1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
From 1736b1f69ecf3e44a1b957d8090fb04c6bc5fd95 Mon Sep 17 00:00:00 2001
From: Mikhail Efremov <sem@altlinux.org>
Date: Thu, 11 Feb 2016 18:59:27 +0300
Subject: [PATCH] Fix potential buffer overflow
Use g_malloc_n() instead of g_malloc to avoid integer overflow.
This fixes CVE-2013-7447, see
http://www.openwall.com/lists/oss-security/2016/02/10/2
for details.
---
thunar/thunar-gdk-extensions.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/thunar/thunar-gdk-extensions.c b/thunar/thunar-gdk-extensions.c
index 50ecb4a..775eca3 100644
--- a/thunar/thunar-gdk-extensions.c
+++ b/thunar/thunar-gdk-extensions.c
@@ -75,7 +75,7 @@ thunar_gdk_cairo_create_surface (const GdkPixbuf *pixbuf)
/* prepare pixel data and surface */
cairo_stride = cairo_format_stride_for_width (format, width);
- cairo_pixels = g_malloc (height * cairo_stride);
+ cairo_pixels = g_malloc_n (height, cairo_stride);
surface = cairo_image_surface_create_for_data (cairo_pixels, format,
width, height, cairo_stride);
cairo_surface_set_user_data (surface, &cairo_key, cairo_pixels, g_free);
--
2.6.5
|
GitWeb
