Package: libpng / 1.2.50-2+deb8u3

CVE-2015-8540.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Description: CVE-2015-8540: underflow read in png_check_keyword()
Origin: upstream, https://github.com/glennrp/libpng/commit/520b373ee53e92dce93917fea5a609b2a0291472
Bug: http://sourceforge.net/p/libpng/bugs/244/
Bug-Debian: https://bugs.debian.org/807694
Forwarded: not-needed
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2016-01-07
Applied-Upstream: v1.2.56

diff --git a/pngwutil.c b/pngwutil.c
index bc6c986..182f8db 100644
--- a/pngwutil.c
+++ b/pngwutil.c
@@ -1285,7 +1285,7 @@ png_check_keyword(png_structp png_ptr, png_charp key, png_charpp new_key)
    {
       png_warning(png_ptr, "trailing spaces removed from keyword");
 
-      while (*kp == ' ')
+      while (key_len && *kp == ' ')
       {
          *(kp--) = '\0';
          key_len--;
-- 
2.6.4