void-packages/srcpkgs/gthumb/patches/cve-2018-18718.patch

Description: CVE-2018-18718
             An issue was discovered in gThumb through 3.6.2. There is a 
             double-free vulnerability in the add_themes_from_dir method in 
             dlg-contact-sheet.c because of two successive calls of g_free,
             each of which frees the same buffer.
             Thanks Tianjun Wu - https://gitlab.gnome.org/leoaccount
             https://gitlab.gnome.org/GNOME/gthumb/issues/18
Author: Herbert Parentes Fortes Neto <hpfn@debian.org>
Last-Update: 2018-10-30
Index: gthumb/extensions/contact_sheet/dlg-contact-sheet.c
===================================================================
--- extensions/contact_sheet/dlg-contact-sheet.c
+++ extensions/contact_sheet/dlg-contact-sheet.c
@@ -352,6 +352,7 @@ add_themes_from_dir (DialogData *data,
 		if (! g_key_file_load_from_data (key_file, buffer, size, G_KEY_FILE_NONE, NULL)) {
 			g_key_file_free (key_file);
 			g_free (buffer);
+			buffer = NULL;
 			g_object_unref (file);
 			g_object_unref (file_info);
 		}