[Pkg-cups-devel] r53 - cupsys/trunk/debian/patches
Kenshi Muto
kmuto at costa.debian.org
Tue Dec 13 00:24:25 UTC 2005
Author: kmuto
Date: Tue Dec 13 00:24:24 2005
New Revision: 53
Modified:
cupsys/trunk/debian/patches/48_security_CAN-2005-3191.dpatch
Log:
recommit 48_security
Modified: cupsys/trunk/debian/patches/48_security_CAN-2005-3191.dpatch
==============================================================================
--- cupsys/trunk/debian/patches/48_security_CAN-2005-3191.dpatch (original)
+++ cupsys/trunk/debian/patches/48_security_CAN-2005-3191.dpatch Tue Dec 13 00:24:24 2005
@@ -1,145 +1,134 @@
#! /bin/sh /usr/share/dpatch/dpatch-run
-## 48_security_CAN-2005-3191.dpatch by Kenshi Muto <kmuto at debian.org>
+## 46_security_CAN-2005-3191.dpatch by Joey Schulze <joey at infodrom.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Fixes buffer overflows, denoted as CAN-2005-3191 and CAN-2005-3192
@DPATCH@
-diff -urNad cupsys-1.1.23~/debian/patches/46_security_CAN-2005-3191.dpatch cupsys-1.1.23/debian/patches/46_security_CAN-2005-3191.dpatch
---- cupsys-1.1.23~/debian/patches/46_security_CAN-2005-3191.dpatch 1970-01-01 09:00:00.000000000 +0900
-+++ cupsys-1.1.23/debian/patches/46_security_CAN-2005-3191.dpatch 2005-12-13 09:12:48.000000000 +0900
-@@ -0,0 +1,134 @@
-+#! /bin/sh /usr/share/dpatch/dpatch-run
-+## 46_security_CAN-2005-3191.dpatch by Joey Schulze <joey at infodrom.org>
-+##
-+## All lines beginning with `## DP:' are a description of the patch.
-+## DP: Fixes buffer overflows, denoted as CAN-2005-3191 and CAN-2005-3192
+--- cupsys-1.1.23/pdftops/Stream.cxx.orig 2004-02-02 23:41:09.000000000 +0100
++++ cupsys-1.1.23/pdftops/Stream.cxx 2005-12-12 10:41:38.000000000 +0100
+@@ -15,6 +15,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <stddef.h>
++#include <limits.h>
+ #ifndef WIN32
+ #include <unistd.h>
+ #endif
+@@ -404,18 +405,41 @@ void ImageStream::skipLine() {
+
+ StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
+ int widthA, int nCompsA, int nBitsA) {
++ int totalBits;
+
-+ at DPATCH@
-+--- cupsys-1.1.23/pdftops/Stream.cxx.orig 2004-02-02 23:41:09.000000000 +0100
-++++ cupsys-1.1.23/pdftops/Stream.cxx 2005-12-12 10:41:38.000000000 +0100
-+@@ -15,6 +15,7 @@
-+ #include <stdio.h>
-+ #include <stdlib.h>
-+ #include <stddef.h>
-++#include <limits.h>
-+ #ifndef WIN32
-+ #include <unistd.h>
-+ #endif
-+@@ -404,18 +405,41 @@ void ImageStream::skipLine() {
-+
-+ StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
-+ int widthA, int nCompsA, int nBitsA) {
-++ int totalBits;
-++
-+ str = strA;
-+ predictor = predictorA;
-+ width = widthA;
-+ nComps = nCompsA;
-+ nBits = nBitsA;
-++ predLine = NULL;
-++ ok = gFalse;
-+
-++ if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-++ nComps >= INT_MAX/nBits ||
-++ width >= INT_MAX/nComps/nBits) {
-++ return;
-++ }
-+ nVals = width * nComps;
-++ if (nVals + 7 <= 0) {
-++ return;
-++ }
-++ totalBits = nVals * nBits;
-++ if (totalBits == 0 ||
-++ (totalBits / nBits) / nComps != width ||
-++ totalBits + 7 < 0) {
-++ return;
-++ }
-+ pixBytes = (nComps * nBits + 7) >> 3;
-+- rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-++ rowBytes = ((totalBits + 7) >> 3) + pixBytes;
-++ if (rowBytes < 0) {
-++ return;
-++ }
-+ predLine = (Guchar *)gmalloc(rowBytes);
-+ memset(predLine, 0, rowBytes);
-+ predIdx = rowBytes;
-++
-++ ok = gTrue;
-+ }
-+
-+ StreamPredictor::~StreamPredictor() {
-+@@ -991,6 +1015,10 @@ LZWStream::LZWStream(Stream *strA, int p
-+ FilterStream(strA) {
-+ if (predictor != 1) {
-+ pred = new StreamPredictor(this, predictor, columns, colors, bits);
-++ if (!pred->isOk()) {
-++ delete pred;
-++ pred = NULL;
-++ }
-+ } else {
-+ pred = NULL;
-+ }
-+@@ -2891,6 +2919,10 @@ GBool DCTStream::readBaselineSOF() {
-+ height = read16();
-+ width = read16();
-+ numComps = str->getChar();
-++ if (numComps <= 0 || numComps > 4) {
-++ error(getPos(), "Bad number of components in DCT stream", prec);
-++ return gFalse;
-++ }
-+ if (prec != 8) {
-+ error(getPos(), "Bad DCT precision %d", prec);
-+ return gFalse;
-+@@ -2917,6 +2949,10 @@ GBool DCTStream::readProgressiveSOF() {
-+ height = read16();
-+ width = read16();
-+ numComps = str->getChar();
-++ if (numComps <= 0 || numComps > 4) {
-++ error(getPos(), "Bad number of components in DCT stream");
