[freexl] 01/01: Add patch to fix regression introduced by afl-vulnerabilitities.patch.
This is an automated email from the git hooks/post-receive script. sebastic pushed a commit to branch jessie in repository freexl. commit 4c4bc968ba71476cd1b41d3637c59dc503162cfc Author: Bas Couwenberg Date: Thu Nov 12 22:05:46 2015 +0100 Add patch to fix regression introduced by afl-vulnerabilitities.patch. --- debian/changelog | 6 ++ debian/patches/afl-vulnerabilitities-regression.patch | 18 ++ debian/patches/series | 1 + 3 files changed, 25 insertions(+) diff --git a/debian/changelog b/debian/changelog index 2cedd8c..4416abc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +freexl (1.0.0g-1+deb8u3) UNRELEASED; urgency=medium + + * Add patch to fix regression introduced by afl-vulnerabilitities.patch. + + -- Bas Couwenberg Thu, 12 Nov 2015 22:04:49 +0100 + freexl (1.0.0g-1+deb8u2) jessie-security; urgency=high * Add patch to fix 32 bit multiplication overflow. diff --git a/debian/patches/afl-vulnerabilitities-regression.patch b/debian/patches/afl-vulnerabilitities-regression.patch new file mode 100644 index 000..591e95b --- /dev/null +++ b/debian/patches/afl-vulnerabilitities-regression.patch @@ -0,0 +1,18 @@ +Description: Fix regression introduced by afl-vulnerabilitities.patch. + Initially reported as a bug in GDAL and traced to FreeXL, see: + https://trac.osgeo.org/gdal/ticket/6200 +Origin: https://www.gaia-gis.it/fossil/freexl/fdiff?v1=61618ce51a9b0c15&v2=4f9408c216ead322&sbs=1 +Author: Alessandro Furieri +Bug-Debian: https://bugs.debian.org/781228 + +--- a/src/freexl.c b/src/freexl.c +@@ -3770,7 +3770,7 @@ read_biff_next_record (biff_workbook * w + unsigned int already_done; + unsigned int chunk = + workbook->sector_end - (workbook->p_in - workbook->sector_buf); +- if (workbook->sector_end <= (workbook->p_in - workbook->sector_buf)) ++ if (workbook->sector_end < (workbook->p_in - workbook->sector_buf)) + return -1; + memcpy (workbook->record, workbook->p_in, chunk); + workbook->p_in += chunk; diff --git a/debian/patches/series b/debian/patches/series index 7fa2afa..d6cf717 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,3 @@ afl-vulnerabilitities.patch 32bit-multiplication-overflow.patch +afl-vulnerabilitities-regression.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/freexl.git ___ Pkg-grass-devel mailing list Pkg-grass-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grass-devel
[freexl] 01/01: Add patch to fix regression introduced by afl-vulnerabilitities.patch.
This is an automated email from the git hooks/post-receive script. sebastic pushed a commit to branch wheezy in repository freexl. commit 8214dec62ab5d7311b9a192bad42468641c4d8bf Author: Bas Couwenberg Date: Thu Nov 12 22:05:46 2015 +0100 Add patch to fix regression introduced by afl-vulnerabilitities.patch. --- debian/changelog | 6 ++ debian/patches/afl-vulnerabilitities-regression.patch | 18 ++ debian/patches/series | 1 + 3 files changed, 25 insertions(+) diff --git a/debian/changelog b/debian/changelog index 6c917be..745f034 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +freexl (1.0.0b-1+deb7u3) UNRELEASED; urgency=medium + + * Add patch to fix regression introduced by afl-vulnerabilitities.patch. + + -- Bas Couwenberg Thu, 12 Nov 2015 22:04:49 +0100 + freexl (1.0.0b-1+deb7u2) wheezy-security; urgency=high * Add patch to fix 32 bit multiplication overflow. diff --git a/debian/patches/afl-vulnerabilitities-regression.patch b/debian/patches/afl-vulnerabilitities-regression.patch new file mode 100644 index 000..f59fb73 --- /dev/null +++ b/debian/patches/afl-vulnerabilitities-regression.patch @@ -0,0 +1,18 @@ +Description: Fix regression introduced by afl-vulnerabilitities.patch. + Initially reported as a bug in GDAL and traced to FreeXL, see: + https://trac.osgeo.org/gdal/ticket/6200 +Origin: https://www.gaia-gis.it/fossil/freexl/fdiff?v1=61618ce51a9b0c15&v2=4f9408c216ead322&sbs=1 +Author: Alessandro Furieri +Bug-Debian: https://bugs.debian.org/781228 + +--- a/src/freexl.c b/src/freexl.c +@@ -3655,7 +3655,7 @@ read_biff_next_record (biff_workbook * w + unsigned int already_done; + unsigned int chunk = + workbook->sector_end - (workbook->p_in - workbook->sector_buf); +- if (workbook->sector_end <= (workbook->p_in - workbook->sector_buf)) ++ if (workbook->sector_end < (workbook->p_in - workbook->sector_buf)) + return -1; + memcpy (workbook->record, workbook->p_in, chunk); + workbook->p_in += chunk; diff --git a/debian/patches/series b/debian/patches/series index 7fa2afa..d6cf717 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,3 @@ afl-vulnerabilitities.patch 32bit-multiplication-overflow.patch +afl-vulnerabilitities-regression.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/freexl.git ___ Pkg-grass-devel mailing list Pkg-grass-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grass-devel
