From 2a18b57222895b167522fcdecd7a0c37e64b5fbd Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:28:33 +0100
Subject: gnu: netpbm: Fix CVE-2017-258[67].

* gnu/packages/netpbm.scm (netpbm)[source]: Add patches.
* gnu/packages/patches/netpbm-CVE-2017-2586.patch,
gnu/packages/patches/netpbm-CVE-2017-2587.patch: New files.
* gnu/local.mk: Fix missing copyright year.
(dist_patch_DATA): Add them.
---
 gnu/packages/patches/netpbm-CVE-2017-2586.patch | 21 +++++++++++++++
 gnu/packages/patches/netpbm-CVE-2017-2587.patch | 35 +++++++++++++++++++++++++
 2 files changed, 56 insertions(+)
 create mode 100644 gnu/packages/patches/netpbm-CVE-2017-2586.patch
 create mode 100644 gnu/packages/patches/netpbm-CVE-2017-2587.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/netpbm-CVE-2017-2586.patch b/gnu/packages/patches/netpbm-CVE-2017-2586.patch
new file mode 100644
index 0000000000..99921870af
--- /dev/null
+++ b/gnu/packages/patches/netpbm-CVE-2017-2586.patch
@@ -0,0 +1,21 @@
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Thu, 28 Feb 2019 20:29:00 +0100
+Subject: [PATCH] netpbm: Fix CVE-2017-2586.
+
+Copied verbatim from Debian[0].
+
+[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2586.patch
+
+---
+diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
+--- old/converter/other/svgtopam.c	2017-02-08 12:11:02.593690917 +0100
++++ new/converter/other/svgtopam.c	2017-02-08 12:13:05.192846469 +0100
+@@ -676,7 +676,7 @@ stringToUint(const char *   const string
+ 
+     /* TODO: move this to nstring.c */
+ 
+-    if (strlen(string) == 0)
++    if (string == NULL || strlen(string) == 0)
+         pm_asprintf(errorP, "Value is a null string");
+     else {
+         char * tailptr;
diff --git a/gnu/packages/patches/netpbm-CVE-2017-2587.patch b/gnu/packages/patches/netpbm-CVE-2017-2587.patch
new file mode 100644
index 0000000000..70fa508f60
--- /dev/null
+++ b/gnu/packages/patches/netpbm-CVE-2017-2587.patch
@@ -0,0 +1,35 @@
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Thu, 28 Feb 2019 20:29:00 +0100
+Subject: [PATCH] netpbm: Fix CVE-2017-2587.
+
+Copied verbatim from Debian[0].
+
+[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2587.patch
+
+---
+diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
+--- old/converter/other/svgtopam.c	2017-02-08 12:11:02.593690917 +0100
++++ new/converter/other/svgtopam.c	2017-02-08 13:49:38.319029371 +0100
+@@ -771,12 +771,17 @@ createCanvas(unsigned int const width,
+ 
+     MALLOCVAR_NOFAIL(canvasP);
+ 
+-    canvasP->width  = width;
+-    canvasP->height = height;
+-    canvasP->pixels = ppm_allocarray(width, height);
+-    canvasP->maxval = maxval;
++    if(canvasP != NULL){
++        canvasP->width  = width;
++        canvasP->height = height;
++        canvasP->pixels = ppm_allocarray(width, height);
++        canvasP->maxval = maxval;
++
++        *canvasPP = canvasP;
++    } else {
++       pm_error("can't allocate memory for canvas");
++    }
+ 
+-    *canvasPP = canvasP;
+ }
+ 
+ 
-- 
cgit v1.2.3