diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-11-21 16:12:21 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-11-21 16:12:48 +0100 |
commit | 048a4cd441a59cbf89defb18bb45c9f0b4429b35 (patch) | |
tree | f8f5850ff05521ab82d65745894714a8796cbfb6 /pkgs/tools/graphics/zbar | |
parent | 030c5028b07afcedce7c5956015c629486cc79d9 (diff) | |
parent | 4c2d05dd6435d449a3651a6dd314d9411b5f8146 (diff) | |
download | nixpkgs-rootfs.tar nixpkgs-rootfs.tar.gz nixpkgs-rootfs.tar.bz2 nixpkgs-rootfs.tar.lz nixpkgs-rootfs.tar.xz nixpkgs-rootfs.tar.zst nixpkgs-rootfs.zip |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Diffstat (limited to 'pkgs/tools/graphics/zbar')
-rw-r--r-- | pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch | 17 | ||||
-rw-r--r-- | pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch | 26 | ||||
-rw-r--r-- | pkgs/tools/graphics/zbar/default.nix | 6 |
3 files changed, 49 insertions, 0 deletions
diff --git a/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch new file mode 100644 index 00000000000..7b7ca5a0bef --- /dev/null +++ b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch @@ -0,0 +1,17 @@ +Simple bounds checks for CVE-2023-40889, based on third-party +fix by Remi Meier @ +https://github.com/Raemi/zbar/commit/5e8acc6974f17e56c3ddaa5509870beb8d7a599c + +--- a/zbar/qrcode/qrdec.c ++++ b/zbar/qrcode/qrdec.c +@@ -3900,8 +3900,8 @@ void qr_reader_match_centers(qr_reader *_reader,qr_code_data_list *_qrlist, + /*TODO: We might be able to accelerate this step significantly by + considering the remaining finder centers in a more intelligent order, + based on the first finder center we just chose.*/ +- for(j=i+1;!mark[i]&&j<_ncenters;j++){ +- for(k=j+1;!mark[j]&&k<_ncenters;k++)if(!mark[k]){ ++ for(j=i+1; i < _ncenters && !mark[i]&&j<_ncenters;j++){ ++ for(k=j+1; j < _ncenters && !mark[j]&&k<_ncenters;k++)if(!mark[k]){ + qr_finder_center *c[3]; + qr_code_data qrdata; + int version; diff --git a/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch new file mode 100644 index 00000000000..3576df214ae --- /dev/null +++ b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch @@ -0,0 +1,26 @@ +Simple bounds checks for CVE-2023-40890 + +--- a/zbar/decoder/databar.c ++++ b/zbar/decoder/databar.c +@@ -23,6 +23,8 @@ + + #include <config.h> + #include <zbar.h> ++#include <stdlib.h> ++#include <stdio.h> + + #ifdef DEBUG_DATABAR + # define DEBUG_LEVEL (DEBUG_DATABAR) +@@ -691,6 +693,12 @@ lookup_sequence (databar_segment_t *seg, + fixed = -1; + s <<= 1; + dbprintf(2, "%x", s); ++ ++ if (i > 20) { ++ fprintf(stderr, "Bug: Out-of-bounds condition detected\n"); ++ exit(99); ++ } ++ + seq[i++] = s++; + seq[i++] = s; + } diff --git a/pkgs/tools/graphics/zbar/default.nix b/pkgs/tools/graphics/zbar/default.nix index f9b84d2656a..5a1d7e94fdf 100644 --- a/pkgs/tools/graphics/zbar/default.nix +++ b/pkgs/tools/graphics/zbar/default.nix @@ -1,6 +1,7 @@ { stdenv , lib , fetchFromGitHub +, fetchpatch , imagemagickBig , pkg-config , withXorg ? true @@ -42,6 +43,11 @@ stdenv.mkDerivation rec { sha256 = "sha256-VhVrngAX7pXZp+szqv95R6RGAJojp3svdbaRKigGb0w="; }; + patches = [ + ./0.23.92-CVE-2023-40889.patch + ./0.23.92-CVE-2023-40890.patch + ]; + nativeBuildInputs = [ pkg-config xmlto |