pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2021Q1]: pkgsrc/graphics/cairo Pullup ticket #6460 - requested...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/bdee12c06b07
branches:  pkgsrc-2021Q1
changeset: 453227:bdee12c06b07
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Tue May 25 14:54:36 2021 +0000

description:
Pullup ticket #6460 - requested by nia
graphics/cairo: security fix

Revisions pulled up:
- graphics/cairo/Makefile                                       1.149
- graphics/cairo/distinfo                                       1.90
- graphics/cairo/patches/patch-src_cairo-image-compositor.c     1.1

---
   Module Name: pkgsrc
   Committed By:        nia
   Date:                Tue May 25 07:29:42 UTC 2021

   Modified Files:
        pkgsrc/graphics/cairo: Makefile distinfo
   Added Files:
        pkgsrc/graphics/cairo/patches: patch-src_cairo-image-compositor.c

   Log Message:
   cairo: apply patch for CVE-2020-35492, bump PKGREVISION

diffstat:

 graphics/cairo/Makefile                                   |   4 +-
 graphics/cairo/distinfo                                   |   3 +-
 graphics/cairo/patches/patch-src_cairo-image-compositor.c |  45 +++++++++++++++
 3 files changed, 49 insertions(+), 3 deletions(-)

diffs (77 lines):

diff -r 536ae6a5fe91 -r bdee12c06b07 graphics/cairo/Makefile
--- a/graphics/cairo/Makefile   Tue May 25 14:49:35 2021 +0000
+++ b/graphics/cairo/Makefile   Tue May 25 14:54:36 2021 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.147 2020/08/17 20:17:27 leot Exp $
+# $NetBSD: Makefile,v 1.147.6.1 2021/05/25 14:54:36 bsiegert Exp $
 
 .include "../../graphics/cairo/Makefile.common"
 
-PKGREVISION=   2
+PKGREVISION=   4
 
 TEST_TARGET=                   check
 
diff -r 536ae6a5fe91 -r bdee12c06b07 graphics/cairo/distinfo
--- a/graphics/cairo/distinfo   Tue May 25 14:49:35 2021 +0000
+++ b/graphics/cairo/distinfo   Tue May 25 14:54:36 2021 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.89 2020/07/09 14:38:55 leot Exp $
+$NetBSD: distinfo,v 1.89.6.1 2021/05/25 14:54:36 bsiegert Exp $
 
 SHA1 (cairo-1.16.0.tar.xz) = 00e81842ae5e81bb0343108884eb5205be0eac14
 RMD160 (cairo-1.16.0.tar.xz) = cfd2ef6ec55b267e04600f6b1e36bb07f2566b35
@@ -9,3 +9,4 @@
 SHA1 (patch-ac) = 1785bbef6bcab4781bf89e1b986a7eb96e5f2b64
 SHA1 (patch-ad) = a1068a37113b162ccfe14d7f1bd0baa9df7e5530
 SHA1 (patch-src_cairo-ft-font.c) = 97288d79380473869f1049c1d8955a2f6fa3d178
+SHA1 (patch-src_cairo-image-compositor.c) = 83337d8211083d77b061c43b69da2b61080776d9
diff -r 536ae6a5fe91 -r bdee12c06b07 graphics/cairo/patches/patch-src_cairo-image-compositor.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/cairo/patches/patch-src_cairo-image-compositor.c Tue May 25 14:54:36 2021 +0000
@@ -0,0 +1,45 @@
+$NetBSD: patch-src_cairo-image-compositor.c,v 1.1.2.2 2021/05/25 14:54:36 bsiegert Exp $
+
+Fix mask usage in image-compositor
+
+https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/85
+https://gitlab.freedesktop.org/cairo/cairo/-/issues/437
+https://nvd.nist.gov/vuln/detail/CVE-2020-35492
+
+--- src/cairo-image-compositor.c.orig  2018-08-17 01:10:53.000000000 +0000
++++ src/cairo-image-compositor.c
+@@ -2601,14 +2601,14 @@ _inplace_src_spans (void *abstract_rende
+                   unsigned num_spans)
+ {
+     cairo_image_span_renderer_t *r = abstract_renderer;
+-    uint8_t *m;
++    uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
+     int x0;
+ 
+     if (num_spans == 0)
+       return CAIRO_STATUS_SUCCESS;
+ 
+     x0 = spans[0].x;
+-    m = r->_buf;
++    m = base;
+     do {
+       int len = spans[1].x - spans[0].x;
+       if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
+@@ -2646,7 +2646,7 @@ _inplace_src_spans (void *abstract_rende
+                                     spans[0].x, y,
+                                     spans[1].x - spans[0].x, h);
+ 
+-          m = r->_buf;
++          m = base;
+           x0 = spans[1].x;
+       } else if (spans[0].coverage == 0x0) {
+           if (spans[0].x != x0) {
+@@ -2675,7 +2675,7 @@ _inplace_src_spans (void *abstract_rende
+ #endif
+           }
+ 
+-          m = r->_buf;
++          m = base;
+           x0 = spans[1].x;
+       } else {
+           *m++ = spans[0].coverage;



Home | Main Index | Thread Index | Old Index