Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 574372 (CVE-2013-7447) - [Tracking] Memory allocation integer overflow in gdk_cairo_set_source_pixbuf (CVE-2013-7447)
Summary: [Tracking] Memory allocation integer overflow in gdk_cairo_set_source_pixbuf ...
Alias: CVE-2013-7447
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Depends on: 574374 574376 574378 574380 574382 574384
  Show dependency tree
Reported: 2016-02-10 21:36 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2018-04-03 19:15 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-10 21:36:56 UTC
Hello MITRE, all,

Virgil Grigoras and Vlad Orlov discovered an integer overflow flaw in
gtk+2.0 in image handling:

Bert Massop discovered the same issue in the gtk+3.0 codebase:

The fix replaces a direct height * cairo_stride multiplication with a call
to g_malloc_n() which knows how to multiply correctly:

-  cairo_pixels = g_malloc (height * cairo_stride);
+  cairo_pixels = g_malloc_n (height, cairo_stride);

This same bug appears to be copy-and-pasted to at least:
eom, gnome-photos, eog, gambas3, thunar, pinpoint, gtk+2.0*%20cairo_stride/page_0

I haven't been able to find CVEs assigned for any of these issues.


Related links:*%20cairo_stride/page_0
Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2018-04-03 19:15:00 UTC
Dependent bugs closed.