pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q4]: pkgsrc/print/cups Pullup ticket 328 - requested by Lu...
details: https://anonhg.NetBSD.org/pkgsrc/rev/05ab0b6ba91a
branches: pkgsrc-2004Q4
changeset: 485953:05ab0b6ba91a
user: snj <snj%pkgsrc.org@localhost>
date: Fri Mar 04 04:56:26 2005 +0000
description:
Pullup ticket 328 - requested by Lubomir Sedlacik
security fix for cups
Revisions pulled up:
- pkgsrc/print/cups/Makefile 1.90
- pkgsrc/print/cups/distinfo 1.31
- pkgsrc/print/cups/patches/patch-au 1.4
- pkgsrc/print/cups/patches/patch-av 1.3
Module Name: pkgsrc
Committed By: drochner
Date: Wed Mar 2 18:33:02 UTC 2005
Modified Files:
pkgsrc/print/cups: Makefile distinfo
pkgsrc/print/cups/patches: patch-au
Added Files:
pkgsrc/print/cups/patches: patch-av
Log Message:
Fix CAN-2005-0206:
An overflow check introduced earlier (for CAN-2004-0888) was never
triggered on 64-bit systems because 64-bit arithmetics was used there.
Sprinkle some casts to int su that the overflow can happen.
This fix is similar to the redhat one. The fix for similar code
in print/teTeX-bin looks much cleaner, but since cups already contains
the wrong redhad fix, I've chosen to stay close to the original.
bump PKGREVISION
diffstat:
print/cups/Makefile | 4 ++--
print/cups/distinfo | 5 +++--
print/cups/patches/patch-au | 38 +++++++++++++++++++++++++++++++++++++-
print/cups/patches/patch-av | 25 +++++++++++++++++++++++++
4 files changed, 67 insertions(+), 5 deletions(-)
diffs (111 lines):
diff -r dd3f1ec8d998 -r 05ab0b6ba91a print/cups/Makefile
--- a/print/cups/Makefile Wed Mar 02 22:16:52 2005 +0000
+++ b/print/cups/Makefile Fri Mar 04 04:56:26 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.82.2.2 2005/02/05 17:47:19 salo Exp $
+# $NetBSD: Makefile,v 1.82.2.3 2005/03/04 04:56:26 snj Exp $
#
# The CUPS author is very good about taking back changes into the main
# CUPS distribution. The correct place to send patches or bug-fixes is:
@@ -6,7 +6,7 @@
DISTNAME= cups-${DIST_VERS}-source
PKGNAME= cups-${VERS}
-PKGREVISION= 1
+PKGREVISION= 2
BASE_VERS= 1.1.23
DIST_VERS= ${BASE_VERS}
VERS= ${DIST_VERS:S/-/./g}
diff -r dd3f1ec8d998 -r 05ab0b6ba91a print/cups/distinfo
--- a/print/cups/distinfo Wed Mar 02 22:16:52 2005 +0000
+++ b/print/cups/distinfo Fri Mar 04 04:56:26 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.26.2.2 2005/02/05 17:47:19 salo Exp $
+$NetBSD: distinfo,v 1.26.2.3 2005/03/04 04:56:26 snj Exp $
SHA1 (cups-1.1.23-source.tar.bz2) = 32d5bfb44c4edc1b54ccb014b5a44499295c6c5c
Size (cups-1.1.23-source.tar.bz2) = 8705521 bytes
@@ -8,4 +8,5 @@
SHA1 (patch-an) = de699800471069b1521ab2ba7194df445fb75892
SHA1 (patch-ao) = c4c8f833cf4a09a686a338df6c209cebec36c6ef
SHA1 (patch-at) = aa36ec591164675b889d2cf32e4d754e9b6db94f
-SHA1 (patch-au) = 48d63140a54ff4b5af4216cfe6454adef4b66781
+SHA1 (patch-au) = ab43911c1b27b250a257c67d1d34066237e4da98
+SHA1 (patch-av) = 33437f71e0b6443b172246f1962f9d2eebbd8f11
diff -r dd3f1ec8d998 -r 05ab0b6ba91a print/cups/patches/patch-au
