pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/tiff add a patch from upstream



details:   https://anonhg.NetBSD.org/pkgsrc/rev/926ed6c71079
branches:  trunk
changeset: 560762:926ed6c71079
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Mon Jun 22 14:54:44 2009 +0000

description:
add a patch from upstream
(http://bugzilla.maptools.org/show_bug.cgi?id=2065)
to fix a buffer underflow which can cause DOS or system access
(SA35515)
bump PKGREVISION

diffstat:

 graphics/tiff/Makefile         |   4 ++--
 graphics/tiff/distinfo         |   4 ++--
 graphics/tiff/patches/patch-ac |  29 +++++++++++++++++++++++------
 3 files changed, 27 insertions(+), 10 deletions(-)

diffs (85 lines):

diff -r e1fb56866ad0 -r 926ed6c71079 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Mon Jun 22 14:39:19 2009 +0000
+++ b/graphics/tiff/Makefile    Mon Jun 22 14:54:44 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.86 2008/08/30 08:12:45 tron Exp $
+# $NetBSD: Makefile,v 1.87 2009/06/22 14:54:44 drochner Exp $
 
 DISTNAME=      tiff-3.8.2
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://ftp.remotesensing.org/pub/libtiff/ \
                http://libtiff.maptools.org/dl/
diff -r e1fb56866ad0 -r 926ed6c71079 graphics/tiff/distinfo
--- a/graphics/tiff/distinfo    Mon Jun 22 14:39:19 2009 +0000
+++ b/graphics/tiff/distinfo    Mon Jun 22 14:54:44 2009 +0000
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.41 2008/08/30 08:12:45 tron Exp $
+$NetBSD: distinfo,v 1.42 2009/06/22 14:54:44 drochner Exp $
 
 SHA1 (tiff-3.8.2.tar.gz) = 549e67b6a15b42bfcd72fe17cda7c9a198a393eb
 RMD160 (tiff-3.8.2.tar.gz) = 1b4d825e3be08764e953fc58246d0c25ab4dd17d
 Size (tiff-3.8.2.tar.gz) = 1336295 bytes
 SHA1 (patch-aa) = edac79a6f3b61e9fc787fe14f750d88023a29bfa
 SHA1 (patch-ab) = b517cb8bc2212d3e6c5a70db1bdf45b85b78fc72
-SHA1 (patch-ac) = 14a6651b51c788a7e75666fbf9ead2415748a610
+SHA1 (patch-ac) = 24bb2d78d63df7f02d128c7dc6a4c8db50fac891
 SHA1 (patch-at) = 4006ed90f6ab88aff30e2537d613a1b44b5c7347
 SHA1 (patch-au) = c53ed7521c3918081526ad63cd0c1c45c9a0b9ff
 SHA1 (patch-av) = 38852ef5028f6c0ad7a3e5497248f264f0cb7366
diff -r e1fb56866ad0 -r 926ed6c71079 graphics/tiff/patches/patch-ac
--- a/graphics/tiff/patches/patch-ac    Mon Jun 22 14:39:19 2009 +0000
+++ b/graphics/tiff/patches/patch-ac    Mon Jun 22 14:54:44 2009 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ac,v 1.19 2008/08/30 08:12:45 tron Exp $
+$NetBSD: patch-ac,v 1.20 2009/06/22 14:54:44 drochner Exp $
 
---- libtiff/tif_lzw.c.orig     2006-03-21 16:42:50.000000000 +0000
-+++ libtiff/tif_lzw.c  2008-08-30 09:03:37.000000000 +0100
-@@ -237,6 +237,13 @@
+--- libtiff/tif_lzw.c.orig     2006-03-21 17:42:50.000000000 +0100
++++ libtiff/tif_lzw.c
+@@ -237,6 +237,13 @@ LZWSetupDecode(TIFF* tif)
                      sp->dec_codetab[code].length = 1;
                      sp->dec_codetab[code].next = NULL;
                  } while (code--);
@@ -16,7 +16,7 @@
        }
        return (1);
  }
-@@ -408,12 +415,20 @@
+@@ -408,12 +415,20 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
                        break;
                if (code == CODE_CLEAR) {
                        free_entp = sp->dec_codetab + CODE_FIRST;
@@ -37,7 +37,7 @@
                        *op++ = (char)code, occ--;
                        oldcodep = sp->dec_codetab + code;
                        continue;
-@@ -604,12 +619,20 @@
+@@ -604,12 +619,20 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
                        break;
                if (code == CODE_CLEAR) {
                        free_entp = sp->dec_codetab + CODE_FIRST;
@@ -58,3 +58,20 @@
                        *op++ = code, occ--;
                        oldcodep = sp->dec_codetab + code;
                        continue;
+@@ -647,6 +670,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
+               }
+               oldcodep = codep;
+               if (code >= 256) {
++                      char *op_orig = op;
+                       /*
+                        * Code maps to a string, copy string
+                        * value to output (written in reverse).
+@@ -681,7 +705,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
+                       tp = op;
+                       do {
+                               *--tp = codep->value;
+-                      } while( (codep = codep->next) != NULL);
++                      } while( (codep = codep->next) != NULL && tp > op_orig);
+               } else
+                       *op++ = code, occ--;
+       }



Home | Main Index | Thread Index | Old Index