[tcl-snack] apply fix from Michael Karcher to fix CVE-2012-6303 (bz 885893)
Tom Callaway
spot at fedoraproject.org
Wed Jan 2 16:42:35 UTC 2013
commit 833921df77854b5f9300ff649f6d527babced41a
Author: Tom Callaway <spot at fedoraproject.org>
Date: Wed Jan 2 11:44:32 2013 -0500
apply fix from Michael Karcher to fix CVE-2012-6303 (bz 885893)
tcl-snack-2.2.10-CVE-2012-6303-fix.patch | 19 +++++++++++++++++++
tcl-snack.spec | 7 ++++++-
2 files changed, 25 insertions(+), 1 deletions(-)
---
diff --git a/tcl-snack-2.2.10-CVE-2012-6303-fix.patch b/tcl-snack-2.2.10-CVE-2012-6303-fix.patch
new file mode 100644
index 0000000..6326e8a
--- /dev/null
+++ b/tcl-snack-2.2.10-CVE-2012-6303-fix.patch
@@ -0,0 +1,19 @@
+diff -up snack2.2.10/generic/jkSoundFile.c.CVE20126303 snack2.2.10/generic/jkSoundFile.c
+--- snack2.2.10/generic/jkSoundFile.c.CVE20126303 2013-01-02 11:26:15.496231056 -0500
++++ snack2.2.10/generic/jkSoundFile.c 2013-01-02 11:27:26.134250662 -0500
+@@ -1798,7 +1798,14 @@ static int
+ GetHeaderBytes(Sound *s, Tcl_Interp *interp, Tcl_Channel ch, char *buf,
+ int len)
+ {
+- int rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead);
++ int rlen;
++
++ if (len > max(CHANNEL_HEADER_BUFFER, HEADBUF)){
++ Tcl_AppendResult(interp, "Excessive header size", NULL);
++ return TCL_ERROR;
++ }
++
++ rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead);
+
+ if (rlen < len - s->firstNRead){
+ Tcl_AppendResult(interp, "Failed reading header bytes", NULL);
diff --git a/tcl-snack.spec b/tcl-snack.spec
index c69b368..8eb090b 100644
--- a/tcl-snack.spec
+++ b/tcl-snack.spec
@@ -9,7 +9,7 @@
Name: tcl-%{realname}
Version: 2.2.10
-Release: 16%{?dist}
+Release: 17%{?dist}
Summary: Sound toolkit
Group: System Environment/Libraries
License: GPLv2+
@@ -25,6 +25,7 @@ Patch0: snack2.2.10-nomp3.patch
Patch1: snack2.2.10-extracflags.patch
Patch2: snack2.2.10-shared-stubs.patch
Patch3: snack2.2.10-newALSA.patch
+Patch4: tcl-snack-2.2.10-CVE-2012-6303-fix.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: tcl-devel, tk-devel, libogg-devel, libvorbis-devel
BuildRequires: libXft-devel
@@ -71,6 +72,7 @@ Tkinter are also required to use Snack.
%patch1 -p1 -b .extracflags
%patch2 -p1 -b .shared-stubs
%patch3 -p1 -b .newALSA
+%patch4 -p1 -b .CVE20126303
chmod -x generic/*.c generic/*.h unix/*.c COPYING README demos/python/*
iconv -f iso-8859-1 -t utf-8 -o README{.utf8,}
mv README{.utf8,}
@@ -126,6 +128,9 @@ rm -rf %{buildroot}
%{python_sitelib}/tkSnack*
%changelog
+* Wed Jan 2 2013 Tom Callaway <spot at fedoraproject.org> - 2.2.10-17
+- apply fix from Michael Karcher to fix CVE-2012-6303 (bz 885893)
+
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2.10-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
More information about the scm-commits
mailing list