[PATCH] libpng: Fix CVE-2019-6129

All the mail mirrored from lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] libpng: Fix CVE-2019-6129
@ 2020-03-23 21:28 Sakib Sajal
  2020-03-23 21:32 ` [OE-core] " Denys Dmytriyenko
  0 siblings, 1 reply; 3+ messages in thread
From: Sakib Sajal @ 2020-03-23 21:28 UTC (permalink / raw
  To: openembedded-core

Fix memory leak in png_create_info_struct.

Upstream-Status: Submitted [https://github.com/glennrp/libpng/pull/293]
CVE: CVE-2019-6129

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
---
 .../libpng/0001-Repair-of-CVE-2019-6129.patch | 27 +++++++++++++++++++
 .../libpng/libpng_1.6.37.bb                   |  5 +++-
 2 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch

diff --git a/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
new file mode 100644
index 0000000000..1bb2da1984
--- /dev/null
+++ b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
@@ -0,0 +1,27 @@
+From ed73b082d0296c6181f2ac11e8dd78e8f7c6d66b Mon Sep 17 00:00:00 2001
+From: tangyaofang <tangyaofang6666@163.com>
+Date: Mon, 10 Jun 2019 11:30:15 +0800
+Subject: [PATCH] Repair of CVE-2019-6129
+
+CVE: CVE-2019-6129
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ contrib/tools/pngcp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/contrib/tools/pngcp.c b/contrib/tools/pngcp.c
+index 16d4e7f4d..a02d5b7ff 100644
+--- a/contrib/tools/pngcp.c
++++ b/contrib/tools/pngcp.c
+@@ -506,7 +506,7 @@ static void
+ display_clean_read(struct display *dp)
+ {
+    if (dp->read_pp != NULL)
+-      png_destroy_read_struct(&dp->read_pp, NULL, NULL);
++      png_destroy_read_struct(&dp->read_pp, (dp->ip!=NULL ? &dp->ip : NULL), NULL);
+ 
+    if (dp->fp != NULL)
+    {
+-- 
+2.20.1
+
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
index 8c53d11642..f33b942cd7 100644
--- a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
@@ -7,7 +7,10 @@ DEPENDS = "zlib"
 
 LIBV = "16"
 
-SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz"
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz \
+           file://0001-Repair-of-CVE-2019-6129.patch \
+          "
+
 SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9"
 SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca"
 
-- 
2.24.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [OE-core] [PATCH] libpng: Fix CVE-2019-6129
  2020-03-23 21:28 [PATCH] libpng: Fix CVE-2019-6129 Sakib Sajal
@ 2020-03-23 21:32 ` Denys Dmytriyenko
  2020-03-23 22:14   ` Sakib Sajal
  0 siblings, 1 reply; 3+ messages in thread
From: Denys Dmytriyenko @ 2020-03-23 21:32 UTC (permalink / raw
  To: Sakib Sajal; +Cc: openembedded-core

Hi,

Is this v2? Should say so in the subject. Also, should mention the changes 
from v1 under the commit log.


On Mon, Mar 23, 2020 at 02:28:23PM -0700, Sakib Sajal wrote:
> Fix memory leak in png_create_info_struct.
> 
> Upstream-Status: Submitted [https://github.com/glennrp/libpng/pull/293]

BTW, Upstream-Status: should be in the patch, not in the commit log.


> CVE: CVE-2019-6129
> 
> Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
> ---
>  .../libpng/0001-Repair-of-CVE-2019-6129.patch | 27 +++++++++++++++++++
>  .../libpng/libpng_1.6.37.bb                   |  5 +++-
>  2 files changed, 31 insertions(+), 1 deletion(-)
>  create mode 100644 meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
> 
> diff --git a/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
> new file mode 100644
> index 0000000000..1bb2da1984
> --- /dev/null
> +++ b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
> @@ -0,0 +1,27 @@
> +From ed73b082d0296c6181f2ac11e8dd78e8f7c6d66b Mon Sep 17 00:00:00 2001
> +From: tangyaofang <tangyaofang6666@163.com>
> +Date: Mon, 10 Jun 2019 11:30:15 +0800
> +Subject: [PATCH] Repair of CVE-2019-6129
> +
> +CVE: CVE-2019-6129
> +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
> +---
> + contrib/tools/pngcp.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/contrib/tools/pngcp.c b/contrib/tools/pngcp.c
> +index 16d4e7f4d..a02d5b7ff 100644
> +--- a/contrib/tools/pngcp.c
> ++++ b/contrib/tools/pngcp.c
> +@@ -506,7 +506,7 @@ static void
> + display_clean_read(struct display *dp)
> + {
> +    if (dp->read_pp != NULL)
> +-      png_destroy_read_struct(&dp->read_pp, NULL, NULL);
> ++      png_destroy_read_struct(&dp->read_pp, (dp->ip!=NULL ? &dp->ip : NULL), NULL);
> + 
> +    if (dp->fp != NULL)
> +    {
> +-- 
> +2.20.1
> +
> diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
> index 8c53d11642..f33b942cd7 100644
> --- a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
> +++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
> @@ -7,7 +7,10 @@ DEPENDS = "zlib"
>  
>  LIBV = "16"
>  
> -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz"
> +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz \
> +           file://0001-Repair-of-CVE-2019-6129.patch \
> +          "
> +
>  SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9"
>  SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca"
>  
> -- 
> 2.24.1
> 

