guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: webkitgtk-2.4: Fix potential code execution vulnerability.

From: Mark H. Weaver
Subject: 01/01: gnu: webkitgtk-2.4: Fix potential code execution vulnerability.
Date: Thu, 08 Oct 2015 02:54:22 +0000 
mhw pushed a commit to branch master
in repository guix.

commit a606ed89d4e3737beec2f3392bedba61904778f4
Author: Mark H Weaver <address@hidden>
Date:   Wed Oct 7 22:50:46 2015 -0400

    gnu: webkitgtk-2.4: Fix potential code execution vulnerability.
    
    * gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch: New file.
    * gnu-system.am (dist_patch_DATA): Add it.
    * gnu/packages/webkit.scm (webkitgtk-2.4)[source]: Add patch.
---
 gnu-system.am                                      |    1 +
 .../patches/webkitgtk-2.4-sql-init-string.patch    |   17 +++++++++++++++++
 gnu/packages/webkit.scm                            |    4 +++-
 3 files changed, 21 insertions(+), 1 deletions(-)

diff --git a/gnu-system.am b/gnu-system.am
index 35d2da4..67879e9 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -650,6 +650,7 @@ dist_patch_DATA =                                           
\
   gnu/packages/patches/vpnc-script.patch                       \
   gnu/packages/patches/vtk-mesa-10.patch                       \
   gnu/packages/patches/w3m-fix-compile.patch                   \
+  gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch     \
   gnu/packages/patches/weex-vacopy.patch                       \
   gnu/packages/patches/wicd-bitrate-none-fix.patch             \
   gnu/packages/patches/wicd-get-selected-profile-fix.patch     \
diff --git a/gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch 
b/gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch
new file mode 100644
index 0000000..671b5fb
--- /dev/null
+++ b/gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch
@@ -0,0 +1,17 @@
+Copied from Fedora.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1189303
+http://pkgs.fedoraproject.org/cgit/webkitgtk.git/commit/?id=e689e45d0cc2c50484e69d20371ba607af7326f3
+
+diff -up 
webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp.sql_initialize_string
 webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp
+--- 
webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp.sql_initialize_string
      2015-09-14 09:25:43.004200172 +0200
++++ webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp    
2015-09-14 09:25:57.852082368 +0200
+@@ -71,7 +71,7 @@ int SQLiteStatement::prepare()
+     // this lets SQLite avoid an extra string copy.
+     size_t lengthIncludingNullCharacter = query.length() + 1;
+ 
+-    const char* tail;
++    const char* tail = nullptr;
+     int error = sqlite3_prepare_v2(m_database.sqlite3Handle(), query.data(), 
lengthIncludingNullCharacter, &m_statement, &tail);
+ 
+     if (error != SQLITE_OK)
diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm
index 6be1f91..bb041b1 100644
--- a/gnu/packages/webkit.scm
+++ b/gnu/packages/webkit.scm
@@ -141,7 +141,9 @@ HTML/CSS applications to full-fledged web browsers.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0r651ar3p0f8zwl7764kyimxk5hy88cwy116pv8cl5l8hbkjkpxg"))))
+                "0r651ar3p0f8zwl7764kyimxk5hy88cwy116pv8cl5l8hbkjkpxg"))
+              (patches
+               (list (search-patch "webkitgtk-2.4-sql-init-string.patch")))))
     (build-system gnu-build-system)
     (arguments
      '(#:tests? #f ; no tests
reply via email to
[Prev in Thread] Current Thread [Next in Thread]