File gegl-CVE-2021-45463.patch of Package gegl.22279

Overview Repositories Revisions Requests Users Attributes Meta

File gegl-CVE-2021-45463.patch of Package gegl.22279

From bfce470f0f2f37968862129d5038b35429f2909b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98yvind=20Kol=C3=A5s?= <pippin@gimp.org>
Date: Thu, 16 Dec 2021 00:10:24 +0100
Subject: [PATCH] magick-load: use more robust g_spawn_async() instead of
 system()

This fixes issue #298 by avoiding the shell parsing being invoked at
all, this less brittle than any forms of escaping characters, while
retaining the ability to address all existing files.
---
 operations/common/magick-load.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/operations/common/magick-load.c b/operations/common/magick-load.c
index e2055b2e9..595169115 100644
--- a/operations/common/magick-load.c
+++ b/operations/common/magick-load.c
@@ -41,20 +41,23 @@ load_cache (GeglProperties *op_magick_load)
   if (!op_magick_load->user_data)
     {
       gchar    *filename;
-      gchar    *cmd;
       GeglNode *graph, *sink, *loader;
       GeglBuffer *newbuf = NULL;
 
       /* ImageMagick backed fallback FIXME: make this robust.
        * maybe use pipes in a manner similar to the raw loader,
        * or at least use a properly unique filename  */
+      char     *argv[4]  = {"convert", NULL, NULL, NULL};
 
       filename = g_build_filename (g_get_tmp_dir (), "gegl-magick.png", NULL);
-      cmd = g_strdup_printf ("convert \"%s\"'[0]' \"%s\"",
-                             op_magick_load->path, filename);
-      if (system (cmd) == -1)
+
+      argv[1] = g_strdup_printf ("%s[0]", op_magick_load->path);
+      argv[2] = filename;
+      if (!g_spawn_sync (NULL, argv, NULL, G_SPAWN_DEFAULT,
+                         NULL, NULL, NULL, NULL, NULL, NULL))
         g_warning ("Error executing ImageMagick convert program");
 
+      g_free (argv[1]);
 
       graph = gegl_node_new ();
       sink = gegl_node_new_child (graph,
@@ -67,7 +70,6 @@ load_cache (GeglProperties *op_magick_load)
       gegl_node_process (sink);
       op_magick_load->user_data = (gpointer) newbuf;
       g_object_unref (graph);
-      g_free (cmd);
       g_free (filename);
     }
 }
-- 
GitLab

From 2172cf7e8d7e8891ae2053d6eef213d5bef939cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98yvind=20Kol=C3=A5s?= <pippin@gimp.org>
Date: Thu, 16 Dec 2021 01:49:25 +0100
Subject: [PATCH] magick-load: pass redirect to /dev/null flags to
 g_spawn_async

---
 operations/common/magick-load.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/operations/common/magick-load.c b/operations/common/magick-load.c
index 595169115..3de376026 100644
--- a/operations/common/magick-load.c
+++ b/operations/common/magick-load.c
@@ -53,7 +53,8 @@ load_cache (GeglProperties *op_magick_load)
 
       argv[1] = g_strdup_printf ("%s[0]", op_magick_load->path);
       argv[2] = filename;
-      if (!g_spawn_sync (NULL, argv, NULL, G_SPAWN_DEFAULT,
+      if (!g_spawn_sync (NULL, argv, NULL,
+                         G_SPAWN_STDOUT_TO_DEV_NULL|G_SPAWN_STDERR_TO_DEV_NULL,
                          NULL, NULL, NULL, NULL, NULL, NULL))
         g_warning ("Error executing ImageMagick convert program");
 
-- 
GitLab

Places

File gegl-CVE-2021-45463.patch of Package gegl.22279

Places