giflib: patch CVE-2025-31344

Pulled from https://github.com/OpenMandrivaAssociation/giflib/blob/master/giflib-5.2.2-cve-2025-31344.patch (cherry picked from commit ca159cd3b8)
2025-06-09 19:13:26 +03:00 · 2025-04-07 23:05:40 +02:00 · 2025-04-07 23:05:40 +02:00 · 4fb382bf71
commit 4fb382bf71
parent c51600518c
2 changed files with 16 additions and 0 deletions
--- a/pkgs/by-name/gi/giflib/CVE-2025-31344.patch
+++ b/pkgs/by-name/gi/giflib/CVE-2025-31344.patch
@ -0,0 +1,15 @@
+diff -up giflib-5.2.2/gif2rgb.c.omv~ giflib-5.2.2/gif2rgb.c
+--- giflib-5.2.2/gif2rgb.c.omv~	2025-04-07 21:44:54.956355983 +0200
+++ giflib-5.2.2/gif2rgb.c	2025-04-07 21:45:29.630769589 +0200
+@@ -329,6 +329,11 @@ static void DumpScreen2RGB(char *FileNam
+ 			GifRow = ScreenBuffer[i];
+ 			GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
+ 			for (j = 0; j < ScreenWidth; j++) {
+				/* Check if color is within color palete */
+				if (GifRow[j] >= ColorMap->ColorCount) {
+					GIF_EXIT(GifErrorString(
+					    D_GIF_ERR_IMAGE_DEFECT));
+				}
+ 				ColorMapEntry = &ColorMap->Colors[GifRow[j]];
+ 				Buffers[0][j] = ColorMapEntry->Red;
+ 				Buffers[1][j] = ColorMapEntry->Green;
--- a/pkgs/by-name/gi/giflib/package.nix
+++ b/pkgs/by-name/gi/giflib/package.nix
@ -18,6 +18,7 @@ stdenv.mkDerivation rec {
  patches =
    [
      ./CVE-2021-40633.patch
+      ./CVE-2025-31344.patch
    ]
    ++ lib.optionals stdenv.hostPlatform.isMinGW [
      # Build dll libraries.