packages/gd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!27 [sync] PR-25: fix CVE-2021-40145

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
This commit is contained in:
openeuler-ci-bot 2022-04-11 02:35:40 +00:00 committed by Gitee
commit 060ea20931
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 82 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
backport-CVE-2021-40145.patch Normal file
View File

@ -0,0 +1,77 @@
From e95059590fadaabd9aadc0c0489804d75a3c5d52 Mon Sep 17 00:00:00 2001
From: maryam ebrahimzadeh <maryam.ebr@student.sharif.edu>
Date: Mon, 19 Jul 2021 18:52:50 +0430
Subject: [PATCH 1/3] gdImageGd2Ptr memory leak
Conflict:NA
Reference:https://github.com/libgd/libgd/commit/c5fd25ce0e48fd5618a972ca9f5e28d6d62006af
---
src/gd_gd2.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index 760e85b..0b7e624 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -910,9 +910,11 @@ _gd2PutHeader (gdImagePtr im, gdIOCtx * out, int cs, int fmt, int cx, int cy)
}
-static void
+/* returns 0 on success, 1 on failure */
+static int
_gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
{
+ int ret = 0;
int ncx, ncy, cx, cy;
int x, y, ylo, yhi, xlo, xhi;
int chunkLen;
@@ -974,10 +976,12 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
/* */
chunkData = gdCalloc (cs * bytesPerPixel * cs, 1);
if (!chunkData) {
+ ret = 1;
goto fail;
}
compData = gdCalloc (compMax, 1);
if (!compData) {
+ ret = 1;
goto fail;
}
@@ -992,6 +996,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
chunkIdx = gdCalloc (idxSize * sizeof (t_chunk_info), 1);
if (!chunkIdx) {
+ ret = 1;
goto fail;
}
};
@@ -1106,6 +1111,8 @@ fail:
gdFree (chunkIdx);
}
GD2_DBG (printf ("Done\n"));
+
+ return ret;
}
@@ -1128,8 +1135,13 @@ BGD_DECLARE(void *) gdImageGd2Ptr (gdImagePtr im, int cs, int fmt, int *size)
void *rv;
gdIOCtx *out = gdNewDynamicCtx (2048, NULL);
if (out == NULL) return NULL;
- _gdImageGd2 (im, out, cs, fmt);
- rv = gdDPExtractData (out, size);
+
+ if (_gdImageGd2(im, out, cs, fmt)) {
+ rv = NULL;
+ } else {
+ rv = gdDPExtractData(out, size);
+ }
+
out->gd_free (out);
return rv;
}
--
2.27.0

6
gd.spec
View File

@ -1,6 +1,6 @@
Name: gd
Version: 2.3.2
Release: 1
Release: 2
Summary: A graphics library for quick creation of PNG or JPEG images
License: MIT
URL: http://libgd.github.io/
@ -11,6 +11,7 @@ Source1: https://raw.githubusercontent.com/libgd/libgd/gd-%{version}/conf
Patch6000: backport-CVE-2021-38115.patch
Patch6001: backport-CVE-2021-40812.patch
Patch6002: backport-CVE-2021-40145.patch
BuildRequires: freetype-devel fontconfig-devel gettext-devel libjpeg-devel libpng-devel libtiff-devel libwebp-devel
BuildRequires: libX11-devel libXpm-devel zlib-devel pkgconfig libtool perl-interpreter perl-generators liberation-sans-fonts
@ -110,6 +111,9 @@ grep %{version} $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gdlib.pc
%exclude %{_libdir}/libgd.a
%changelog
* Fri Apr 08 2022 dongyuzhen <dongyuzhen@h-partners.com> - 2.3.2-2
- fix CVE-2021-40145
* Sat Nov 20 2021 hanhui<hanhui15@huawei.com> - 2.3.2-1
- DESC:update to 2.3.2