Comment 4 for bug 78476
Revision history for this message
| Pierre (pierre-php) wrote Re: [Bug 78476] Re: libgd2 project, new maintainership, new CVS, new issue tracker | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
Hello,
On 1/9/07, Kees Cook <email address hidden> wrote:
> Since you're using CVS instead of SVN or BZR, it's actually pretty
> difficult to extract your patches. :)
Better than no RCS :)
I can try to provide some or at least point you to the right commit.
Many of them are only a couple of lines.
> As you say, #7 is already applied in Ubuntu. From the looks of it,
> every other fix are NULL-deref fixes, which unless it can be
> demonstrated how a service can be DoS'd with this, they don't look like
> security issues to me.
#11 crashes, when you pass an empty file as PNG.
#14 and the related id in my commit messages (it was before the
tracker was in place) can end to DoS. Try to allocate very large image
for example. It includes many overflow checks.
#7 always crashes as well.
By the way, I include local users as possible source of troubles (esp.
in web env).
> If I've overlooked something, please let me know. For now, I'll turn
> off the security bit on this report.
I will add the full tests suite this week, it may help to test against
your version and catches which tests crash.
> Thanks again!
You too, I'm a happy ubuntu user :-)
--Pierre