diff options
author | Robert Scott <code@humanleg.org.uk> | 2019-05-23 01:12:23 +0100 |
---|---|---|
committer | Vladimír Čunát <v@cunat.cz> | 2019-05-23 10:06:11 +0200 |
commit | 9c4d318f06c5728980f1c7f781cf4703ef8c476d (patch) | |
tree | 1f3da41a9990532c852bbf809e2411637332e5a2 /pkgs/development/libraries/libheif | |
parent | 3a28c99923f9edfe750c866887cb0b4105e6d707 (diff) | |
download | nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.tar nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.tar.gz nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.tar.bz2 nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.tar.lz nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.tar.xz nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.tar.zst nixpkgs-9c4d318f06c5728980f1c7f781cf4703ef8c476d.zip |
libheif: add patch for CVE-2019-11471 (PR #61919)
Diffstat (limited to 'pkgs/development/libraries/libheif')
-rw-r--r-- | pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch | 15 | ||||
-rw-r--r-- | pkgs/development/libraries/libheif/default.nix | 2 |
2 files changed, 17 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch b/pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch new file mode 100644 index 00000000000..2ea1b124ce7 --- /dev/null +++ b/pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch @@ -0,0 +1,15 @@ +Adapted from upstream commit 995a4283d8ed2d0d2c1ceb1a577b993df2f0e014 +--- a/libheif/heif_context.cc ++++ b/libheif/heif_context.cc +@@ -571,6 +571,11 @@ + image->set_is_alpha_channel_of(refs[0]); + + auto master_iter = m_all_images.find(refs[0]); ++ if (master_iter == m_all_images.end()) { ++ return Error(heif_error_Invalid_input, ++ heif_suberror_Nonexisting_item_referenced, ++ "Non-existing alpha image referenced"); ++ } + master_iter->second->set_alpha_channel(image); + } + diff --git a/pkgs/development/libraries/libheif/default.nix b/pkgs/development/libraries/libheif/default.nix index 581a579cbe2..3182345bfd4 100644 --- a/pkgs/development/libraries/libheif/default.nix +++ b/pkgs/development/libraries/libheif/default.nix @@ -11,6 +11,8 @@ stdenv.mkDerivation rec { sha256 = "0vbjknkb2ccmw3xh2j8ljz5sj9i8wv92iw7zghcc5wn64sk1xkk2"; }; + patches = [ ./1.4.0-CVE-2019-11471.patch ]; + nativeBuildInputs = [ autoreconfHook pkgconfig ]; buildInputs = [ libde265 x265 libpng libjpeg ]; |