-++ return gFalse;
-++ }
-+ if (prec != 8) {
-+ error(getPos(), "Bad DCT precision %d", prec);
-+ return gFalse;
-+@@ -2939,6 +2975,10 @@ GBool DCTStream::readScanInfo() {
-+
-+ length = read16() - 2;
-+ scanInfo.numComps = str->getChar();
-++ if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) {
-++ error(getPos(), "Bad number of components in DCT stream");
-++ return gFalse;
-++ }
-+ --length;
-+ if (length != 2 * scanInfo.numComps + 3) {
-+ error(getPos(), "Bad DCT scan info block");
-+@@ -3249,6 +3289,10 @@ FlateStream::FlateStream(Stream *strA, i
-+ FilterStream(strA) {
-+ if (predictor != 1) {
-+ pred = new StreamPredictor(this, predictor, columns, colors, bits);
-++ if (!pred->isOk()) {
-++ delete pred;
-++ pred = NULL;
-++ }
-+ } else {
-+ pred = NULL;
-+ }
-+--- cupsys-1.1.23/pdftops/Stream.h.orig 2004-02-02 23:41:09.000000000 +0100
-++++ cupsys-1.1.23/pdftops/Stream.h 2005-12-12 10:41:38.000000000 +0100
-+@@ -231,6 +231,8 @@ public:
-+
-+ ~StreamPredictor();
-+
-++ GBool isOk() { return ok; }
-++
-+ int lookChar();
-+ int getChar();
-+
-+@@ -248,6 +250,7 @@ private:
-+ int rowBytes; // bytes per line
-+ Guchar *predLine; // line buffer
-+ int predIdx; // current index in predLine
-++ GBool ok;
-+ };
-+
-+ //------------------------------------------------------------------------
+ str = strA;
+ predictor = predictorA;
+ width = widthA;
+ nComps = nCompsA;
+ nBits = nBitsA;
++ predLine = NULL;
++ ok = gFalse;
+
++ if (width <= 0 || nComps <= 0 || nBits <= 0 ||
++ nComps >= INT_MAX/nBits ||
++ width >= INT_MAX/nComps/nBits) {
++ return;
++ }
+ nVals = width * nComps;
++ if (nVals + 7 <= 0) {
++ return;
++ }
++ totalBits = nVals * nBits;
++ if (totalBits == 0 ||
++ (totalBits / nBits) / nComps != width ||
++ totalBits + 7 < 0) {
++ return;
++ }
+ pixBytes = (nComps * nBits + 7) >> 3;
+- rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
++ rowBytes = ((totalBits + 7) >> 3) + pixBytes;
++ if (rowBytes < 0) {
++ return;
++ }
+ predLine = (Guchar *)gmalloc(rowBytes);
+ memset(predLine, 0, rowBytes);
+ predIdx = rowBytes;
++
++ ok = gTrue;
+ }
+
+ StreamPredictor::~StreamPredictor() {
+@@ -991,6 +1015,10 @@ LZWStream::LZWStream(Stream *strA, int p
+ FilterStream(strA) {
+ if (predictor != 1) {
+ pred = new StreamPredictor(this, predictor, columns, colors, bits);
++ if (!pred->isOk()) {
++ delete pred;
++ pred = NULL;
++ }
+ } else {
+ pred = NULL;
+ }
+@@ -2891,6 +2919,10 @@ GBool DCTStream::readBaselineSOF() {
+ height = read16();
+ width = read16();
+ numComps = str->getChar();
++ if (numComps <= 0 || numComps > 4) {
++ error(getPos(), "Bad number of components in DCT stream", prec);
++ return gFalse;
++ }
+ if (prec != 8) {
+ error(getPos(), "Bad DCT precision %d", prec);
+ return gFalse;
+@@ -2917,6 +2949,10 @@ GBool DCTStream::readProgressiveSOF() {
+ height = read16();
+ width = read16();
+ numComps = str->getChar();
++ if (numComps <= 0 || numComps > 4) {
++ error(getPos(), "Bad number of components in DCT stream");
++ return gFalse;
++ }
+ if (prec != 8) {
+ error(getPos(), "Bad DCT precision %d", prec);
+ return gFalse;
+@@ -2939,6 +2975,10 @@ GBool DCTStream::readScanInfo() {
+
+ length = read16() - 2;
+ scanInfo.numComps = str->getChar();
++ if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) {
++ error(getPos(), "Bad number of components in DCT stream");
++ return gFalse;
++ }
+ --length;
+ if (length != 2 * scanInfo.numComps + 3) {
+ error(getPos(), "Bad DCT scan info block");
+@@ -3249,6 +3289,10 @@ FlateStream::FlateStream(Stream *strA, i
+ FilterStream(strA) {
+ if (predictor != 1) {
+ pred = new StreamPredictor(this, predictor, columns, colors, bits);
++ if (!pred->isOk()) {
++ delete pred;
++ pred = NULL;
++ }
+ } else {
+ pred = NULL;
+ }
+--- cupsys-1.1.23/pdftops/Stream.h.orig 2004-02-02 23:41:09.000000000 +0100
++++ cupsys-1.1.23/pdftops/Stream.h 2005-12-12 10:41:38.000000000 +0100
+@@ -231,6 +231,8 @@ public:
+
+ ~StreamPredictor();
+
++ GBool isOk() { return ok; }
++
+ int lookChar();
+ int getChar();
+
+@@ -248,6 +250,7 @@ private:
+ int rowBytes; // bytes per line
+ Guchar *predLine; // line buffer
+ int predIdx; // current index in predLine
++ GBool ok;
+ };
+
+ //------------------------------------------------------------------------
More information about the Pkg-cups-devel
mailing list