lasem/trunk/CVE-2013-7447.patch

   1 From 6f2feed780d9139a45c06e1ad399d06a4f351fbf Mon Sep 17 00:00:00 2001
   2 From: RyuzakiKK <aasonykk@gmail.com>
   3 Date: Sat, 5 Aug 2017 21:40:55 +0200
   4 Subject: cairo: Avoid integer overflow CVE-2013-7447
   5
   6 lasem is affected by a possible integer overflow, that was also
   7 found and patched upstream in gtk+
   8 https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
   9 ---
  10  src/lsmcairo.c | 2 +-
  11  1 file changed, 1 insertion(+), 1 deletion(-)
  12
  13 diff --git a/src/lsmcairo.c b/src/lsmcairo.c
  14 index c568fd5..73fb93e 100644
  15 --- a/src/lsmcairo.c
  16 +++ b/src/lsmcairo.c
  17 @@ -528,7 +528,7 @@ lsm_cairo_set_source_pixbuf (cairo_t *cairo,
  18                 format = CAIRO_FORMAT_ARGB32;
  19
  20         cairo_stride = cairo_format_stride_for_width (format, width);
  21 -       cairo_pixels = g_malloc (height * cairo_stride);
  22 +       cairo_pixels = g_malloc_n (height, cairo_stride);
  23         surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
  24                                                        format,
  25                                                        width, height, cairo_stride);
  26 --
  27 cgit v0.12
  28