forked from jengelh/SDL2
Accepting request 725412 from home:mgorse:branches:games
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading a crafted bmp file (boo#1141844 CVE-2019-13616). potential security exploits (boo#1142031 CVE-2019-13626) OBS-URL: https://build.opensuse.org/request/show/725412 OBS-URL: https://build.opensuse.org/package/show/games/SDL2?expand=0&rev=89
This commit is contained in:
parent
bbd15f9ec1
commit
49aed970ee
15
CVE-2019-13616.patch
Normal file
15
CVE-2019-13616.patch
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
diff -r b810b78d32cc -r e7ba650a643a src/video/SDL_bmp.c
|
||||||
|
--- a/src/video/SDL_bmp.c Thu Jul 25 08:05:13 2019 -0500
|
||||||
|
+++ b/src/video/SDL_bmp.c Tue Jul 30 11:00:00 2019 -0700
|
||||||
|
@@ -226,6 +226,11 @@
|
||||||
|
SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+ if (biWidth <= 0 || biHeight == 0) {
|
||||||
|
+ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
|
||||||
|
+ was_error = SDL_TRUE;
|
||||||
|
+ goto done;
|
||||||
|
+ }
|
||||||
|
if (biHeight < 0) {
|
||||||
|
topDown = SDL_TRUE;
|
||||||
|
biHeight = -biHeight;
|
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Aug 22 16:43:13 UTC 2019 - Michael Gorse <mgorse@suse.com>
|
||||||
|
|
||||||
|
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading
|
||||||
|
a crafted bmp file (boo#1141844 CVE-2019-13616).
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sun Aug 11 04:29:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
Sun Aug 11 04:29:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
||||||
|
|
||||||
@ -44,7 +50,7 @@ Fri Jul 26 07:44:39 UTC 2019 - Luigi Baldoni <aloisio@gmx.com>
|
|||||||
* Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control
|
* Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control
|
||||||
whether SDL will synthesize touch events from mouse events
|
whether SDL will synthesize touch events from mouse events
|
||||||
* Improved handling of malformed WAVE and BMP files, fixing
|
* Improved handling of malformed WAVE and BMP files, fixing
|
||||||
potential security exploits
|
potential security exploits (boo#1142031 CVE-2019-13626)
|
||||||
* Removed the Mir video driver in favor of Wayland
|
* Removed the Mir video driver in favor of Wayland
|
||||||
|
|
||||||
- Refreshed sdl2-symvers.patch
|
- Refreshed sdl2-symvers.patch
|
||||||
|
@ -32,6 +32,7 @@ Source3: %name.keyring
|
|||||||
Source4: baselibs.conf
|
Source4: baselibs.conf
|
||||||
Patch1: sdl2-symvers.patch
|
Patch1: sdl2-symvers.patch
|
||||||
Patch2: SDL2-endian.patch
|
Patch2: SDL2-endian.patch
|
||||||
|
Patch3: CVE-2019-13616.patch
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
BuildRequires: dos2unix
|
BuildRequires: dos2unix
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
|
Loading…
Reference in New Issue
Block a user