[FYI] Latest lcms security patch committed

Lillian Angel langel at redhat.com
Thu Apr 2 06:49:59 PDT 2009 

Hi,

I have added the patch below to the existing icedtea-lcms.patch. All packages in Fedora and RHEL will be updated.


Cheers,
Lillian



2009-04-02  Lillian Angel  <langel at redhat.com>

        * patches/icedtea-lcms.patch: Updated with most recent security fixes.



--- LCMS.c~	2009-03-26 17:53:27.000000000 +0000
+++ LCMS.c	2009-03-26 18:58:39.000000000 +0000
@@ -357,11 +357,16 @@
       return;
     }

+    if (data == NULL)
+      {
+	JNU_ThrowByName(env, "java/lang/NullPointerException", "");
+	return;
+      }
     sProf.j = id;
     profile = (cmsHPROFILE) sProf.pf;
     dataArray = (*env)->GetByteArrayElements(env, data, 0);
     tagSize =(*env)->GetArrayLength(env, data);
-    _cmsInitTag(profile, (icTagSignature) tagSig, dataArray, tagSize);
+    _cmsInitTag(profile, (icTagSignature) tagSig, tagSize, dataArray);
     (*env)->ReleaseByteArrayElements(env, data, dataArray, 0);
 }

--- cmsxform.c~	2009-03-26 17:53:27.000000000 +0000
+++ cmsxform.c	2009-03-26 18:31:41.000000000 +0000
@@ -689,6 +689,9 @@
                 GrayTRC = cmsReadICCGamma(hProfile, icSigGrayTRCTag);
                 FromLstarToXYZ(GrayTRC, Shapes1);

+		if (GrayTRC == NULL)
+			return NULL;
+
                 // Reversing must be done after curve translation

                 Shapes[0] = cmsReverseGamma(Shapes1[0]->nEntries, Shapes1[0]);
@@ -704,6 +707,9 @@

                 GrayTRC = cmsReadICCGammaReversed(hProfile, icSigGrayTRCTag);   // Y

+		if (GrayTRC == NULL)
+			return NULL;
+
                 Shapes[0] = cmsDupGamma(GrayTRC);
                 Shapes[1] = cmsDupGamma(GrayTRC);
                 Shapes[2] = cmsDupGamma(GrayTRC);
@@ -1341,7 +1347,7 @@
                      p -> ToDevice = PCStoShaperMatrix;
                      p -> OutMatShaper = cmsBuildOutputMatrixShaper(p->OutputProfile);

-                     if (!p -> OutMatShaper) {
+                     if (!p || !p -> OutMatShaper) {
                             cmsSignalError(LCMS_ERRC_ABORTED, "profile is unsuitable for output");
                             return NULL;
                             }
@@ -1920,6 +1926,7 @@

         ColorSpace = ColorSpaceIn;

+	Transforms[i] = NULL;

         if (ColorSpace == CurrentColorSpace) {

@@ -1969,6 +1976,11 @@
                 goto ErrorCleanup;
         }

+        if (Transforms[i] == NULL) {
+                cmsSignalError(LCMS_ERRC_ABORTED, "cmsCreateMultiprofileTransform: Invalid profile");
+                goto ErrorCleanup;
+        }
+
         CurrentColorSpace = ColorSpaceOut;

     }

More information about the distro-pkg-dev mailing list