slackware-current/source/l/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch

From d33a9ca2b7e9f32483c1aee4c3944c56206d456b Mon Sep 17 00:00:00 2001
From: Josef Moellers <jmoellers@suse.de>
Date: Fri, 18 Mar 2022 11:52:22 +0100
Subject: [PATCH] Prevent a divide-by-zero by checking for a zero width or
 height.

---
 src/img2txt.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/img2txt.c b/src/img2txt.c
index b8a25899..b9d5ba24 100644
--- a/src/img2txt.c
+++ b/src/img2txt.c
@@ -177,7 +177,13 @@ int main(int argc, char **argv)
     }
 
     /* Assume a 6×10 font */
-    if(!cols && !lines)
+    if(!i->w || !i->h)
+    {
+	fprintf(stderr, "%s: image size is 0\n", argv[0]);
+        lines = 0;
+	cols = 0;
+    }
+    else if(!cols && !lines)
     {
         cols = 60;
         lines = cols * i->h * font_width / i->w / font_height;
@@ -214,7 +220,7 @@ int main(int argc, char **argv)
     export = caca_export_canvas_to_memory(cv, format?format:"ansi", &len);
     if(!export)
     {
-        fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format);
+        fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format?format:"ansi");
     }
     else
     {
-												Wed Oct 11 22:22:40 UTC 2023

l/libcaca-0.99.beta20-x86_64-1.txz:  Upgraded.
  Fixed a crash bug (a crafted file defining width of zero leads to divide by
  zero and a crash). Seems to be merely a bug rather than a security issue, but
  I'd been meaning to get beta20 building so this was a good excuse.
  Thanks to marav.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-0856
  (* Security fix *)
l/libcue-2.3.0-x86_64-1.txz:  Upgraded.
xap/xscreensaver-6.08-x86_64-1.txz:  Upgraded.
testing/packages/rust-1.73.0-x86_64-1.txz:  Upgraded.

											
										
										
											2023-10-12 00:22:40 +02:00
+								From d33a9ca2b7e9f32483c1aee4c3944c56206d456b Mon Sep 17 00:00:00 2001
 								From: Josef Moellers <jmoellers@suse.de>
 								Date: Fri, 18 Mar 2022 11:52:22 +0100
 								Subject: [PATCH] Prevent a divide-by-zero by checking for a zero width or
 								 height.
 								---
 								 src/img2txt.c | 10 ++++++++--
 file changed, 8 insertions(+), 2 deletions(-)
 								diff --git a/src/img2txt.c b/src/img2txt.c
 								index b8a25899..b9d5ba24 100644
 								--- a/src/img2txt.c
 								+++ b/src/img2txt.c
@@ -177,7 +177,13 @@ int main(int argc, char **argv)
 								     }
 								     /* Assume a 6×10 font */
 								-    if(!cols && !lines)
 								+    if(!i->w || !i->h)
 								+    {
 								+	fprintf(stderr, "%s: image size is 0\n", argv[0]);
 								+        lines = 0;
 								+	cols = 0;
 								+    }
 								+    else if(!cols && !lines)
 								     {
 								         cols = 60;
 								         lines = cols * i->h * font_width / i->w / font_height;
@@ -214,7 +220,7 @@ int main(int argc, char **argv)
 								     export = caca_export_canvas_to_memory(cv, format?format:"ansi", &len);
 								     if(!export)
 								     {
 								-        fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format);
 								+        fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format?format:"ansi");
 								     }
 								     else
 								     {