aboutsummaryrefslogtreecommitdiff
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:29:00 +0100
Subject: [PATCH] netpbm: Fix CVE-2017-2587.

Copied verbatim from Debian[0].

[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2587.patch

---
diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
--- old/converter/other/svgtopam.c	2017-02-08 12:11:02.593690917 +0100
+++ new/converter/other/svgtopam.c	2017-02-08 13:49:38.319029371 +0100
@@ -771,12 +771,17 @@ createCanvas(unsigned int const width,
 
     MALLOCVAR_NOFAIL(canvasP);
 
-    canvasP->width  = width;
-    canvasP->height = height;
-    canvasP->pixels = ppm_allocarray(width, height);
-    canvasP->maxval = maxval;
+    if(canvasP != NULL){
+        canvasP->width  = width;
+        canvasP->height = height;
+        canvasP->pixels = ppm_allocarray(width, height);
+        canvasP->maxval = maxval;
+
+        *canvasPP = canvasP;
+    } else {
+       pm_error("can't allocate memory for canvas");
+    }
 
-    *canvasPP = canvasP;
 }
generated by cgit
/span>Efraim Flashner 2023-10-13gnu: xournalpp: Update to 1.2.1....* gnu/packages/pdf.scm (xournalpp): Update to 1.2.1. [arguments]<#:configure-flags>: Replace "ENABLE_CPPUNIT" with "ENABLE_GTEST". <#:phases>: Add a phase to build test files. [native-inputs]: Add GOOGLETEST. Nicolas Goaziou 2023-10-02gnu: mupdf: Update to 1.23.3....* gnu/packages/pdf.scm (mupdf): Update to 1.23.3. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Timotej Lazar 2023-09-09gnu: capypdf: Update to 0.5.0....* gnu/packages/pdf.scm (capypdf): Update to 0.5.0. [arguments]<#:configure-flags>: Add “-Dcpp_std=c++23” <#:phases>: Drop ‘add-missing-header’. Liliana Marie Prikler 2023-08-15gnu: xournalpp: Build with librsvg-for-system....* gnu/packages/pdf.scm (xournalpp)[inputs]: Replace librsvg with librsvg-for-system. Efraim Flashner 2023-07-28gnu: libharu: Update to 2.4.3....* gnu/packages/pdf.scm (libharu): Update to 2.4.3. Signed-off-by: 宋文武 <iyzsong@member.fsf.org> Wojtek Kosior 2023-07-16gnu: xpdf: Update to 4.04....* gnu/packages/pdf.scm (xpdf): Update to 4.04. Tobias Geerinckx-Rice 2023-07-18gnu: xournalpp: Remove texlive-bin as an input....* gnu/packages/pdf.scm (xournalpp)[inputs]: Remove TEXLIVE-BIN. Nicolas Goaziou 2023-07-18gnu: Deprecate `texlive-tiny'....At this point, there are three equivalent TeX Live sub-systems: texlive-scheme-basic, texlive-tiny, and (texlive-updmap.cfg). It is confusing to keep so many around. * doc/contributing.texi (Submitting Patches): Remove reference to TEXLIVE-TINY. * gnu/packages/algebra.scm (pari-gp)[native-inputs]: (giac)[native-inputs]: * gnu/packages/chez.scm (chez-sockets)[native-inputs]: * gnu/packages/engineering.scm (fastcap)[native-inputs]: * gnu/packages/gettext.scm (po4a)[native-inputs]: * gnu/packages/maths.scm (cddlib)[native-inputs]: (gnuplot)[native-inputs]: (itpp)[native-inputs]: * gnu/packages/ocaml.scm (unison)[native-inputs]: * gnu/packages/pdf.scm (extractpdfmark)[native-inputs]: * gnu/packages/photo.scm (enblend-enfuse): Replace TEXLIVE-TINY with a call to TEXLIVE-UPDMAP.CFG. * gnu/packages/radio.scm (gnuradio)[native-inputs]: Remove unnecessary TEXLIVE-TINY. * gnu/packages/tex.scm (texlive-tiny): Deprecate it in favor of TEXLIVE-SCHEME-BASIC. (texlive-makecmds)[native-inputs]: Replace TEXLIVE-TINY with a call to TEXLIVE-UPDMAP.CFG. * guix/lint.scm (check-inputs-should-be-native): Check only for "texlive-updmap.cfg" input name. Nicolas Goaziou 2023-07-16gnu: capypdf: Update to 0.4.0....* gnu/packages/pdf.scm (capypdf): Update to 0.4.0. Liliana Marie Prikler