diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:29:52 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:29:52 +0000 |
commit | ca67b09c015d4af3ae3cce12aa72e60941dbb8b5 (patch) | |
tree | b7316d7b06c373e08dabb79a2c866c568e08f49e /debian/patches/0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch | |
parent | Adding upstream version 2.06. (diff) | |
download | grub2-debian/2.06-13+deb12u1.tar.xz grub2-debian/2.06-13+deb12u1.zip |
Adding debian version 2.06-13+deb12u1.debian/2.06-13+deb12u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | debian/patches/0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/debian/patches/0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch b/debian/patches/0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch new file mode 100644 index 0000000..1c0aba1 --- /dev/null +++ b/debian/patches/0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch @@ -0,0 +1,27 @@ +From 5e496e28b3c76666c98b737153f9b0c2bedf489d Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 6 Jul 2021 14:13:40 +1000 +Subject: video/readers/png: Refuse to handle multiple image headers + +This causes the bitmap to be leaked. Do not permit multiple image headers. + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> +--- + grub-core/video/readers/png.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c +index e2a6b1cf3..8955b8ecf 100644 +--- a/grub-core/video/readers/png.c ++++ b/grub-core/video/readers/png.c +@@ -258,6 +258,9 @@ grub_png_decode_image_header (struct grub_png_data *data) + int color_bits; + enum grub_video_blit_format blt; + ++ if (data->image_width || data->image_height) ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, "png: two image headers found"); ++ + data->image_width = grub_png_get_dword (data); + data->image_height = grub_png_get_dword (data); + |