10 16:46:14.000000000 -0500
@@ -6373,6 +6373,9 @@
     ibpp = image->bits_per_pixel;
     offset = image->xoffset;
 
+    if (image->bitmap_unit < 0)
+        return (XpmNoMemory);
+    
     if ((image->bits_per_pixel | image->depth) == 1) {
        ibu = image->bitmap_unit;
        for (y = 0; y < height; y++)

signature.asc
Description: Digital signature