diff options
author | Ned Ludd <solar@gentoo.org> | 2004-05-09 06:32:31 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2004-05-09 06:32:31 +0000 |
commit | 4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c (patch) | |
tree | f7c6ccaed6a04647bff8934326c7d3472ed4f16d | |
parent | The library provides 2 calls png_chunk_error and png_chunk_warning for defaul... (diff) | |
download | gentoo-2-4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c.tar.gz gentoo-2-4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c.tar.bz2 gentoo-2-4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c.zip |
The library provides 2 calls png_chunk_error and png_chunk_warning for default error and warning messages handling. Inside the code a fixed size buffer is used and 64 bytes are used to store the caller supplied message. But there are no bounds checking and this limitation is not documented. Programs linked against libpng may crash or even execute arbitrary code if the caller message is dependent on external inputs. Bugzilla bug #49887 (Manifest recommit)
-rw-r--r-- | media-libs/libpng/Manifest | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/media-libs/libpng/Manifest b/media-libs/libpng/Manifest index e965e0e5b45a..e0f0c5c6aa6d 100644 --- a/media-libs/libpng/Manifest +++ b/media-libs/libpng/Manifest @@ -1,4 +1,4 @@ -MD5 aea71e9b1a67a7694353a48e1d477d33 ChangeLog 6188 +MD5 369f6fe9ea3ee2de1f8f5f337cda4f85 ChangeLog 6741 MD5 715d8c5f921a8315141902b4ae0e4f2d libpng-1.0.12-r2.ebuild 958 MD5 a7e44158011831ead567a1478a9cdd09 libpng-1.0.15-r1.ebuild 1858 MD5 dd70c9bd9d3707ce120546479724d61b libpng-1.0.15.ebuild 1797 |