* [PATCH] libsdl2: fix CVE-2019-13616
@ 2019-10-14 6:43 Yi Zhao
0 siblings, 0 replies; only message in thread
From: Yi Zhao @ 2019-10-14 6:43 UTC (permalink / raw)
To: openembedded-core
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-13616
Patch from:
https://hg.libsdl.org/SDL/rev/e7ba650a643a
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
...538-validate-image-size-when-loading-BMP-.patch | 34 ++++++++++++++++++++++
meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb | 1 +
2 files changed, 35 insertions(+)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch
diff --git a/meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch b/meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch
new file mode 100644
index 0000000..674decc
--- /dev/null
+++ b/meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch
@@ -0,0 +1,34 @@
+From 85138c1ec673e05263ae666baf61f79384daf7e0 Mon Sep 17 00:00:00 2001
+From: Sam Lantinga <slouken@libsdl.org>
+Date: Tue, 30 Jul 2019 11:00:00 -0700
+Subject: [PATCH] Fixed bug 4538 - validate image size when loading BMP files
+
+Upstream-Status: Backport
+[https://hg.libsdl.org/SDL/rev/e7ba650a643a]
+
+CVE: CVE-2019-13616
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ src/video/SDL_bmp.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/video/SDL_bmp.c b/src/video/SDL_bmp.c
+index 0b68918..a06b0c9 100644
+--- a/src/video/SDL_bmp.c
++++ b/src/video/SDL_bmp.c
+@@ -226,6 +226,11 @@ SDL_LoadBMP_RW(SDL_RWops * src, int freesrc)
+ SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
+ }
+ }
++ if (biWidth <= 0 || biHeight == 0) {
++ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
++ was_error = SDL_TRUE;
++ goto done;
++ }
+ if (biHeight < 0) {
+ topDown = SDL_TRUE;
+ biHeight = -biHeight;
+--
+2.7.4
+
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb
index 3a0654b..cdc8650 100644
--- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb
+++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb
@@ -14,6 +14,7 @@ PROVIDES = "virtual/libsdl2"
SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \
file://more-gen-depends.patch \
+ file://0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch \
"
S = "${WORKDIR}/SDL2-${PV}"
--
2.7.4
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-10-14 6:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-14 6:43 [PATCH] libsdl2: fix CVE-2019-13616 Yi Zhao
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.