Commit ab0a4bdc authored by Natanael Copa's avatar Natanael Copa

main/pixman: security fix for CVE-2013-6425

fixes #2558
parent 0b27f907
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=pixman
pkgver=0.30.2
pkgrel=0
pkgrel=1
pkgdesc="Pixman library"
url="http://xorg.freedesktop.org"
arch="all"
......@@ -9,12 +9,19 @@ license="custom"
subpackages="$pkgname-dev"
depends=
makedepends="perl"
source="http://xorg.freedesktop.org/releases/individual/lib/$pkgname-$pkgver.tar.bz2"
source="http://xorg.freedesktop.org/releases/individual/lib/$pkgname-$pkgver.tar.bz2
CVE-2013-6425.patch
"
_builddir="$srcdir/$pkgname-$pkgver"
prepare() {
cd "$_builddir"
for i in $source; do
case $i in
*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
esac
done
update_config_sub || return 1
}
......@@ -34,6 +41,9 @@ package() {
make DESTDIR="$pkgdir" install || return 1
rm "$pkgdir"/usr/lib/*.la || return 1
}
md5sums="2d0588e20dc1308b29b2fca68dad9a9c pixman-0.30.2.tar.bz2"
sha256sums="4fbb51788fe7cbd8abb5f80aed95ec878704e57a06328f7bebe0306e3822c96c pixman-0.30.2.tar.bz2"
sha512sums="3b883b230c506648433af97782756dcfa19949be4ce6e364fd053fca0fada124b02ac5e20b1d2e0c10e36ced484358dbbfa4e249fb0c41fcb29d60d08527ae89 pixman-0.30.2.tar.bz2"
md5sums="2d0588e20dc1308b29b2fca68dad9a9c pixman-0.30.2.tar.bz2
82edeb32720530056a9fe0cae251f063 CVE-2013-6425.patch"
sha256sums="4fbb51788fe7cbd8abb5f80aed95ec878704e57a06328f7bebe0306e3822c96c pixman-0.30.2.tar.bz2
7006e1e96bc74286c638bdf3d9507e04f79d8445dcc9801fa4fd61a344e0e642 CVE-2013-6425.patch"
sha512sums="3b883b230c506648433af97782756dcfa19949be4ce6e364fd053fca0fada124b02ac5e20b1d2e0c10e36ced484358dbbfa4e249fb0c41fcb29d60d08527ae89 pixman-0.30.2.tar.bz2
70399b78d750a50731aa1f206f324ff9a930e78f3d7d491a9c1682b558393460f77284075f79d10034c36f4f4dcd214c1e9d286eb91948ff8201e16796e51ebd CVE-2013-6425.patch"
From 5e14da97f16e421d084a9e735be21b1025150f0c Mon Sep 17 00:00:00 2001
From: Ritesh Khadgaray <khadgaray@gmail.com>
Date: Wed, 23 Oct 2013 21:29:07 +0000
Subject: pixman_trapezoid_valid(): Fix underflow when bottom is close to MIN_INT
If t->bottom is close to MIN_INT (probably invalid value), subtracting
top can lead to underflow which causes crashes. Attached patch will
fix the issue.
This fixes bug 67484.
---
diff --git a/pixman/pixman.h b/pixman/pixman.h
index 7ff9fb5..509ba5e 100644
--- a/pixman/pixman.h
+++ b/pixman/pixman.h
@@ -1030,7 +1030,7 @@ struct pixman_triangle
#define pixman_trapezoid_valid(t) \
((t)->left.p1.y != (t)->left.p2.y && \
(t)->right.p1.y != (t)->right.p2.y && \
- (int) ((t)->bottom - (t)->top) > 0)
+ ((t)->bottom > (t)->top))
struct pixman_span_fix
{
--
cgit v0.9.0.2-2-gbebe
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment