diff options
Diffstat (limited to 'media-gfx/eom/files/eom-cve-2013-7447.patch')
-rw-r--r-- | media-gfx/eom/files/eom-cve-2013-7447.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/media-gfx/eom/files/eom-cve-2013-7447.patch b/media-gfx/eom/files/eom-cve-2013-7447.patch new file mode 100644 index 0000000..410b433 --- /dev/null +++ b/media-gfx/eom/files/eom-cve-2013-7447.patch @@ -0,0 +1,28 @@ +From b7849cc5b6e7fd741ef04e334f586266a444ef8a Mon Sep 17 00:00:00 2001 +From: monsta <monsta@inbox.ru> +Date: Wed, 10 Feb 2016 14:52:54 +0300 +Subject: [PATCH] avoid integer overflow when allocating a large block of + memory + +it's the same issue as in gdk_cairo_set_source_pixbuf since the code +is apparently copied from there. + +fix is taken from +https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6 +--- + src/eom-print-preview.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/eom-print-preview.c b/src/eom-print-preview.c +index f9f005f..7dc2a8a 100644 +--- a/src/eom-print-preview.c ++++ b/src/eom-print-preview.c +@@ -732,7 +732,7 @@ create_surface_from_pixbuf (GdkPixbuf *pixbuf) + format = CAIRO_FORMAT_ARGB32; + + cairo_stride = cairo_format_stride_for_width (format, width); +- cairo_pixels = g_malloc (height * cairo_stride); ++ cairo_pixels = g_malloc_n (height, cairo_stride); + surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels, + format, + width, height, cairo_stride); |