Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-18-2006, 09:16 AM
|
#1
|
LQ Newbie
Registered: Sep 2004
Posts: 9
Rep:
|
patch x11
Hi,
i visited Secunia recently and knew that X11 has libXfont PCF Integer Overflow Vulnerability, so i want to patch it, i download the patch from bugs.freedesktop.org, but i don't know how to patch, i can't find the file pcfread.c. i just simple to know how to use the patch command.
Can anyone have me a help? Thanks
My Slackware version is 10.0 and Xorg is x11-6.8.1
Following is the patch from bugs.freedesktop.org:
diff --git a/src/bitmap/pcfread.c b/src/bitmap/pcfread.c
index dd76868..6210f18 100644
--- a/src/bitmap/pcfread.c
+++ b/src/bitmap/pcfread.c
@@ -45,6 +45,7 @@ #define MAX(a,b) (((a)>(b)) ? a : b
#endif
#include <stdarg.h>
+#include <stdint.h>
void
pcfError(const char* message, ...)
@@ -133,6 +134,10 @@ pcfReadTOC(FontFilePtr file, int *countp
return (PCFTablePtr) NULL;
count = pcfGetLSB32(file);
if (IS_EOF(file)) return (PCFTablePtr) NULL;
+ if (count < 0 || count > INT32_MAX / sizeof(PCFTableRec)) {
+ pcfError("pcfReadTOC(): invalid file format\n");
+ return NULL;
+ }
tables = (PCFTablePtr) xalloc(count * sizeof(PCFTableRec));
if (!tables) {
pcfError("pcfReadTOC(): Couldn't allocate tables (%d*%d)\n", count, sizeof(PCFTableRec));
@@ -252,6 +257,10 @@ pcfGetProperties(FontInfoPtr pFontInfo,
if (!PCF_FORMAT_MATCH(format, PCF_DEFAULT_FORMAT))
goto Bail;
nprops = pcfGetINT32(file, format);
+ if (nprops <= 0 || nprops > INT32_MAX / sizeof(FontPropRec)) {
+ pcfError("pcfGetProperties(): invalid nprops value (%d)\n", nprops);
+ goto Bail;
+ }
if (IS_EOF(file)) goto Bail;
props = (FontPropPtr) xalloc(nprops * sizeof(FontPropRec));
if (!props) {
@@ -267,6 +276,13 @@ pcfGetProperties(FontInfoPtr pFontInfo,
props[i].name = pcfGetINT32(file, format);
isStringProp[i] = pcfGetINT8(file, format);
props[i].value = pcfGetINT32(file, format);
+ if (props[i].name < 0
+ || (isStringProp[i] != 0 && isStringProp[i] != 1)
+ || (isStringProp[i] && props[i].value < 0)) {
+ pcfError("pcfGetProperties(): invalid file format %d %d %d\n",
+ props[i].name, isStringProp[i], props[i].value);
+ goto Bail;
+ }
if (IS_EOF(file)) goto Bail;
}
/* pad the property array */
@@ -282,6 +298,7 @@ pcfGetProperties(FontInfoPtr pFontInfo,
}
if (IS_EOF(file)) goto Bail;
string_size = pcfGetINT32(file, format);
+ if (string_size < 0) goto Bail;
if (IS_EOF(file)) goto Bail;
strings = (char *) xalloc(string_size);
if (!strings) {
@@ -422,6 +439,10 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
else
nmetrics = pcfGetINT16(file, format);
if (IS_EOF(file)) goto Bail;
+ if (nmetrics < 0 || nmetrics > INT32_MAX / sizeof(CharInfoRec)) {
+ pcfError("pcfReadFont(): invalid file format\n");
+ goto Bail;
+ }
metrics = (CharInfoPtr) xalloc(nmetrics * sizeof(CharInfoRec));
if (!metrics) {
pcfError("pcfReadFont(): Couldn't allocate metrics (%d*%d)\n", nmetrics, sizeof(CharInfoRec));
@@ -447,7 +468,7 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
nbitmaps = pcfGetINT32(file, format);
if (nbitmaps != nmetrics || IS_EOF(file))
goto Bail;
-
+ /* nmetrics is alreadt ok, so nbitmap also is */
offsets = (CARD32 *) xalloc(nbitmaps * sizeof(CARD32));
