Blender Git Commit Log

Git Commits -> Revision 5b25605

Revision 5b25605 by Brecht Van Lommel

January 17, 2018, 23:39 (GMT)

Fix buffer overflow vulnerability in curve, font, particles code.

Solves these security issues from T52924:
CVE-2017-12102
CVE-2017-12103
CVE-2017-12104

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002

Commit Details:

Full Hash: 5b25605761fb7ed9ec79de845e34c61f87698176
Parent Commit: fdb6522
Lines Changed: +47, -22

7 Modified Paths:

/source/blender/blenkernel/BKE_particle.h (+2, -1) (Diff)
/source/blender/blenkernel/intern/curve.c (+17, -5) (Diff)
/source/blender/blenkernel/intern/font.c (+6, -0) (Diff)
/source/blender/blenkernel/intern/particle.c (+2, -1) (Diff)
/source/blender/blenloader/intern/readfile.c (+7, -1) (Diff)
/source/blender/editors/space_view3d/drawobject.c (+12, -11) (Diff)
/source/blender/makesdna/DNA_curve_types.h (+1, -3) (Diff)

Blender Git Commit Log

Git Commits -> Revision 5b25605

Commit Details:

7 Modified Paths:

Navigation

Stats

RSS Feeds

Blender Git Commit Log

Git Commits -> Revision 5b25605 Go

Commit Details:

7 Modified Paths:

Navigation

Stats

RSS Feeds

Git Commits -> Revision 5b25605