diff options
| author | Michael Raskin <7c6f434c@mail.ru> | 2017-03-25 21:03:46 +0100 |
|---|---|---|
| committer | Michael Raskin <7c6f434c@mail.ru> | 2017-03-25 21:04:08 +0100 |
| commit | 7b706900e7dd3ec55eb46a366f0bc47858fb7633 (patch) | |
| tree | 6ada5f91096df4d04186edac0b9b96b0f5c165d9 /pkgs/applications/graphics/graphicsmagick | |
| parent | b00cfd49d50d46c6e8ae5257cbd98c11ba543df3 (diff) | |
| download | nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.tar nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.tar.gz nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.tar.bz2 nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.tar.lz nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.tar.xz nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.tar.zst nixpkgs-7b706900e7dd3ec55eb46a366f0bc47858fb7633.zip | |
graphicsmagick: patch for CVE-2017-6335
Diffstat (limited to 'pkgs/applications/graphics/graphicsmagick')
| -rw-r--r-- | pkgs/applications/graphics/graphicsmagick/cmyka-bounds.patch | 36 | ||||
| -rw-r--r-- | pkgs/applications/graphics/graphicsmagick/default.nix | 1 |
2 files changed, 37 insertions, 0 deletions
diff --git a/pkgs/applications/graphics/graphicsmagick/cmyka-bounds.patch b/pkgs/applications/graphics/graphicsmagick/cmyka-bounds.patch new file mode 100644 index 00000000000..dd375143277 --- /dev/null +++ b/pkgs/applications/graphics/graphicsmagick/cmyka-bounds.patch @@ -0,0 +1,36 @@ +# HG changeset patch +# User Bob Friesenhahn <bfriesen@GraphicsMagick.org> +# Date 1487905610 21600 +# Node ID 6156b4c2992d855ece6079653b3b93c3229fc4b8 +# Parent 0392c4305a4369984ec8069055acc470c0a73647 +Fix out of bounds access when reading CMYKA tiff which claims wrong samples/pixel. + +diff -r 0392c4305a43 -r 6156b4c2992d coders/tiff.c +--- a/coders/tiff.c Sun Jan 29 10:04:57 2017 -0600 ++++ b/coders/tiff.c Thu Feb 23 21:06:50 2017 -0600 +@@ -1230,8 +1230,8 @@ + case 0: + if (samples_per_pixel == 1) + *quantum_type=GrayQuantum; +- else +- *quantum_type=RedQuantum; ++ else ++ *quantum_type=RedQuantum; + break; + case 1: + *quantum_type=GreenQuantum; +@@ -1411,12 +1411,12 @@ + } + else + { +- if (image->matte) ++ if (image->matte && samples_per_pixel >= 5) + { + *quantum_type=CMYKAQuantum; + *quantum_samples=5; + } +- else ++ else if (samples_per_pixel >= 4) + { + *quantum_type=CMYKQuantum; + *quantum_samples=4; diff --git a/pkgs/applications/graphics/graphicsmagick/default.nix b/pkgs/applications/graphics/graphicsmagick/default.nix index f655979c2cc..0858dfba8b4 100644 --- a/pkgs/applications/graphics/graphicsmagick/default.nix +++ b/pkgs/applications/graphics/graphicsmagick/default.nix @@ -42,6 +42,7 @@ stdenv.mkDerivation { url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-7/debian/patches/CVE-2016-9830.patch"; sha256 = "0qh15sd7nx7vf9sld4453iml951bwsx2fx84hxc7plhds2k3gjpa"; }) + ./cmyka-bounds.patch ]; configureFlags = [ |