Re: [E-devel] [imlib2] [PATCH] off-by-one OOB read in __imlib_MergeUpdate

2016-04-11 Thread Simon Lees
On 04/06/2016 10:44 AM, Kim Woelders wrote: > On 04/02/2016 08:37 PM, Yuriy M. Kaminskiy wrote: >> Run `valgrind imlib2_test`, move mouse to right lower corner, got >> ==16086== Invalid read of size 1 >> ==16086==at 0x4E79C4E: __imlib_MergeUpdate (in >>

Re: [E-devel] [imlib2] [PATCH] off-by-one OOB read in __imlib_MergeUpdate

2016-04-05 Thread Kim Woelders
On 04/02/2016 08:37 PM, Yuriy M. Kaminskiy wrote: > Run `valgrind imlib2_test`, move mouse to right lower corner, got > ==16086== Invalid read of size 1 > ==16086==at 0x4E79C4E: __imlib_MergeUpdate (in > /usr/lib/x86_64-linux-gnu/libImlib2.so.1.4.6) > ==16086==by 0x401773: main (in

[E-devel] [imlib2] [PATCH] off-by-one OOB read in __imlib_MergeUpdate

2016-04-02 Thread Yuriy M. Kaminskiy
Run `valgrind imlib2_test`, move mouse to right lower corner, got ==16086== Invalid read of size 1 ==16086==at 0x4E79C4E: __imlib_MergeUpdate (in /usr/lib/x86_64-linux-gnu/libImlib2.so.1.4.6) ==16086==by 0x401773: main (in /usr/bin/imlib2_test) ==16086== Address 0x9d20360 is 0 bytes

Re: [E-devel] [imlib2][PATCH] loader_gif: fix OOB read

2016-04-02 Thread The Rasterman
On Sat, 2 Apr 2016 13:39:53 +0900 Carsten Haitzler (The Rasterman) said: > On Sat, 2 Apr 2016 06:48:54 +0300 "Yuriy M. Kaminskiy" > said: > > > On 02.04.2016 06:21, Yuriy M. Kaminskiy wrote: > > > On 02.04.2016 06:12, Carsten Haitzler (The Rasterman)

Re: [E-devel] [imlib2][PATCH] loader_gif: fix OOB read

2016-04-01 Thread The Rasterman
On Sat, 2 Apr 2016 06:48:54 +0300 "Yuriy M. Kaminskiy" said: > On 02.04.2016 06:21, Yuriy M. Kaminskiy wrote: > > On 02.04.2016 06:12, Carsten Haitzler (The Rasterman) wrote: > >> On Sat, 02 Apr 2016 04:49:08 +0300 yum...@gmail.com (Yuriy M. > >> Kaminskiy) said: > >> > >>> As

Re: [E-devel] [imlib2][PATCH] loader_gif: fix OOB read

2016-04-01 Thread The Rasterman
On Sat, 02 Apr 2016 04:49:08 +0300 yum...@gmail.com (Yuriy M. Kaminskiy) said: > As reported on http://bugs.debian.org/734425, when ColorCount is less > than 256, it is possible that image loading will trigger out of bound > read. > Security imlications: DoS (application crash), potentially host

Re: [E-devel] [imlib2][PATCH] loader_gif: fix OOB read

2016-04-01 Thread The Rasterman
On Sat, 02 Apr 2016 04:49:08 +0300 yum...@gmail.com (Yuriy M. Kaminskiy) said: > As reported on http://bugs.debian.org/734425, when ColorCount is less > than 256, it is possible that image loading will trigger out of bound > read. > Security imlications: DoS (application crash), potentially host

[E-devel] [imlib2][PATCH] loader_gif: fix OOB read

2016-04-01 Thread Yuriy M. Kaminskiy
As reported on http://bugs.debian.org/734425, when ColorCount is less than 256, it is possible that image loading will trigger out of bound read. Security imlications: DoS (application crash), potentially host memory exposure. Attached patch(es) gracefully handles out-of-range image data,

Re: [E-devel] Imlib2: Patch: add various checks to various image loaders

2008-06-18 Thread Kim Woelders
Hans de Goede wrote: Mike Frysinger wrote: On Saturday 14 June 2008, Hans de Goede wrote: Mike Frysinger wrote: On Thursday 12 June 2008, Hans de Goede wrote: Some time ago there was a bunch of security advisories for various imlib2 image loaders. Some of the fixes which were circulating

Re: [E-devel] Imlib2: Patch: add various checks to various image loaders

2008-06-15 Thread Hans de Goede
Mike Frysinger wrote: On Saturday 14 June 2008, Hans de Goede wrote: Mike Frysinger wrote: On Thursday 12 June 2008, Hans de Goede wrote: Some time ago there was a bunch of security advisories for various imlib2 image loaders. Some of the fixes which were circulating then never seem to have

Re: [E-devel] Imlib2: Patch: add various checks to various image loaders

2008-06-14 Thread Hans de Goede
Mike Frysinger wrote: On Thursday 12 June 2008, Hans de Goede wrote: Some time ago there was a bunch of security advisories for various imlib2 image loaders. Some of the fixes which were circulating then never seem to have been applied to imlib2, the attached patch includes these fixes. i'm

Re: [E-devel] Imlib2: Patch: add various checks to various image loaders

2008-06-14 Thread Mike Frysinger
On Saturday 14 June 2008, Hans de Goede wrote: Mike Frysinger wrote: On Thursday 12 June 2008, Hans de Goede wrote: Some time ago there was a bunch of security advisories for various imlib2 image loaders. Some of the fixes which were circulating then never seem to have been applied to

