packages/SDL2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2021-33657

Browse Source 
(cherry picked from commit d8f524d4a650dff8b9ea6cc084973d39795d99cc)
This commit is contained in:
xinyingchao 2022-03-15 17:33:22 +08:00 committed by openeuler-sync-bot
parent 836b4c5e60
commit 77058ce592
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
SDL2.spec
View File

@ -1,6 +1,6 @@
Name: SDL2 Name: SDL2
Version: 2.0.12 Version: 2.0.12
Release: 2 Release: 3
Summary: Cross-platform multimedia library Summary: Cross-platform multimedia library
License: zlib and MIT License: zlib and MIT
URL: http://www.libsdl.org/ URL: http://www.libsdl.org/
@ -9,6 +9,7 @@ Source1: SDL_config.h
Patch0000: multilib.patch Patch0000: multilib.patch
Patch0001: SDL2-2.0.9-khrplatform.patch Patch0001: SDL2-2.0.9-khrplatform.patch
Patch0002: Fix-build-against-wayland-1.20.patch Patch0002: Fix-build-against-wayland-1.20.patch
Patch6000: backport-CVE-2021-33657.patch
BuildRequires: alsa-lib-devel audiofile-devel mesa-libGL-devel BuildRequires: alsa-lib-devel audiofile-devel mesa-libGL-devel
BuildRequires: mesa-libGLU-devel mesa-libEGL-devel libglvnd-devel BuildRequires: mesa-libGLU-devel mesa-libEGL-devel libglvnd-devel
@ -90,6 +91,12 @@ rm -vf %{buildroot}%{_libdir}/*.la
%{_libdir}/lib*.a %{_libdir}/lib*.a
%changelog %changelog
* Tue Mar 15 2022 yuanxin <yuanxin24@h-partners.com> - 2.0.12-3
- Type:CVE
- ID:NA
- SUG:NA
- DESC:Fix CVE-2021-33657
* Sat Jan 8 2022 zhouwenpei <zhouwenpei1@huawei.com> - 2.0.12-2 * Sat Jan 8 2022 zhouwenpei <zhouwenpei1@huawei.com> - 2.0.12-2
- Fix build against wayland - Fix build against wayland

33
backport-CVE-2021-33657.patch Normal file
View File

@ -0,0 +1,33 @@
From 8c91cf7dba5193f5ce12d06db1336515851c9ee9 Mon Sep 17 00:00:00 2001
From: Sam Lantinga <slouken@libsdl.org>
Date: Tue, 30 Nov 2021 12:36:46 -0800
Subject: [PATCH] Always create a full 256-entry map in case color values are
out of range
Fixes https://github.com/libsdl-org/SDL/issues/5042
---
src/video/SDL_pixels.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/video/SDL_pixels.c b/src/video/SDL_pixels.c
index ac04533c5d5..9bb02f771d0 100644
--- a/src/video/SDL_pixels.c
+++ b/src/video/SDL_pixels.c
@@ -947,7 +947,7 @@ Map1to1(SDL_Palette * src, SDL_Palette * dst, int *identical)
}
*identical = 0;
}
- map = (Uint8 *) SDL_malloc(src->ncolors);
+ map = (Uint8 *) SDL_calloc(256, sizeof(Uint8));
if (map == NULL) {
SDL_OutOfMemory();
return (NULL);
@@ -971,7 +971,7 @@ Map1toN(SDL_PixelFormat * src, Uint8 Rmod, Uint8 Gmod, Uint8 Bmod, Uint8 Amod,
SDL_Palette *pal = src->palette;
bpp = ((dst->BytesPerPixel == 3) ? 4 : dst->BytesPerPixel);
- map = (Uint8 *) SDL_malloc(pal->ncolors * bpp);
+ map = (Uint8 *) SDL_calloc(256, bpp);
if (map == NULL) {
SDL_OutOfMemory();
return (NULL);