Mercurial > hg > release > icedtea-1.9
view patches/security/icedtea-6804998.patch @ 1768:3a122c249dda
Port latest security fixes from IcedTea6.
2009-04-06 Andrew John Hughes <ahughes@redhat.com>
* Makefile.am:
Add new patches.
* patches/security/icedtea-6536193.patch,
* patches/security/icedtea-6610888.patch,
* patches/security/icedtea-6610896.patch,
* patches/security/icedtea-6630639.patch,
* patches/security/icedtea-6632886.patch,
* patches/security/icedtea-6636360.patch,
* patches/security/icedtea-6652463.patch,
* patches/security/icedtea-6656633.patch,
* patches/security/icedtea-6658158.patch,
* patches/security/icedtea-6691246.patch,
* patches/security/icedtea-6717680.patch,
* patches/security/icedtea-6721651.patch,
* patches/security/icedtea-6737315.patch,
* patches/security/icedtea-6792554.patch,
* patches/security/icedtea-6804996.patch,
* patches/security/icedtea-6804997.patch,
* patches/security/icedtea-6804998.patch:
Security patches ported from IcedTea6.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Tue, 07 Apr 2009 01:02:17 +0100 |
parents | |
children |
line wrap: on
line source
--- old/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:25 2009 +++ openjdk/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:24 2009 @@ -585,9 +585,16 @@ System.out.print("Reading a " + width + " by " + height + " " + (interlace ? "" : "non-") + "interlaced image..."); } - + int initCodeSize = ExtractByte(block, 9); + if (initCodeSize >= 12) { + if (verbose) { + System.out.println("Invalid initial code size: " + + initCodeSize); + } + return false; + } boolean ret = parseImage(x, y, width, height, - interlace, ExtractByte(block, 9), + interlace, initCodeSize, block, rasline, model); if (!ret) { --- old/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:28 2009 +++ openjdk/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:27 2009 @@ -191,6 +191,11 @@ int passht = passinc; int len; + /* We have verified the initial code size on the java layer. + * Here we just check bounds for particular indexes. */ + if (freeCode >= 4096 || maxCode >= 4096) { + return 0; + } if (blockh == 0 || raslineh == 0 || prefixh == 0 || suffixh == 0 || outCodeh == 0)