[E-devel] Imlib2 PATCH: Check for rgb.txt in /ust/share/X11

2008-06-13 Thread Hans de Goede
Hi, Short intro: I'm the Fedora imlib2 package maintainer. Most modern Linux distro's now have rgb.txt as /ust/share/X11/rgb.txt The attached patch fixes loading xpm files on these distro's. Regards, Hans p.s. Please keep me CC-ed, I'm not on the list. diff -up

[E-devel] Imlib2: Patch: add various checks to various image loaders

2008-06-13 Thread Hans de Goede
Hi, Short intro: I'm the Fedora imlib2 package maintainer. Some time ago there was a bunch of security advisories for various imlib2 image loaders. Some of the fixes which were circulating then never seem to have been applied to imlib2, the attached patch includes these fixes. Regards,

Re: [E-devel] Imlib2 PATCH: Check for rgb.txt in /ust/share/X11

2008-06-13 Thread Mike Frysinger
On Thursday 12 June 2008, Hans de Goede wrote: Most modern Linux distro's now have rgb.txt as /ust/share/X11/rgb.txt The attached patch fixes loading xpm files on these distro's. thanks, added to cvs -mike signature.asc Description: This is a digitally signed message part.

Re: [E-devel] Imlib2: Patch: add various checks to various image loaders

2008-06-13 Thread Mike Frysinger
On Thursday 12 June 2008, Hans de Goede wrote: Some time ago there was a bunch of security advisories for various imlib2 image loaders. Some of the fixes which were circulating then never seem to have been applied to imlib2, the attached patch includes these fixes. i'm pretty sure these were

Re: [E-devel] Imlib2 patch

2008-05-10 Thread Kim Woelders
Kim Woelders wrote: Kim Woelders wrote: Dariusz Knociński wrote: Hi All, I wrote new version of some procedures in Imlib2 library and attached patches for that mail. In file color-helpres procedures : void __imlib_rgb_to_hsv( int r, int g, int b, float *h, float *s, float *v );

Re: [E-devel] Imlib2 patch

2008-04-20 Thread Dariusz Knociński
On Wed, 16 Apr 2008 19:50:24 -0400 Jose Gonzalez [EMAIL PROTECTED] wrote: Dariusz Knociński wrote: [...] Strictly speaking, this is still incorrect. The reason being that the map-range functions are doing an initial interpolation in rgb colorspace. It should be doing all of the

Re: [E-devel] Imlib2 patch

2008-04-20 Thread Kim Woelders
Kim Woelders wrote: Dariusz Knociński wrote: Hi All, I wrote new version of some procedures in Imlib2 library and attached patches for that mail. In file color-helpres procedures : void __imlib_rgb_to_hsv( int r, int g, int b, float *h, float *s, float *v ); void __imlib_hsv_to_rgb(

Re: [E-devel] Imlib2 patch

2008-04-16 Thread Kim Woelders
Dariusz Knociński wrote: Hi All, I wrote new version of some procedures in Imlib2 library and attached patches for that mail. In file color-helpres procedures : void __imlib_rgb_to_hsv( int r, int g, int b, float *h, float *s, float *v ); void __imlib_hsv_to_rgb( float h, float s,

Re: [E-devel] Imlib2 patch

2008-04-16 Thread Jose Gonzalez
Dariusz Knociński wrote: Patch: diff -u -p -r imlib2-1.4.1.000.old/src/lib/color_helpers.c imlib2-1.4.1.000.new/src/lib/color_helpers.c --- imlib2-1.4.1.000.old/src/lib/color_helpers.c 2007-05-21 00:58:01.0 +0200 +++ imlib2-1.4.1.000.new/src/lib/color_helpers.c 2008-04-15

[E-devel] Imlib2 patch

2008-04-15 Thread Dariusz Knociński
Hi All, I wrote new version of some procedures in Imlib2 library and attached patches for that mail. In file color-helpres procedures : void __imlib_rgb_to_hsv( int r, int g, int b, float *h, float *s, float *v ); void __imlib_hsv_to_rgb( float h, float s, float v, int *r, int *g, int *b );

Re: [E-devel] Imlib2 patch

2008-04-15 Thread Dariusz Knociński
Patch: diff -u -p -r imlib2-1.4.1.000.old/src/lib/color_helpers.c imlib2-1.4.1.000.new/src/lib/color_helpers.c --- imlib2-1.4.1.000.old/src/lib/color_helpers.c2007-05-21 00:58:01.0 +0200 +++ imlib2-1.4.1.000.new/src/lib/color_helpers.c2008-04-15 09:34:36.0 +0200

Re: [E-devel] Imlib2 patch

2008-04-15 Thread Dariusz Knociński
BEGIN BASE64 imlib2_colorspace-before.jpg /9j/4AAQSkZJRgABAQEASABIAAD/4QAWRXhpZgAATU0AKggAAAD/2wBDAAUDBAQEAwUE BAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/ 2wBDAQUFBQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e

Re: [E-devel] imlib2 patch, configure.in X header detection

2005-02-22 Thread The Rasterman
On Thu, 17 Feb 2005 20:36:20 -0600 "Laurence J. Lane" [EMAIL PROTECTED] (Bbabbled: (B (B Stuff broke with the X header detection in imlib2's (B configure script. (See http://bugs.debian.org/295350 (B for details.) (B (Bthanks for the info :) fixed :) (B (B Steven Langasek provided a