diff options
| author |   Nirbheek Chauhan <nirbheek@gentoo.org> | 2009-06-27 11:34:54 +0000 |
|---|---|---|
| committer | Nirbheek Chauhan <nirbheek@gentoo.org> | 2009-06-27 11:34:54 +0000 |
| commit | feb27ab0041e15736db7beba13658c0182c66e1e (patch) | |
| tree | 53facfbf7feb69dbae92a27ddcd820a84d6bbfad /net-libs/webkit-gtk/files | |
| parent | Keyworded on alpha, bug #269088 (diff) | |
| download | gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.tar.gz gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.tar.bz2 gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.zip | |
Fix bug 271861 (Array indexing vulnerability (CVE-2009-0945))
(Portage version: 2.2_rc33/cvs/Linux i686)
Diffstat (limited to 'net-libs/webkit-gtk/files')
| -rw-r--r-- | net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch b/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch new file mode 100644 index 000000000000..d053e42866e8 --- /dev/null +++ b/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch @@ -0,0 +1,18 @@ +Patch against Webkit-0 for CVE-2009-0945, bug 271861. + +diff -ru a/WebKit-r40220/WebCore/svg/SVGList.h b/WebKit-r40220/WebCore/svg/SVGList.h +--- a/WebKit-r40220/WebCore/svg/SVGList.h 2009-01-21 06:14:24.000000000 +0100 ++++ b/WebKit-r40220/WebCore/svg/SVGList.h 2009-06-27 01:47:15.000000000 +0200 +@@ -96,7 +96,11 @@ + + Item insertItemBefore(Item newItem, unsigned int index, ExceptionCode&) + { +- m_vector.insert(index, newItem); ++ if (index < m_vector.size()) { ++ m_vector.insert(index, newItem); ++ } else { ++ m_vector.append(newItem); ++ } + return newItem; + } + |