libheif: add patch for CVE-2019-11471 (PR #61919)

2019-05-23 01:12:23 +01:00 · 2019-05-23 01:12:23 +01:00 · 9c4d318f06
commit 9c4d318f06
parent 3a28c99923
2 changed files with 17 additions and 0 deletions
--- a/pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch
+++ b/pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch
@ -0,0 +1,15 @@
+Adapted from upstream commit 995a4283d8ed2d0d2c1ceb1a577b993df2f0e014
+--- a/libheif/heif_context.cc
+++ b/libheif/heif_context.cc
+@@ -571,6 +571,11 @@
+             image->set_is_alpha_channel_of(refs[0]);
+ 
+             auto master_iter = m_all_images.find(refs[0]);
+            if (master_iter == m_all_images.end()) {
+              return Error(heif_error_Invalid_input,
+                           heif_suberror_Nonexisting_item_referenced,
+                           "Non-existing alpha image referenced");
+            }
+             master_iter->second->set_alpha_channel(image);
+           }
+
--- a/pkgs/development/libraries/libheif/default.nix
+++ b/pkgs/development/libraries/libheif/default.nix
@ -11,6 +11,8 @@ stdenv.mkDerivation rec {
    sha256 = "0vbjknkb2ccmw3xh2j8ljz5sj9i8wv92iw7zghcc5wn64sk1xkk2";
  };

+  patches = [ ./1.4.0-CVE-2019-11471.patch ];
+
  nativeBuildInputs = [ autoreconfHook pkgconfig ];
  buildInputs = [ libde265 x265 libpng libjpeg ];