Backported of:
From 02a09ec9e5ed8981e7a810bfb6a0172dc24f0790 Mon Sep 17 00:00:00 2001
From: Sam Hocevar <sam@hocevar.net>
Date: Sun, 30 Dec 2018 13:18:27 +0100
Subject: [PATCH] dither: fix integer multiplication overflow that caused
crashes.
Fixes: #38 (CVE-2018-20546)
Fixes: #39 (CVE-2018-20547)
diff --git a/caca/dither.c b/caca/dither.c
index 17218b1..fb802da 100644
--- a/caca/dither.c
+++ b/caca/dither.c
@@ -116,7 +116,7 @@ enum color_mode
struct caca_dither
{
int bpp, has_palette, has_alpha;
- int w, h, pitch;
+ size_t w, h, pitch;
int rmask, gmask, bmask, amask;
int rright, gright, bright, aright;
int rleft, gleft, bleft, aleft;
distrib
>
Mageia
>
6
>
armv7hl
>
media
>
core-updates-src
>
by-pkgid
>
d9a54c81dde28ffd3bf2a8b4a1abc442
>
files
>
4
