HCoop / jackhill / guix / guix.git / blame
| Commit | Line | Data |
|---|---|---|
| 2a18b572 TGR |
1 | From: Tobias Geerinckx-Rice <me@tobias.gr> |
| 2 | Date: Thu, 28 Feb 2019 20:29:00 +0100 | |
| 3 | Subject: [PATCH] netpbm: Fix CVE-2017-2587. | |
| 4 | ||
| 5 | Copied verbatim from Debian[0]. | |
| 6 | ||
| 7 | [0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2587.patch | |
| 8 | ||
| 9 | --- | |
| 10 | diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c | |
| 11 | --- old/converter/other/svgtopam.c 2017-02-08 12:11:02.593690917 +0100 | |
| 12 | +++ new/converter/other/svgtopam.c 2017-02-08 13:49:38.319029371 +0100 | |
| 13 | @@ -771,12 +771,17 @@ createCanvas(unsigned int const width, | |
| 14 | ||
| 15 | MALLOCVAR_NOFAIL(canvasP); | |
| 16 | ||
| 17 | - canvasP->width = width; | |
| 18 | - canvasP->height = height; | |
| 19 | - canvasP->pixels = ppm_allocarray(width, height); | |
| 20 | - canvasP->maxval = maxval; | |
| 21 | + if(canvasP != NULL){ | |
| 22 | + canvasP->width = width; | |
| 23 | + canvasP->height = height; | |
| 24 | + canvasP->pixels = ppm_allocarray(width, height); | |
| 25 | + canvasP->maxval = maxval; | |
| 26 | + | |
| 27 | + *canvasPP = canvasP; | |
| 28 | + } else { | |
| 29 | + pm_error("can't allocate memory for canvas"); | |
| 30 | + } | |
| 31 | ||
| 32 | - *canvasPP = canvasP; | |
| 33 | } | |
| 34 | ||
| 35 |