aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrancesco Colista <fcolista@alpinelinux.org>2019-10-21 20:28:57 +0000
committerFrancesco Colista <fcolista@alpinelinux.org>2019-10-21 20:32:42 +0000
commitaf11b3462640407a4ca596eeb57fac936976f865 (patch)
tree11fdf2d033b6d5ea9e9b9ab1e0903239c729e5f3
parent5f0866d5588703e6adfe826e6249ccb4facd8028 (diff)
downloadaports-af11b3462640407a4ca596eeb57fac936976f865.tar.gz
aports-af11b3462640407a4ca596eeb57fac936976f865.tar.bz2
aports-af11b3462640407a4ca596eeb57fac936976f865.tar.xz
main/sdl2_image: security fix for CVE-2019-13616.
Fixes #10879
-rw-r--r--main/sdl2_image/CVE-2019-13616.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/main/sdl2_image/CVE-2019-13616.patch b/main/sdl2_image/CVE-2019-13616.patch
new file mode 100644
index 0000000000..cb0fe87a38
--- /dev/null
+++ b/main/sdl2_image/CVE-2019-13616.patch
@@ -0,0 +1,24 @@
+
+# HG changeset patch
+# User Sam Lantinga <slouken@libsdl.org>
+# Date 1564509612 25200
+# Node ID ba45f00879ba0b957780e1fd28304c41503c1737
+# Parent f1baffa48926c4c76f482f21a240667e9159d1d5
+Fixed bug 4538 - validate image size when loading BMP files
+
+diff -r f1baffa48926 -r ba45f00879ba IMG_bmp.c
+--- a/IMG_bmp.c Tue Jul 30 10:16:02 2019 -0700
++++ b/IMG_bmp.c Tue Jul 30 11:00:12 2019 -0700
+@@ -351,6 +351,11 @@
+ SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
+ }
+ }
++ if (biWidth <= 0 || biHeight == 0) {
++ IMG_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
++ was_error = SDL_TRUE;
++ goto done;
++ }
+ if (biHeight < 0) {
+ topDown = SDL_TRUE;
+ biHeight = -biHeight;
+