wok-current annotate gdk-pixbuf/stuff/CVE-2022-48622.patch @ rev 25786

Bump gvfs to fix issue with open files on android device, patch udev to fix mtp issue on pcmanfm
author Stanislas Leduc <shann@slitaz.org>
date Tue Jul 29 18:05:13 2025 +0000 (2 months ago)
parents
children
rev   line source
shann@25708 1 diff --git a/gdk-pixbuf/io-ani.c b/gdk-pixbuf/io-ani.c
shann@25708 2 index c6c4642cf4490aaaa7ef78a2f20a6ec2ad169a61..cfafd7b1961b5cfad08475dc3cb5f5916277f33b 100644
shann@25708 3 --- a/gdk-pixbuf/io-ani.c
shann@25708 4 +++ b/gdk-pixbuf/io-ani.c
shann@25708 5 @@ -295,6 +295,23 @@ ani_load_chunk (AniLoaderContext *context, GError **error)
shann@25708 6
shann@25708 7 if (context->chunk_id == TAG_anih)
shann@25708 8 {
shann@25708 9 + if (context->chunk_size < 36)
shann@25708 10 + {
shann@25708 11 + g_set_error_literal (error,
shann@25708 12 + GDK_PIXBUF_ERROR,
shann@25708 13 + GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
shann@25708 14 + _("Malformed chunk in animation"));
shann@25708 15 + return FALSE;
shann@25708 16 + }
shann@25708 17 + if (context->animation)
shann@25708 18 + {
shann@25708 19 + g_set_error_literal (error,
shann@25708 20 + GDK_PIXBUF_ERROR,
shann@25708 21 + GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
shann@25708 22 + _("Invalid header in animation"));
shann@25708 23 + return FALSE;
shann@25708 24 + }
shann@25708 25 +
shann@25708 26 context->HeaderSize = read_int32 (context);
shann@25708 27 context->NumFrames = read_int32 (context);
shann@25708 28 context->NumSteps = read_int32 (context);
shann@25708 29 @@ -436,7 +453,7 @@ ani_load_chunk (AniLoaderContext *context, GError **error)
shann@25708 30 }
shann@25708 31 else if (context->chunk_id == TAG_INAM)
shann@25708 32 {
shann@25708 33 - if (!context->animation)
shann@25708 34 + if (!context->animation || context->title)
shann@25708 35 {
shann@25708 36 g_set_error_literal (error,
shann@25708 37 GDK_PIXBUF_ERROR,
shann@25708 38 @@ -463,7 +480,7 @@ ani_load_chunk (AniLoaderContext *context, GError **error)
shann@25708 39 }
shann@25708 40 else if (context->chunk_id == TAG_IART)
shann@25708 41 {
shann@25708 42 - if (!context->animation)
shann@25708 43 + if (!context->animation || context->author)
shann@25708 44 {
shann@25708 45 g_set_error_literal (error,
shann@25708 46 GDK_PIXBUF_ERROR,
shann@25708 47 diff --git a/tests/test-images/fail/CVE-2022-48622.ani b/tests/test-images/fail/CVE-2022-48622.ani
shann@25708 48 new file mode 100644
shann@25708 49 index 0000000000000000000000000000000000000000..276b5b989f1e9ec9185e49eb45f710ee38278eb2
shann@25708 50 Binary files /dev/null and b/tests/test-images/fail/CVE-2022-48622.ani differ