diff --git a/cairo-fix-wrong-allocation.patch b/cairo-fix-wrong-allocation.patch new file mode 100644 index 0000000..e507b18 --- /dev/null +++ b/cairo-fix-wrong-allocation.patch @@ -0,0 +1,29 @@ +From: Jeff Mahoney +Subject: cairo: Fix wrong allocation in _cairo_pdf_surface_add_source_surface +References: bnc#758422 + + _cairo_pdf_surface_add_source_surface allocates unique_id with + size unique_id_length but then copies surface_key.unique_id_length into it. + + This causes e.g. evince to crash predictably while trying to print with: + *** buffer overflow detected ***: evince terminated + + We should be using surface_key.unique_id_length instead. + +Signed-off-by: Jeff Mahoney +--- + src/cairo-pdf-surface.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/cairo-pdf-surface.c ++++ b/src/cairo-pdf-surface.c +@@ -1379,7 +1379,7 @@ _cairo_pdf_surface_add_source_surface (c + goto release_source; + + if (surface_key.unique_id && surface_key.unique_id_length > 0) { +- unique_id = malloc (unique_id_length); ++ unique_id = malloc (surface_key.unique_id_length); + if (unique_id == NULL) { + status = _cairo_error (CAIRO_STATUS_NO_MEMORY); + goto release_source; + diff --git a/cairo.changes b/cairo.changes index 8a1bed2..4f72058 100644 --- a/cairo.changes +++ b/cairo.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sat Apr 21 15:34:36 UTC 2012 - jeffm@suse.com + +- Add cairo-fix-wrong-allocation: fix wrong allocation in + _cairo_pdf_surface_add_source_surface (bnc#758422). + ------------------------------------------------------------------- Mon Mar 26 18:57:45 UTC 2012 - zaitor@opensuse.org diff --git a/cairo.spec b/cairo.spec index a4d47e2..89fbef9 100644 --- a/cairo.spec +++ b/cairo.spec @@ -30,6 +30,8 @@ Source: http://cairographics.org/releases/%{name}-%{version}.tar.gz Source99: baselibs.conf # PATCH-FIX-UPSTREAM cairo-modules-no-version.patch dimstar@opensuse.org -- Build modules with -module -avoid-version. Patch0: cairo-modules-no-version.patch +# PATCH-FIX-UPSTREAM cairo-fix-wrong-allocation bnc#758422 fdo#49089 jeffm@suse.com -- Fix wrong allocation in _cairo_pdf_surface_add_source_surface +Patch1: cairo-fix-wrong-allocation.patch # These libraries are needed only for tests. # Do not enable tests in build systems, it causes build loop! #BuildRequires: librsvg-devel poppler-devel @@ -146,6 +148,7 @@ cairo. %prep %setup -q %patch0 -p1 +%patch1 -p1 %build NOCONFIGURE=1 ./autogen.sh