--- a/print/cups/patches/patch-au Wed Mar 02 22:16:52 2005 +0000
+++ b/print/cups/patches/patch-au Fri Mar 04 04:56:26 2005 +0000
@@ -1,7 +1,43 @@
-$NetBSD: patch-au,v 1.2.10.1 2005/02/05 17:47:19 salo Exp $
+$NetBSD: patch-au,v 1.2.10.2 2005/03/04 04:56:26 snj Exp $
--- pdftops/XRef.cxx.orig 2004-10-13 22:55:53.000000000 +0200
+++ pdftops/XRef.cxx
+@@ -76,7 +76,7 @@ XRef::XRef(BaseStream *strA, GString *ow
+
+ // trailer is ok - read the xref table
+ } else {
+- if (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size) {
++ if (size*(int)sizeof(XRefEntry)/sizeof(XRefEntry) != size) {
+ error(-1, "Invalid 'size' inside xref table.");
+ ok = gFalse;
+ errCode = errDamaged;
+@@ -291,7 +291,7 @@ GBool XRef::readXRef(Guint *pos) {
+ // table size
+ if (first + n > size) {
+ newSize = first + n;
+- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
++ if (newSize*(int)sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
+ error(-1, "Invalid 'newSize'");
+ goto err2;
+ }
+@@ -445,7 +445,7 @@ GBool XRef::constructXRef() {
+ if (!strncmp(p, "obj", 3)) {
+ if (num >= size) {
+ newSize = (num + 1 + 255) & ~255;
+- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
++ if (newSize*(int)sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
+ error(-1, "Invalid 'obj' parameters.");
+ return gFalse;
+ }
+@@ -470,7 +470,7 @@ GBool XRef::constructXRef() {
+ } else if (!strncmp(p, "endstream", 9)) {
+ if (streamEndsLen == streamEndsSize) {
+ streamEndsSize += 64;
+- if (streamEndsSize*sizeof(int)/sizeof(int) != streamEndsSize) {
++ if (streamEndsSize*(int)sizeof(int)/sizeof(int) != streamEndsSize) {
+ error(-1, "Invalid 'endstream' parameter.");
+ return gFalse;
+ }
@@ -527,6 +527,9 @@ GBool XRef::checkEncrypted(GString *owne
} else {
keyLength = 5;
diff -r dd3f1ec8d998 -r 05ab0b6ba91a print/cups/patches/patch-av
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/cups/patches/patch-av Fri Mar 04 04:56:26 2005 +0000
@@ -0,0 +1,25 @@
+$NetBSD: patch-av,v 1.2.10.1 2005/03/04 04:56:26 snj Exp $
+
+--- pdftops/Catalog.cxx.orig 2005-03-01 15:38:37.000000000 +0100
++++ pdftops/Catalog.cxx
+@@ -64,8 +64,8 @@ Catalog::Catalog(XRef *xrefA) {
+ }
+ pagesSize = numPages0 = (int)obj.getNum();
+ obj.free();
+- if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize ||
+- pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) {
++ if (pagesSize*(int)sizeof(Page *)/sizeof(Page *) != pagesSize ||
++ pagesSize*(int)sizeof(Ref)/sizeof(Ref) != pagesSize) {
+ error(-1, "Invalid 'pagesSize'");
+ ok = gFalse;
+ return;
+@@ -197,7 +197,8 @@ int Catalog::readPageTree(Dict *pagesDic
+ }
+ if (start >= pagesSize) {
+ pagesSize += 32;
+- if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize) {
++ if (pagesSize*(int)sizeof(Page *)/sizeof(Page *) != pagesSize ||
++ pagesSize*(int)sizeof(Ref)/sizeof(Ref) != pagesSize) {
+ error(-1, "Invalid 'pagesSize' parameter.");
+ goto err3;
+ }
Home |
Main Index |
Thread Index |
Old Index