Hello community, here is the log from the commit of package gifsicle for openSUSE:Factory checked in at 2018-01-05 01:01:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gifsicle (Old) and /work/SRC/openSUSE:Factory/.gifsicle.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gifsicle" Fri Jan 5 01:01:28 2018 rev:7 rq:561477 version:1.90 Changes: -------- --- /work/SRC/openSUSE:Factory/gifsicle/gifsicle.changes 2017-10-02 16:53:05.315782681 +0200 +++ /work/SRC/openSUSE:Factory/.gifsicle.new/gifsicle.changes 2018-01-05 01:01:34.117031687 +0100 @@ -1,0 +2,8 @@ +Wed Jan 3 20:58:34 UTC 2018 - [email protected] + +- add fix_double-free.patch: + upstream fix, commit 118a46090c50829dc543179019e6140e1235f909 +- add fix_gifdiff_null-deref.patch: + upstream fix, commit 263cd4519f45bc6ecde74ee280eb1d68ee2de642 + +------------------------------------------------------------------- New: ---- fix_double-free.patch fix_gifdiff_null-deref.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gifsicle.spec ++++++ --- /var/tmp/diff_new_pack.kYuPx8/_old 2018-01-05 01:01:35.324629903 +0100 +++ /var/tmp/diff_new_pack.kYuPx8/_new 2018-01-05 01:01:35.328628573 +0100 @@ -1,7 +1,7 @@ # # spec file for package gifsicle # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,10 @@ Source: https://www.lcdf.org/gifsicle/%{name}-%{version}.tar.gz # PATCH-FIX-UPSTREAM fix-null-deref.patch Patch0: fix-null-deref.patch +# PATCH-FIX-UPSTREAM fix_double-free.patch +Patch1: fix_double-free.patch +# PATCH-FIX-UPSTREAM fix_gifdiff_null-deref.patch +Patch2: fix_gifdiff_null-deref.patch Obsoletes: ungifsicle < %{version} Provides: ungifsicle = %{version} BuildRequires: pkgconfig(x11) @@ -53,6 +57,8 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 +%patch2 -p1 %build %configure ++++++ fix_double-free.patch ++++++ >From 118a46090c50829dc543179019e6140e1235f909 Mon Sep 17 00:00:00 2001 From: Eddie Kohler <[email protected]> Date: Sat, 2 Dec 2017 23:08:51 -0500 Subject: [PATCH] gif_read: Set last_name = NULL unconditionally. With a non-malicious GIF, last_name is set to NULL when a name extension is followed by an image. Reported in #117, via Debian, via a KAIST fuzzing program. --- src/gifread.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/gifread.c b/src/gifread.c index eec4e31..9c287dd 100644 --- a/src/gifread.c +++ b/src/gifread.c @@ -900,6 +900,7 @@ read_gif(Gif_Reader *grr, int read_flags, Gif_DeleteArray(gfc.suffix); Gif_DeleteArray(gfc.length); gfc.gfi = 0; + last_name = 0; if (gfs) gfs->errors = gfc.errors[1]; ++++++ fix_gifdiff_null-deref.patch ++++++ >From 263cd4519f45bc6ecde74ee280eb1d68ee2de642 Mon Sep 17 00:00:00 2001 From: Eddie Kohler <[email protected]> Date: Sat, 2 Dec 2017 23:10:30 -0500 Subject: [PATCH] Two GIFs with zero images are the same. Another KAIST report; we null-dereferenced previously. --- src/gifdiff.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/gifdiff.c b/src/gifdiff.c index 04721d8..40da3c1 100644 --- a/src/gifdiff.c +++ b/src/gifdiff.c @@ -248,12 +248,6 @@ compare(Gif_Stream *s1, Gif_Stream *s2) Gif_CalculateScreenSize(s1, 0); Gif_CalculateScreenSize(s2, 0); - if (s1->nimages != s2->nimages - && (s1->nimages == 0 || s2->nimages == 0)) { - different("frame counts differ: <#%d >#%d", s1->nimages, s2->nimages); - return DIFFERENT; - } - if (s1->screen_width != s2->screen_width || s1->screen_height != s2->screen_height) { different("screen sizes differ: <%dx%d >%dx%d", s1->screen_width, @@ -268,6 +262,14 @@ compare(Gif_Stream *s1, Gif_Stream *s2) return DIFFERENT; } + if (s1->nimages == 0 || s2->nimages == 0) { + if (s1->nimages != s2->nimages) { + different("frame counts differ: <#%d >#%d", s1->nimages, s2->nimages); + return DIFFERENT; + } else + return SAME; + } + /* Create arrays for the image data */ screen_width = s1->screen_width; screen_height = s1->screen_height;
