ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-11-08 16:06:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix/gnu/packages/patches/libcaca-CVE-2021-3410-pt2.patch

97 lines
3.4 KiB
Diff
Raw Normal View History

gnu: libcaca: Patch for CVE-2021-3410. * gnu/packages/video.scm (libcaca)[source]: Add patches. * gnu/packages/patches/libcaca-CVE-2021-3410-pt1.patch, gnu/packages/patches/libcaca-CVE-2021-3410-pt2.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
2021-03-08 08:48:08 -05:00
https://github.com/cacalabs/libcaca/commit/e4968ba6e93e9fd35429eb16895c785c51072015.patch
Patch adjusted to remove the lines modifying caca/t/canvas.cpp. This file does not exist in the current release.
From e4968ba6e93e9fd35429eb16895c785c51072015 Mon Sep 17 00:00:00 2001
From: Sam Hocevar <sam@hocevar.net>
Date: Fri, 26 Feb 2021 12:40:06 +0100
Subject: [PATCH] Fix a problem in the caca_resize() overflow detection and add
several unit tests.
---
caca/canvas.c | 16 ++++++++--------
caca/t/canvas.cpp | 18 +++++++++++++++---
tools/makefont.c | 22 +++++++++++++++++++---
3 files changed, 42 insertions(+), 14 deletions(-)
diff --git a/caca/canvas.c b/caca/canvas.c
index d0715392..08c628c9 100644
--- a/caca/canvas.c
+++ b/caca/canvas.c
@@ -367,6 +367,14 @@ int caca_resize(caca_canvas_t *cv, int width, int height)
{
int x, y, f, old_width, old_height, old_size;
+ /* Check for overflow */
+ int new_size = width * height;
+ if (new_size < 0 || (width > 0 && new_size / width != height))
+ {
+ seterrno(EOVERFLOW);
+ return -1;
+ }
+
old_width = cv->width;
old_height = cv->height;
old_size = old_width * old_height;
@@ -377,14 +385,6 @@ int caca_resize(caca_canvas_t *cv, int width, int height)
* dirty rectangle handling */
cv->width = width;
cv->height = height;
- int new_size = width * height;
-
- /* Check for overflow */
- if (new_size / width != height)
- {
- seterrno(EOVERFLOW);
- return -1;
- }
/* If width or height is smaller (or both), we have the opportunity to
* reduce or even remove dirty rectangles */
diff --git a/tools/makefont.c b/tools/makefont.c
index 226c8838..66718605 100644
--- a/tools/makefont.c
+++ b/tools/makefont.c
@@ -40,7 +40,8 @@
* and the UTF-8 glyphs necessary for canvas rotation and mirroring. */
static unsigned int const blocklist[] =
{
- 0x0000, 0x0080, /* Basic latin: A, B, C, a, b, c */
+ 0x0020, 0x0080, /* Basic latin: A, B, C, a, b, c */
+#if 0
0x0080, 0x0100, /* Latin-1 Supplement: Ä, Ç, å, ß */
0x0100, 0x0180, /* Latin Extended-A: Ā č Ō œ */
0x0180, 0x0250, /* Latin Extended-B: Ǝ Ƹ */
@@ -63,6 +64,7 @@ static unsigned int const blocklist[] =
0x30a0, 0x3100, /* Katakana: ロ ル */
0xff00, 0xfff0, /* Halfwidth and Fullwidth Forms: , , , , , */
0x10400, 0x10450, /* Deseret: 𐐒 𐐋 */
+#endif
0, 0
};
@@ -317,8 +319,22 @@ int main(int argc, char *argv[])
printf_unicode(&gtab[n]);
if(gtab[n].same_as == n)
- printf_hex(" */ %s\n",
- glyph_data + gtab[n].data_offset, gtab[n].data_size);
+ {
+ char const *lut = " .:nmW@";
+ printf("\n");
+ for (int y = 0; y < height; ++y)
+ {
+ for (int x = 0; x < gtab[n].data_width; ++x)
+ {
+ int val = glyph_data[gtab[n].data_offset + y * gtab[n].data_width + x];
+ char ch = lut[val * val * 7 / 256 / 256];
+ printf("%c%c", ch, ch);
+ }
+ printf("\n");
+ }
+ //printf_hex(" */ %s\n",
+ // glyph_data + gtab[n].data_offset, gtab[n].data_size);
+ }
else
{
printf(" is ");
Reference in a new issue Copy permalink