Fix memory leak in png_create_info_struct. Upstream-Status: Submitted [https://github.com/glennrp/libpng/pull/293] CVE: CVE-2019-6129
Signed-off-by: Sakib Sajal <[email protected]> --- .../libpng/0001-Repair-of-CVE-2019-6129.patch | 27 +++++++++++++++++++ .../libpng/libpng_1.6.37.bb | 5 +++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch diff --git a/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch new file mode 100644 index 0000000000..1bb2da1984 --- /dev/null +++ b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch @@ -0,0 +1,27 @@ +From ed73b082d0296c6181f2ac11e8dd78e8f7c6d66b Mon Sep 17 00:00:00 2001 +From: tangyaofang <[email protected]> +Date: Mon, 10 Jun 2019 11:30:15 +0800 +Subject: [PATCH] Repair of CVE-2019-6129 + +CVE: CVE-2019-6129 +Signed-off-by: Sakib Sajal <[email protected]> +--- + contrib/tools/pngcp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/contrib/tools/pngcp.c b/contrib/tools/pngcp.c +index 16d4e7f4d..a02d5b7ff 100644 +--- a/contrib/tools/pngcp.c ++++ b/contrib/tools/pngcp.c +@@ -506,7 +506,7 @@ static void + display_clean_read(struct display *dp) + { + if (dp->read_pp != NULL) +- png_destroy_read_struct(&dp->read_pp, NULL, NULL); ++ png_destroy_read_struct(&dp->read_pp, (dp->ip!=NULL ? &dp->ip : NULL), NULL); + + if (dp->fp != NULL) + { +-- +2.20.1 + diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb index 8c53d11642..f33b942cd7 100644 --- a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb +++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb @@ -7,7 +7,10 @@ DEPENDS = "zlib" LIBV = "16" -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz" +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz \ + file://0001-Repair-of-CVE-2019-6129.patch \ + " + SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9" SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca" -- 2.24.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#136619): https://lists.openembedded.org/g/openembedded-core/message/136619 Mute This Topic: https://lists.openembedded.org/mt/72501079/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