> 


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [OE-core] [PATCH] libpng: Fix CVE-2019-6129
  2020-03-23 21:32 ` [OE-core] " Denys Dmytriyenko
@ 2020-03-23 22:14   ` Sakib Sajal
  0 siblings, 0 replies; 3+ messages in thread
From: Sakib Sajal @ 2020-03-23 22:14 UTC (permalink / raw
  To: Denys Dmytriyenko; +Cc: openembedded-core@lists.openembedded.org

[-- Attachment #1: Type: text/plain, Size: 3134 bytes --]

Hello,

Yes that was the V2. Changes included adding the CVE tag and Signed-off-by in the included patch.
________________________________
From: Denys Dmytriyenko <denis@denix.org>
Sent: March 23, 2020 4:32 PM
To: Sajal, Sakib <Sakib.Sajal@windriver.com>
Cc: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org>
Subject: Re: [OE-core] [PATCH] libpng: Fix CVE-2019-6129

Hi,

Is this v2? Should say so in the subject. Also, should mention the changes
from v1 under the commit log.


On Mon, Mar 23, 2020 at 02:28:23PM -0700, Sakib Sajal wrote:
> Fix memory leak in png_create_info_struct.
>
> Upstream-Status: Submitted [https://github.com/glennrp/libpng/pull/293]

BTW, Upstream-Status: should be in the patch, not in the commit log.


> CVE: CVE-2019-6129
>
> Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
> ---
>  .../libpng/0001-Repair-of-CVE-2019-6129.patch | 27 +++++++++++++++++++
>  .../libpng/libpng_1.6.37.bb                   |  5 +++-
>  2 files changed, 31 insertions(+), 1 deletion(-)
>  create mode 100644 meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
>
> diff --git a/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
> new file mode 100644
> index 0000000000..1bb2da1984
> --- /dev/null
> +++ b/meta/recipes-multimedia/libpng/libpng/0001-Repair-of-CVE-2019-6129.patch
> @@ -0,0 +1,27 @@
> +From ed73b082d0296c6181f2ac11e8dd78e8f7c6d66b Mon Sep 17 00:00:00 2001
> +From: tangyaofang <tangyaofang6666@163.com>
> +Date: Mon, 10 Jun 2019 11:30:15 +0800
> +Subject: [PATCH] Repair of CVE-2019-6129
> +
> +CVE: CVE-2019-6129
> +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
> +---
> + contrib/tools/pngcp.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/contrib/tools/pngcp.c b/contrib/tools/pngcp.c
> +index 16d4e7f4d..a02d5b7ff 100644
> +--- a/contrib/tools/pngcp.c
> ++++ b/contrib/tools/pngcp.c
> +@@ -506,7 +506,7 @@ static void
> + display_clean_read(struct display *dp)
> + {
> +    if (dp->read_pp != NULL)
> +-      png_destroy_read_struct(&dp->read_pp, NULL, NULL);
> ++      png_destroy_read_struct(&dp->read_pp, (dp->ip!=NULL ? &dp->ip : NULL), NULL);
> +
> +    if (dp->fp != NULL)
> +    {
> +--
> +2.20.1
> +
> diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
> index 8c53d11642..f33b942cd7 100644
> --- a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
> +++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
> @@ -7,7 +7,10 @@ DEPENDS = "zlib"
>
>  LIBV = "16"
>
> -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz"
> +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz \
> +           file://0001-Repair-of-CVE-2019-6129.patch \
> +          "
> +
>  SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9"
>  SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca"
>
> --
> 2.24.1
>

> 


[-- Attachment #2: Type: text/html, Size: 5268 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-03-23 22:14 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-03-23 21:28 [PATCH] libpng: Fix CVE-2019-6129 Sakib Sajal
2020-03-23 21:32 ` [OE-core] " Denys Dmytriyenko
2020-03-23 22:14   ` Sakib Sajal

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.