From a684c959c19ce93b5a3f2945e027727cd3ec4d88 Mon Sep 17 00:00:00 2001 From: psykose Date: Sun, 17 Apr 2022 05:12:10 +0000 Subject: [PATCH] testing/sdl: commit the cve patch instead of fetching it checksums randomly change --- testing/sdl/0002-CVE-2019-13616.patch | 16 ++++++++++++++++ testing/sdl/APKBUILD | 4 ++-- 2 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 testing/sdl/0002-CVE-2019-13616.patch diff --git a/testing/sdl/0002-CVE-2019-13616.patch b/testing/sdl/0002-CVE-2019-13616.patch new file mode 100644 index 00000000000..5461fe3bf6a --- /dev/null +++ b/testing/sdl/0002-CVE-2019-13616.patch @@ -0,0 +1,16 @@ +diff --git a/src/video/SDL_bmp.c b/src/video/SDL_bmp.c +index 758d4bbc4..6cadc8a55 100644 +--- a/src/video/SDL_bmp.c ++++ b/src/video/SDL_bmp.c +@@ -143,6 +143,11 @@ SDL_Surface * SDL_LoadBMP_RW (SDL_RWops *src, int freesrc) + (void) biYPelsPerMeter; + (void) biClrImportant; + ++ if (biWidth <= 0 || biHeight == 0) { ++ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight); ++ was_error = SDL_TRUE; ++ goto done; ++ } + if (biHeight < 0) { + topDown = SDL_TRUE; + biHeight = -biHeight; diff --git a/testing/sdl/APKBUILD b/testing/sdl/APKBUILD index fedaa0bac46..dc1ec208a7e 100644 --- a/testing/sdl/APKBUILD +++ b/testing/sdl/APKBUILD @@ -27,7 +27,7 @@ source="https://www.libsdl.org/release/SDL-$pkgver.tar.gz 0001-CVE-2019-7636.patch 0001-CVE-2019-7637.patch 0002-CVE-2019-7637.patch - CVE-2019-13616.patch::https://github.com/libsdl-org/SDL-1.2/commit/31a87d75f15c7acd9470fab9ceb129c0a255871f.diff + 0002-CVE-2019-13616.patch " builddir="$srcdir"/SDL-$pkgver @@ -97,5 +97,5 @@ a31d5c685fafbca72fdc5336343b74b90b1bfd5af4b6f632b4d8271bb1a218ec6419a7994290f65e 8e9fa28015e64f08d7d8124398ee5b268546105b73313490cfffdd547e67e729455535407177827e485c4132badfc48a73cce18c0ff7ff8a1c8706613acf180c 0001-CVE-2019-7636.patch 0ad1e445a067afb726df48eac55d593075c945199bd718b4116af84c15df6f5c095f541a5c8a008aef4474dda874e68517236f2f37e1539e0e5684240b058231 0001-CVE-2019-7637.patch 105378cf7609872198c83b8824a1c36463b01f5696cda6c184252b728cdd1054cdc2e68a338f5d728facd182628d2a8b29b961664e89d7f9022abc0268c9afc1 0002-CVE-2019-7637.patch -bbf11279fcf90a81b530ddfa7f84fc1b7feae8ef88f94e8095cb46818fa4617ed61669956851bca56e6799a4ea770cd1ebfa46d5d18763bf35c940643ab9fa1e CVE-2019-13616.patch +bbf11279fcf90a81b530ddfa7f84fc1b7feae8ef88f94e8095cb46818fa4617ed61669956851bca56e6799a4ea770cd1ebfa46d5d18763bf35c940643ab9fa1e 0002-CVE-2019-13616.patch "