Hi, Attached file is a debdiff for a NMU to fix CVE-2009-1882
Cheers, Giuseppe.
diff -u graphicsmagick-1.3.5/debian/changelog
graphicsmagick-1.3.5/debian/changelog
--- graphicsmagick-1.3.5/debian/changelog
+++ graphicsmagick-1.3.5/debian/changelog
@@ -1,3 +1,11 @@
+graphicsmagick (1.3.5-5.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Fixed integer overflow in XMakeImage function in xwindow.c
+ (Closes: #530946) (CVE-2009-1882)
+
+ -- Giuseppe Iuculano <giuse...@iuculano.it> Thu, 10 Sep 2009 19:08:13 +0200
+
graphicsmagick (1.3.5-5) unstable; urgency=high
* debian/control: Update Conflicts/Replaces of -dev-compat package to
only in patch2:
unchanged:
--- graphicsmagick-1.3.5.orig/magick/xwindow.c
+++ graphicsmagick-1.3.5/magick/xwindow.c
@@ -5378,6 +5378,9 @@
const MagickXResourceInfo *resource_info,MagickXWindowInfo *window,Image
*image,
unsigned int width,unsigned int height)
{
+#define CheckOverflowException(length,width,height) \
+ (((height) != 0) && ((length)/((size_t) height) != ((size_t) width)))
+
int
depth,
format;
@@ -5515,9 +5518,12 @@
&segment_info[1],width,height);
window->shared_memory&=(ximage != (XImage *) NULL);
+ length=(size_t) ximage->bytes_per_line*ximage->height;
+ if (CheckOverflowException(length,ximage->bytes_per_line,ximage->height))
+ window->shared_memory=MagickFalse;
+
if (window->shared_memory)
- segment_info[1].shmid=shmget(IPC_PRIVATE,(size_t)
- (ximage->bytes_per_line*ximage->height),IPC_CREAT | 0777);
+ segment_info[1].shmid=shmget(IPC_PRIVATE, length,IPC_CREAT | 0777);
window->shared_memory&=(segment_info[1].shmid >= 0);
if (window->shared_memory)
signature.asc
Description: OpenPGP digital signature
