r51993 - in /desktop/experimental/gdk-pixbuf/debian: changelog patches/0001-skip-perturb-for-cve-2015-4491-original-test.patch patches/01-disable-oom-test.patch patches/series

laney at users.alioth.debian.org laney at users.alioth.debian.org
Tue Feb 14 11:35:57 UTC 2017 

Author: laney
Date: Tue Feb 14 11:35:57 2017
New Revision: 51993

URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=51993
Log:
Try replacing d/p/01-disable-oom-test.patch with
d/p/0001-skip-perturb-for-cve-2015-4491-original-test.patch: This should
ideally allow the test to be run without OOMing, which is better than not
running it at all. (The proper fix is still to be investigated.)

Added:
    desktop/experimental/gdk-pixbuf/debian/patches/0001-skip-perturb-for-cve-2015-4491-original-test.patch
Removed:
    desktop/experimental/gdk-pixbuf/debian/patches/01-disable-oom-test.patch
Modified:
    desktop/experimental/gdk-pixbuf/debian/changelog
    desktop/experimental/gdk-pixbuf/debian/patches/series

Modified: desktop/experimental/gdk-pixbuf/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/experimental/gdk-pixbuf/debian/changelog?rev=51993&op=diff
==============================================================================
--- desktop/experimental/gdk-pixbuf/debian/changelog	[utf-8] (original)
+++ desktop/experimental/gdk-pixbuf/debian/changelog	[utf-8] Tue Feb 14 11:35:57 2017
@@ -8,6 +8,10 @@
     + Fix an overflow check
     + Handle extreme scaling better
   * Bump libglib2.0 BD to 2.48.0, per configure.ac
+  * Try replacing d/p/01-disable-oom-test.patch with
+    d/p/0001-skip-perturb-for-cve-2015-4491-original-test.patch: This should
+    ideally allow the test to be run without OOMing, which is better than not
+    running it at all. (The proper fix is still to be investigated.)
 
  -- Iain Lane <laney at debian.org>  Tue, 14 Feb 2017 11:01:28 +0000
 

Added: desktop/experimental/gdk-pixbuf/debian/patches/0001-skip-perturb-for-cve-2015-4491-original-test.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/experimental/gdk-pixbuf/debian/patches/0001-skip-perturb-for-cve-2015-4491-original-test.patch?rev=51993&op=file
==============================================================================
--- desktop/experimental/gdk-pixbuf/debian/patches/0001-skip-perturb-for-cve-2015-4491-original-test.patch	(added)
+++ desktop/experimental/gdk-pixbuf/debian/patches/0001-skip-perturb-for-cve-2015-4491-original-test.patch	[utf-8] Tue Feb 14 11:35:57 2017
@@ -0,0 +1,52 @@
+From 2618753a5cbfc848255cac1590127be4ea234f1f Mon Sep 17 00:00:00 2001
+From: Dimitri John Ledkov <xnox at ubuntu.com>
+Date: Fri, 15 Apr 2016 10:20:00 +0000
+Subject: [PATCH] skip-perturb-for-cve-2015-4491-original-test.patch
+
+(Taken from https://bugzilla.gnome.org/show_bug.cgi?id=765094 - although it's
+rejected there as the OOM should be fixed / the error reported properly.)
+
+---
+ tests/cve-2015-4491.c | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/tests/cve-2015-4491.c b/tests/cve-2015-4491.c
+index 988cb495d..62add04b6 100644
+--- a/tests/cve-2015-4491.c
++++ b/tests/cve-2015-4491.c
+@@ -18,6 +18,8 @@
+  * Author: Benjamin Otte
+  */
+ 
++#include <malloc.h>
++
+ #include <gdk-pixbuf.h>
+ 
+ #include "test-common.h"
+@@ -28,11 +30,23 @@ test_original (void)
+   GdkPixbuf* buf;
+   int size = 32;
+   GError* err = NULL;
++  gint64 perturbv = 0;
++
++  const gchar * perturb = NULL;
++  perturb = g_getenv("MALLOC_PERTURB_");
++  if (perturb != NULL) {
++	  perturbv = g_ascii_strtoll (perturb, NULL, 0);
++	  mallopt(M_PERTURB, 0);
++  }
+ 
+   buf = gdk_pixbuf_new_from_resource_at_scale ("/test/resource/cve-2015-4491.bmp", size, size, FALSE, &err);
+   if (skip_if_insufficient_memory (&err))
+     return;
+ 
++  if (perturbv > 0) {
++	  mallopt(M_PERTURB, perturbv);
++  }
++
+   g_assert_no_error (err);
+ 
+   g_object_unref (buf);
+-- 
+2.11.0
+

Modified: desktop/experimental/gdk-pixbuf/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/experimental/gdk-pixbuf/debian/patches/series?rev=51993&op=diff
==============================================================================
--- desktop/experimental/gdk-pixbuf/debian/patches/series	[utf-8] (original)
+++ desktop/experimental/gdk-pixbuf/debian/patches/series	[utf-8] Tue Feb 14 11:35:57 2017
@@ -1 +1 @@
-01-disable-oom-test.patch
+0001-skip-perturb-for-cve-2015-4491-original-test.patch

More information about the pkg-gnome-commits mailing list