Sophie: SDL_image-1.2.12-14.mga8 src

SDL_image-1.2.12-14.mga8.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

Description: Fixed TALOS-2019-0842 - XCF Image Code Execution Vulnerability
 This patch addresses a bug in a previous security patch for CVE-2018-3977.
 The initial patch failing to address this issue, the bug was "re-discovered"
 later and addressed CVE-2019-5058.
Author: Sam Lantinga <slouken@libsdl.org>
Origin: upstream, https://hg.libsdl.org/SDL_image/rev/b1a80aec2b10
--- a/IMG_xcf.c	2019-08-08 15:28:56.008856406 +0200
+++ b/IMG_xcf.c	2019-08-08 15:29:17.322145207 +0200
@@ -634,7 +634,7 @@
       p16 = (Uint16 *) p8;
       p   = (Uint32 *) p8;
       for (y=ty; y < ty+oy; y++) {
-	if ((ty >= surface->h) || ((tx+ox) > surface->w)) {
+	if ((y >= surface->h) || ((tx+ox) > surface->w)) {
 		break;
 	}
 	row = (Uint32 *)((Uint8 *)surface->pixels + y*surface->pitch + tx*4);