deal with CVE-2009-2369 -- neither the advisory nor anything it links to give useful information, just spotted an obvious case where data passed from subclasses are used for malloc() unchecked, so added a check. I can't claim that the CVE report is fixed because it is not clear what it is about, but it seems that this fixes an issue. bump PKGREVISIONdiff -r1.4 -r1.5 pkgsrc/x11/wxGTK28/Makefile
(drochner)
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | # $NetBSD: Makefile,v 1.4 2009/08/01 14:03:19 drochner Exp $ | 1 | # $NetBSD: Makefile,v 1.5 2009/08/05 20:58:56 drochner Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | .include "../../x11/wxGTK28/Makefile.common" | 4 | .include "../../x11/wxGTK28/Makefile.common" | |
5 | 5 | |||
6 | PKGREVISION= 1 | 6 | PKGREVISION= 2 | |
7 | 7 | |||
8 | PKGNAME= ${DISTNAME:S/wxGTK/wxGTK28/} | 8 | PKGNAME= ${DISTNAME:S/wxGTK/wxGTK28/} | |
9 | COMMENT= GTK-based implementation of the wxWidgets GUI library | 9 | COMMENT= GTK-based implementation of the wxWidgets GUI library | |
10 | 10 | |||
11 | BUILD_TARGET= all | 11 | BUILD_TARGET= all | |
12 | INSTALL_TARGET= install | 12 | INSTALL_TARGET= install | |
13 | 13 | |||
14 | INSTALLATION_DIRS= ${DOCDIR} | 14 | INSTALLATION_DIRS= ${DOCDIR} | |
15 | 15 | |||
16 | post-build: | 16 | post-build: | |
17 | set -e; cd ${WRKSRC}/locale; \ | 17 | set -e; cd ${WRKSRC}/locale; \ | |
18 | for lang in `echo *.po` ; do \ | 18 | for lang in `echo *.po` ; do \ | |
19 | [ $${lang} = "wxstd.po" ] && continue; \ | 19 | [ $${lang} = "wxstd.po" ] && continue; \ |
@@ -1,13 +1,14 @@ | @@ -1,13 +1,14 @@ | |||
1 | $NetBSD: distinfo,v 1.5 2009/08/01 14:03:19 drochner Exp $ | 1 | $NetBSD: distinfo,v 1.6 2009/08/05 20:58:56 drochner Exp $ | |
2 | 2 | |||
3 | SHA1 (wxGTK-2.8.10-libtool.diff.bz2) = 62ff30c26efdd73252bed2d07b82a9b9d3ef890f | 3 | SHA1 (wxGTK-2.8.10-libtool.diff.bz2) = 62ff30c26efdd73252bed2d07b82a9b9d3ef890f | |
4 | RMD160 (wxGTK-2.8.10-libtool.diff.bz2) = 64e1c32caa4bd6a0503bce4764e3ddc1cba68f8a | 4 | RMD160 (wxGTK-2.8.10-libtool.diff.bz2) = 64e1c32caa4bd6a0503bce4764e3ddc1cba68f8a | |
5 | Size (wxGTK-2.8.10-libtool.diff.bz2) = 154573 bytes | 5 | Size (wxGTK-2.8.10-libtool.diff.bz2) = 154573 bytes | |
6 | SHA1 (wxGTK-2.8.10.tar.bz2) = 1e4bee16a423efeef665ed70e82b6e7dc5468cf4 | 6 | SHA1 (wxGTK-2.8.10.tar.bz2) = 1e4bee16a423efeef665ed70e82b6e7dc5468cf4 | |
7 | RMD160 (wxGTK-2.8.10.tar.bz2) = b007de9b19ef4830d9f484c0d12595a14e66d432 | 7 | RMD160 (wxGTK-2.8.10.tar.bz2) = b007de9b19ef4830d9f484c0d12595a14e66d432 | |
8 | Size (wxGTK-2.8.10.tar.bz2) = 9365627 bytes | 8 | Size (wxGTK-2.8.10.tar.bz2) = 9365627 bytes | |
9 | SHA1 (patch-aa) = 1a30c79f07ea8ea5dff02fad9b5e1ba8dadde01a | 9 | SHA1 (patch-aa) = 1a30c79f07ea8ea5dff02fad9b5e1ba8dadde01a | |
10 | SHA1 (patch-ab) = 82960daef0616824718f3c04929871aeb0e258a2 | 10 | SHA1 (patch-ab) = 82960daef0616824718f3c04929871aeb0e258a2 | |
11 | SHA1 (patch-ac) = 50cf253797f2dee8b9dab08d138d0070e25e7a8c | 11 | SHA1 (patch-ac) = 50cf253797f2dee8b9dab08d138d0070e25e7a8c | |
12 | SHA1 (patch-ba) = e47f8613835ce309daff09ae3265d44f37493579 | 12 | SHA1 (patch-ba) = e47f8613835ce309daff09ae3265d44f37493579 | |
13 | SHA1 (patch-bb) = 52df734a1df364dc5599a2b9252a15b87cae13b1 | 13 | SHA1 (patch-bb) = 52df734a1df364dc5599a2b9252a15b87cae13b1 | |
14 | SHA1 (patch-ca) = 4df0c2629c61fbf83a121eb16e490e9c2abb5ad8 |
$NetBSD: patch-ca,v 1.1 2009/08/05 20:58:56 drochner Exp $
--- src/common/image.cpp.orig 2009-03-06 13:17:40.000000000 +0100
+++ src/common/image.cpp
@@ -186,6 +186,10 @@ bool wxImage::Create( int width, int hei
m_refData = new wxImageRefData();
+ if (width <= 0 || height <= 0 || width > INT_MAX / 3 / height) {
+ UnRef();
+ return false;
+ }
M_IMGDATA->m_data = (unsigned char *) malloc( width*height*3 );
if (!M_IMGDATA->m_data)
{