if (!offsets) {
pcfError("pcfReadFont(): Couldn't allocate offsets (%d*%d)\n", nbitmaps, sizeof(CARD32));
@@ -461,6 +482,7 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
for (i = 0; i < GLYPHPADOPTIONS; i++) {
bitmapSizes[i] = pcfGetINT32(file, format);
if (IS_EOF(file)) goto Bail;
+ if (bitmapSizes[i] < 0) goto Bail;
}
sizebitmaps = bitmapSizes[PCF_GLYPH_PAD_INDEX(format)];
@@ -536,6 +558,7 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
if (IS_EOF(file)) goto Bail;
if (nink_metrics != nmetrics)
goto Bail;
+ /* nmetrics already checked */
ink_metrics = (xCharInfo *) xalloc(nink_metrics * sizeof(xCharInfo));
if (!ink_metrics) {
pcfError("pcfReadFont(): Couldn't allocate ink_metrics (%d*%d)\n", nink_metrics, sizeof(xCharInfo));
@@ -809,6 +832,10 @@ pmfReadFont(FontPtr pFont, FontFilePtr f
else
nmetrics = pcfGetINT16(file, format);
if (IS_EOF(file)) goto Bail;
+ if (nmetrics < 0 || nmetrics > INT32_MAX / sizeof(CharInfoRec)) {
+ pcfError("pmfReadFont(): invalid file format\n");
+ goto Bail;
+ }
metrics = (CharInfoPtr) xalloc(nmetrics * sizeof(CharInfoRec));
if (!metrics) {
pcfError("pmfReadFont(): Couldn't allocate metrics (%d*%d)\n", nmetrics, sizeof(CharInfoRec));
jack
|
|
|
08-18-2006, 10:39 AM
|
#2
|
Member
Registered: Mar 2003
Location: Dry, Dusty and Conservative
Distribution: OpenBSD, Debian Wheezy/Jessie
Posts: 449
Rep:
|
"man patch" Will get you the manual page for the patch command.
It usually is "patch -p0 < ***.diff"
|
|
|
08-18-2006, 08:51 PM
|
#3
|
Senior Member
Registered: Jul 2004
Location: Jogja, Indonesia
Distribution: Slackware-Current
Posts: 4,796
|
you can tell Pat about the patch and he will make it prioritized if it concerns with security problem.
|
|
|
08-18-2006, 11:38 PM
|
#4
|
Senior Member
Registered: May 2003
Location: Columbus, OH
Distribution: DIYSlackware
Posts: 1,914
Rep:
|
To answer your question, you have to patch the source code not what's already installed on your system. Then recompile X after patching.
I'm guessing that's what you were wondering...
|
|
|
08-20-2006, 10:29 AM
|
#5
|
LQ Newbie
Registered: Sep 2004
Posts: 9
Original Poster
Rep:
|
patch x11
Hi,
Thanks for yr reply, i think you have pointed out the problem that i had, i like the Slackware packages management, many application's source code i downloaded, i like to make a Slackware package for it after compiled and then installed or upgraded the package. However Slackware.com hasn't supplied the upgraded package for x11 yet, i know the x11 packages are quiet complex and i also don't know x11 very well, so i don't know how to make packages for x11. If i arbitrary use `patch -p0 < patchfile.diff' in my existent code, i afraid i will crash my x11.
|
|
|
08-20-2006, 09:12 PM
|
#6
|
Senior Member
Registered: Jul 2004
Location: Jogja, Indonesia
Distribution: Slackware-Current
Posts: 4,796
|
if it related to security or stability, i think Pat will make the updates for it (as said in CHangelog).
Also, if you want to build a Slackware packages, i suggest you to take a look at Building Packages and perfect packages
|
|
|
All times are GMT -5. The time now is 12:52 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|