Commit | Line | Data |
---|---|---|
2a18b572 TGR |
1 | From: Tobias Geerinckx-Rice <me@tobias.gr> |
2 | Date: Thu, 28 Feb 2019 20:29:00 +0100 | |
3 | Subject: [PATCH] netpbm: Fix CVE-2017-2587. | |
4 | ||
5 | Copied verbatim from Debian[0]. | |
6 | ||
7 | [0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2587.patch | |
8 | ||
9 | --- | |
10 | diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c | |
11 | --- old/converter/other/svgtopam.c 2017-02-08 12:11:02.593690917 +0100 | |
12 | +++ new/converter/other/svgtopam.c 2017-02-08 13:49:38.319029371 +0100 | |
13 | @@ -771,12 +771,17 @@ createCanvas(unsigned int const width, | |
14 | ||
15 | MALLOCVAR_NOFAIL(canvasP); | |
16 | ||
17 | - canvasP->width = width; | |
18 | - canvasP->height = height; | |
19 | - canvasP->pixels = ppm_allocarray(width, height); | |
20 | - canvasP->maxval = maxval; | |
21 | + if(canvasP != NULL){ | |
22 | + canvasP->width = width; | |
23 | + canvasP->height = height; | |
24 | + canvasP->pixels = ppm_allocarray(width, height); | |
25 | + canvasP->maxval = maxval; | |
26 | + | |
27 | + *canvasPP = canvasP; | |
28 | + } else { | |
29 | + pm_error("can't allocate memory for canvas"); | |
30 | + } | |
31 | ||
32 | - *canvasPP = canvasP; | |
33 | } | |
34 | ||
35 |