This project is archived. Its data is read-only.

Commit 69636df1 authored Jun 17, 2014 by Gustavo Zacarias Committed by Peter Korsgaard Jun 18, 2014

links: add security fix for CVE-2013-6050



Also fix LICENSE typo.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent 9019f17c

package/links/links-no-largefile.patch→package/links/links-0001-no-largefile.patch

+0 −0

File moved.

package/links/links-0002-CVE-2013-6050.patch

0 → 100644

+17 −0

Original line number	Diff line number	Diff line
		Description: Fix integer overflow in graphics mode (CVE-2013-6050)
		Author: Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>
		Bug-CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6050

		Index: links-2.7/html_tbl.c
		===================================================================
		--- links-2.7.orig/html_tbl.c 2013-11-22 01:57:29.000000000 +0100
		+++ links-2.7/html_tbl.c 2013-11-22 01:58:30.000000000 +0100
		@@ -1550,6 +1550,8 @@ static void add_to_rect_sets(struct rect
		static void add_to_cell_sets(struct table_cell **s, int nn, int n, struct rect r, struct table_cell *c)
		{
		int i, j;
		+ if (r->y1 < 0 \|\| r->y2 < 0)
		+ fatal_exit("add_to_cell_sets: integer overflow: %d, %d", r->y1, r->y2);
		for (i = r->y1 >> RECT_BOUND_BITS; i <= (r->y2 - 1) >> RECT_BOUND_BITS; i++) {
		if (i >= *n) {
		struct table_cell ***ns;

package/links/links.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -7,7 +7,7 @@
		LINKS_VERSION = 2.7
		LINKS_SITE = http://links.twibright.com/download
		LINKS_DEPENDENCIES = host-pkgconf
		LINKS_LICNSE = GPLv2+
		LINKS_LICENSE = GPLv2+
		LINKS_LICENSE_FILES = COPYING

		ifeq ($(BR2_PACKAGE_LINKS_GRAPHICS),y)