commit: 85ec0fe12f825538a27506b28f9c5368e6a942d9 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Sun Jun 4 15:36:54 2017 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Sun Jun 4 15:38:27 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=85ec0fe1
media-libs/ming: Rev bump to add patch for CVE-2017-8782 (bug #620318) Package-Manager: Portage-2.3.5, Repoman-2.3.2 .../ming/files/ming-0.4.8-CVE-2017-8782.patch | 28 ++++++++++++++++++++++ .../{ming-0.4.8.ebuild => ming-0.4.8-r1.ebuild} | 2 ++ 2 files changed, 30 insertions(+) diff --git a/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch b/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch new file mode 100644 index 00000000000..223d363ae0b --- /dev/null +++ b/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch @@ -0,0 +1,28 @@ +https://github.com/libming/libming/commit/6eca133ee9985c298186cbe05f888082c30bf2d9 + +--- a/util/read.c ++++ b/util/read.c +@@ -247,6 +247,11 @@ char *readString(FILE *f) + if(len >= buflen-2) + { + buf = (char *)realloc(buf, sizeof(char)*(buflen+256)); ++ if ( ! buf ) ++ { ++ fprintf(stderr, "failed reallocating %d bytes\n", buflen+256); ++ exit(-1); ++ } + buflen += 256; + p = buf+len; + } +@@ -350,6 +355,11 @@ char *readSizedString(FILE *f,int size) + if(len >= buflen-2) + { + buf = (char *)realloc(buf, sizeof(char)*(buflen+256)); ++ if ( ! buf ) ++ { ++ fprintf(stderr, "failed reallocating %d bytes\n", buflen+256); ++ exit(-1); ++ } + buflen += 256; + p = buf+len; + } diff --git a/media-libs/ming/ming-0.4.8.ebuild b/media-libs/ming/ming-0.4.8-r1.ebuild similarity index 97% rename from media-libs/ming/ming-0.4.8.ebuild rename to media-libs/ming/ming-0.4.8-r1.ebuild index 74cb21175c6..ec977abe20e 100644 --- a/media-libs/ming/ming-0.4.8.ebuild +++ b/media-libs/ming/ming-0.4.8-r1.ebuild @@ -34,6 +34,8 @@ PDEPEND="php? ( dev-php/ming-php )" REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" S=${WORKDIR}/${P//./_} +PATCHES=( "${FILESDIR}"/${PN}-0.4.8-CVE-2017-8782.patch ) + # Tests only work when the package is tested on a system # which does not presently have any version of ming installed. RESTRICT="test"