From: Tobias Geerinckx-Rice Date: Thu, 28 Feb 2019 20:29:00 +0100 Subject: [PATCH] netpbm: Fix CVE-2017-2587. Copied verbatim from Debian[0]. [0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2587.patch --- diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c --- old/converter/other/svgtopam.c 2017-02-08 12:11:02.593690917 +0100 +++ new/converter/other/svgtopam.c 2017-02-08 13:49:38.319029371 +0100 @@ -771,12 +771,17 @@ createCanvas(unsigned int const width, MALLOCVAR_NOFAIL(canvasP); - canvasP->width = width; - canvasP->height = height; - canvasP->pixels = ppm_allocarray(width, height); - canvasP->maxval = maxval; + if(canvasP != NULL){ + canvasP->width = width; + canvasP->height = height; + canvasP->pixels = ppm_allocarray(width, height); + canvasP->maxval = maxval; + + *canvasPP = canvasP; + } else { + pm_error("can't allocate memory for canvas"); + } - *canvasPP = canvasP; } f='/guix/refs/?id=a698df72d37aa5173c357b7d1e3873d2c2c64c32'>refslogtreecommitdiff
path: root/COPYING
AgeCommit message (Expand)Author