Blender Git Loki
Git Commits -> Revision e6df028
Revision e6df028 by Brecht Van Lommel (master) January 17, 2018, 23:54 (GMT) |
Fix buffer overflow vulnerability in curve, font, particles code. Solves these security issues from T52924: CVE-2017-12102 CVE-2017-12103 CVE-2017-12104 While the specific overflow issue may be fixed, loading the repro .blend files may still crash because they are incomplete and corrupt. The way they crash may be impossible to exploit, but this is difficult to prove. Differential Revision: https://developer.blender.org/D3002 |
Commit Details:
Full Hash: e6df02861e17f75d4dd243776f35208681b78465
Parent Commit: e04d7c4
Lines Changed: +49, -24
7 Modified Paths:
/source/blender/blenkernel/BKE_particle.h (+2, -1) (Diff)
/source/blender/blenkernel/intern/curve.c (+19, -7) (Diff)
/source/blender/blenkernel/intern/font.c (+6, -0) (Diff)
/source/blender/blenkernel/intern/particle.c (+2, -1) (Diff)
/source/blender/blenloader/intern/readfile.c (+7, -1) (Diff)
/source/blender/editors/space_view3d/drawobject.c (+12, -11) (Diff)
/source/blender/makesdna/DNA_curve_types.h (+1, -3) (Diff)
/source/blender/blenkernel/intern/curve.c (+19, -7) (Diff)
/source/blender/blenkernel/intern/font.c (+6, -0) (Diff)
/source/blender/blenkernel/intern/particle.c (+2, -1) (Diff)
/source/blender/blenloader/intern/readfile.c (+7, -1) (Diff)
/source/blender/editors/space_view3d/drawobject.c (+12, -11) (Diff)
/source/blender/makesdna/DNA_curve_types.h (+1, -3) (Diff)