[gentoo-commits] repo/gentoo:master commit in: media-libs/ming/files/, media-libs/ming/

Sun, 04 Jun 2017 08:38:50 -0700 

commit:     85ec0fe12f825538a27506b28f9c5368e6a942d9
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Sun Jun  4 15:36:54 2017 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Sun Jun  4 15:38:27 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=85ec0fe1

media-libs/ming: Rev bump to add patch for CVE-2017-8782 (bug #620318)

Package-Manager: Portage-2.3.5, Repoman-2.3.2

 .../ming/files/ming-0.4.8-CVE-2017-8782.patch      | 28 ++++++++++++++++++++++
 .../{ming-0.4.8.ebuild => ming-0.4.8-r1.ebuild}    |  2 ++
 2 files changed, 30 insertions(+)

diff --git a/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch 
b/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch
new file mode 100644
index 00000000000..223d363ae0b
--- /dev/null
+++ b/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch
@@ -0,0 +1,28 @@
+https://github.com/libming/libming/commit/6eca133ee9985c298186cbe05f888082c30bf2d9
+
+--- a/util/read.c
++++ b/util/read.c
+@@ -247,6 +247,11 @@ char *readString(FILE *f)
+     if(len >= buflen-2)
+     {
+       buf = (char *)realloc(buf, sizeof(char)*(buflen+256));
++      if ( ! buf )
++      {
++        fprintf(stderr, "failed reallocating %d bytes\n", buflen+256);
++        exit(-1);
++      }
+       buflen += 256;
+       p = buf+len;
+     }
+@@ -350,6 +355,11 @@ char *readSizedString(FILE *f,int size)
+     if(len >= buflen-2)
+     {
+       buf = (char *)realloc(buf, sizeof(char)*(buflen+256));
++      if ( ! buf )
++      {
++        fprintf(stderr, "failed reallocating %d bytes\n", buflen+256);
++        exit(-1);
++      }
+       buflen += 256;
+       p = buf+len;
+     }

diff --git a/media-libs/ming/ming-0.4.8.ebuild 
b/media-libs/ming/ming-0.4.8-r1.ebuild
similarity index 97%
rename from media-libs/ming/ming-0.4.8.ebuild
rename to media-libs/ming/ming-0.4.8-r1.ebuild
index 74cb21175c6..ec977abe20e 100644
--- a/media-libs/ming/ming-0.4.8.ebuild
+++ b/media-libs/ming/ming-0.4.8-r1.ebuild
@@ -34,6 +34,8 @@ PDEPEND="php? ( dev-php/ming-php )"
 REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
 S=${WORKDIR}/${P//./_}
 
+PATCHES=( "${FILESDIR}"/${PN}-0.4.8-CVE-2017-8782.patch )
+
 # Tests only work when the package is tested on a system
 # which does not presently have any version of ming installed.
 RESTRICT="test"

Reply via email to