main/ghostscript: fix CVE-2012-4405

fixes #1427
author: Natanael Copa <ncopa@alpinelinux.org> 2012-11-05 14:57:31 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2012-11-05 14:57:31 +0000
commit: 4c4a1e42e1f2a126e50259f639ea0ed8d038e71e (patch)
tree: e9d5950f60301aa1602348986907b7a6a2349d9d /main/ghostscript/CVE-2012-4405.patch
parent: d2390d6b7b42530de318fbede75fa502b1c0539f (diff)
download: aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.bz2
aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.xz
1 files changed, 15 insertions, 0 deletions
diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch
new file mode 100644
index 0000000000..a589992aee
--- /dev/null
+++ b/main/ghostscript/CVE-2012-4405.patch
@@ -0,0 +1,15 @@
+--- ./icclib/icc.c.orig
++++ ./icclib/icc.c
+@@ -4996,6 +4996,11 @@
+         p->clutPoints = read_UInt8Number(bp+10);
+ 
+         /* Sanity check */
++	if (p->inputChan < 1) {
++		sprintf(icp->err,"icmLut_read: No input channels!");
++		return icp->errc = 1;
++	}
++
+         if (p->inputChan > MAX_CHAN) {
+                 sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
+                 return icp->errc = 1;
+
author	Natanael Copa <ncopa@alpinelinux.org>	2012-11-05 14:57:31 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2012-11-05 14:57:31 +0000
commit	4c4a1e42e1f2a126e50259f639ea0ed8d038e71e (patch)
tree	e9d5950f60301aa1602348986907b7a6a2349d9d /main/ghostscript/CVE-2012-4405.patch
parent	d2390d6b7b42530de318fbede75fa502b1c0539f (diff)
download	aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.bz2 aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.xz