[lasem] cairo: Avoid integer overflow CVE-2013-7447

From: Emmanuel Pacaud <emmanuel src gnome org>
To: commits-list gnome org
Cc:
Subject: [lasem] cairo: Avoid integer overflow CVE-2013-7447
Date: Sun, 6 Aug 2017 06:18:15 +0000 (UTC)

commit 6f2feed780d9139a45c06e1ad399d06a4f351fbf
Author: RyuzakiKK <aasonykk gmail com>
Date:   Sat Aug 5 21:40:55 2017 +0200

    cairo: Avoid integer overflow CVE-2013-7447
    
    lasem is affected by a possible integer overflow, that was also
    found and patched upstream in gtk+
    https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6

 src/lsmcairo.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/src/lsmcairo.c b/src/lsmcairo.c
index c568fd5..73fb93e 100644
--- a/src/lsmcairo.c
+++ b/src/lsmcairo.c
@@ -528,7 +528,7 @@ lsm_cairo_set_source_pixbuf (cairo_t *cairo,
                format = CAIRO_FORMAT_ARGB32;
 
        cairo_stride = cairo_format_stride_for_width (format, width);
-       cairo_pixels = g_malloc (height * cairo_stride);
+       cairo_pixels = g_malloc_n (height, cairo_stride);
        surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
                                                       format,
                                                       width, height, cairo_stride);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]