guix-bioinformatics
/
guix
mirror of http://git.savannah.gnu.org/git/guix.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

gnu: libxvmc: Fix CVE-2016-7953. 

* gnu/packages/patches/libxvmc-CVE-2016-7953.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xorg.scm (libxvmc)[replacement]: New field.
(libxvmc/fixed): New variable.
wip-deploy
Leo Famulari 6 years ago
parent
e73631a906
commit
813062a5f7
No known key found for this signature in database GPG Key ID: 2646FA30BACA7F08
3 changed files with 51 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      gnu/local.mk
  2. 42
      gnu/packages/patches/libxvmc-CVE-2016-7953.patch
  3. 8
      gnu/packages/xorg.scm

1
gnu/local.mk
View File

@ -678,6 +678,7 @@ dist_patch_DATA = \
%D%/packages/patches/libxrender-CVE-2016-7950.patch \
%D%/packages/patches/libxtst-CVE-2016-7951-CVE-2016-7952.patch \
%D%/packages/patches/libxv-CVE-2016-5407.patch \
%D%/packages/patches/libxvmc-CVE-2016-7953.patch \
%D%/packages/patches/libxslt-generated-ids.patch \
%D%/packages/patches/lirc-localstatedir.patch \
%D%/packages/patches/llvm-for-extempore.patch \

42
gnu/packages/patches/libxvmc-CVE-2016-7953.patch
View File

@ -0,0 +1,42 @@
Fix CVE-2016-7953:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953
Patch copied from upstream source repository:
https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
From 2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sun, 25 Sep 2016 22:34:27 +0200
Subject: [PATCH] Avoid buffer underflow on empty strings.
If an empty string is received from an x-server, do not underrun the
buffer by accessing "rep.nameLen - 1" unconditionally, which could end
up being -1.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
---
src/XvMC.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/XvMC.c b/src/XvMC.c
index 7336760..3ee4212 100644
--- a/src/XvMC.c
+++ b/src/XvMC.c
@@ -576,9 +576,9 @@ Status XvMCGetDRInfo(Display *dpy, XvPortID port,
if (*name && *busID && tmpBuf) {
_XRead(dpy, tmpBuf, realSize);
strncpy(*name,tmpBuf,rep.nameLen);
- (*name)[rep.nameLen - 1] = '\0';
+ (*name)[rep.nameLen == 0 ? 0 : rep.nameLen - 1] = '\0';
strncpy(*busID,tmpBuf+rep.nameLen,rep.busIDLen);
- (*busID)[rep.busIDLen - 1] = '\0';
+ (*busID)[rep.busIDLen == 0 ? 0 : rep.busIDLen - 1] = '\0';
XFree(tmpBuf);
} else {
XFree(*name);
--
2.10.1

8
gnu/packages/xorg.scm
View File

@ -4998,6 +4998,7 @@ new API's in libXft, or the legacy API's in libX11.")
(define-public libxvmc
(package
(name "libxvmc")
(replacement libxvmc/fixed)
(version "1.0.9")
(source
(origin
@ -5023,6 +5024,13 @@ new API's in libXft, or the legacy API's in libX11.")
(description "Xorg XvMC library.")
(license license:x11)))
(define libxvmc/fixed
(package
(inherit libxvmc)
(source (origin
(inherit (package-source libxvmc))
(patches (search-patches
"libxvmc-CVE-2016-7953.patch"))))))
(define-public libxxf86vm
(package

Write Preview
Loading…
Cancel
Save