diff options
Diffstat (limited to 'main/gdk-pixbuf/CVE-2017-2862.patch')
-rw-r--r-- | main/gdk-pixbuf/CVE-2017-2862.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/main/gdk-pixbuf/CVE-2017-2862.patch b/main/gdk-pixbuf/CVE-2017-2862.patch new file mode 100644 index 0000000000..f41f5124f3 --- /dev/null +++ b/main/gdk-pixbuf/CVE-2017-2862.patch @@ -0,0 +1,45 @@ +Backport of c2a40a92fe3df4111ed9da51fe3368c079b86926 and +6dd89e126a277460faafc1f679db44ccf78446fb + +--- gdk-pixbuf-2.36.5.orig/gdk-pixbuf/io-jpeg.c ++++ gdk-pixbuf-2.36.5/gdk-pixbuf/io-jpeg.c +@@ -1026,6 +1026,7 @@ gdk_pixbuf__jpeg_image_load_increment (g + /* try to load jpeg header */ + if (!context->got_header) { + int rc; ++ gboolean has_alpha; + + jpeg_save_markers (cinfo, JPEG_APP0+1, 0xffff); + jpeg_save_markers (cinfo, JPEG_APP0+2, 0xffff); +@@ -1063,10 +1064,27 @@ gdk_pixbuf__jpeg_image_load_increment (g + } + } + jpeg_calc_output_dimensions (cinfo); +- +- context->pixbuf = gdk_pixbuf_new (GDK_COLORSPACE_RGB, +- cinfo->output_components == 4 ? TRUE : FALSE, +- 8, ++ ++ if (cinfo->output_components == 3) { ++ has_alpha = FALSE; ++ } else if (cinfo->output_components == 4) { ++ has_alpha = TRUE; ++ } else if (cinfo->output_components == 1 && ++ cinfo->out_color_space == JCS_GRAYSCALE) { ++ has_alpha = FALSE; ++ } else { ++ g_set_error (error, ++ GDK_PIXBUF_ERROR, ++ GDK_PIXBUF_ERROR_CORRUPT_IMAGE, ++ _("Unsupported number of color components (%d)"), ++ cinfo->output_components); ++ retval = FALSE; ++ goto out; ++ } ++ ++ context->pixbuf = gdk_pixbuf_new (GDK_COLORSPACE_RGB, ++ has_alpha, ++ 8, + cinfo->output_width, + cinfo->output_height); + |