pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q3]: pkgsrc/graphics/libungif Pullup ticket 893 - requeste...
details: https://anonhg.NetBSD.org/pkgsrc/rev/04dba436c339
branches: pkgsrc-2005Q3
changeset: 499658:04dba436c339
user: salo <salo%pkgsrc.org@localhost>
date: Sat Nov 05 14:03:41 2005 +0000
description:
Pullup ticket 893 - requested by Adrian Portelli
security fix for libungif
Revisions pulled up:
- pkgsrc/graphics/libungif/Makefile 1.35
- pkgsrc/graphics/libungif/distinfo 1.10
- pkgsrc/graphics/libungif/patches/patch-ac 1.6
- pkgsrc/graphics/libungif/patches/patch-ad 1.1
- pkgsrc/graphics/libungif/patches/patch-ae 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Nov 5 13:32:36 UTC 2005
Modified Files:
pkgsrc/graphics/libungif: Makefile distinfo
Added Files:
pkgsrc/graphics/libungif/patches: patch-ac patch-ad patch-ae
Log Message:
Add patches for http://secunia.com/advisories/17436/ via. RedHat
diffstat:
graphics/libungif/Makefile | 6 +-
graphics/libungif/distinfo | 5 ++-
graphics/libungif/patches/patch-ac | 16 +++++++++
graphics/libungif/patches/patch-ad | 63 ++++++++++++++++++++++++++++++++++++++
graphics/libungif/patches/patch-ae | 21 ++++++++++++
5 files changed, 107 insertions(+), 4 deletions(-)
diffs (149 lines):
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/Makefile
--- a/graphics/libungif/Makefile Fri Nov 04 08:07:37 2005 +0000
+++ b/graphics/libungif/Makefile Sat Nov 05 14:03:41 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.34 2005/04/11 21:46:06 tv Exp $
+# $NetBSD: Makefile,v 1.34.4.1 2005/11/05 14:03:41 salo Exp $
DISTNAME= libungif-4.1.3
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= graphics
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libungif/}
EXTRACT_SUFX= .tar.bz2
@@ -27,7 +27,7 @@
REPLACE_PERL= util/gifburst
post-patch:
- ${RM} ${WRKSRC}/doc/gif2x11.html
+ @${RM} ${WRKSRC}/doc/gif2x11.html
post-install:
cd ${PREFIX}/lib && \
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/distinfo
--- a/graphics/libungif/distinfo Fri Nov 04 08:07:37 2005 +0000
+++ b/graphics/libungif/distinfo Sat Nov 05 14:03:41 2005 +0000
@@ -1,7 +1,10 @@
-$NetBSD: distinfo,v 1.9 2005/03/20 11:07:33 schwarz Exp $
+$NetBSD: distinfo,v 1.9.6.1 2005/11/05 14:03:41 salo Exp $
SHA1 (libungif-4.1.3.tar.bz2) = 04aab31b3e9e719a80320667bc23b3ee35505a34
RMD160 (libungif-4.1.3.tar.bz2) = 287abf7560f5394e62c475f0d722938842ba6786
Size (libungif-4.1.3.tar.bz2) = 439960 bytes
SHA1 (patch-aa) = eb2d1f1d21e19adc8bc33dcbd24be5c20560f4fd
SHA1 (patch-ab) = a93e2fe0a93aacda4566e723e681fd316fe2cb2a
+SHA1 (patch-ac) = 58985225879ea2d60a1eb9e8a17595f8a0ed95a5
+SHA1 (patch-ad) = dc5e0123b950674abe46be6508f3f8bb1a69641d
+SHA1 (patch-ae) = 43b271ae9ec6eddd8341526e6b8636c503cd209c
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/libungif/patches/patch-ac Sat Nov 05 14:03:41 2005 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ac,v 1.5.10.1 2005/11/05 14:03:41 salo Exp $
+
+--- lib/gifalloc.c.orig 2004-05-29 19:59:59.000000000 +0100
++++ lib/gifalloc.c
+@@ -420,8 +420,10 @@ FreeSavedImages(GifFileType * GifFile) {
+ }
+ for (sp = GifFile->SavedImages;
+ sp < GifFile->SavedImages + GifFile->ImageCount; sp++) {
+- if (sp->ImageDesc.ColorMap)
++ if (sp->ImageDesc.ColorMap) {
+ FreeMapObject(sp->ImageDesc.ColorMap);
++ sp->ImageDesc.ColorMap = NULL;
++ }
+
+ if (sp->RasterBits)
+ free((char *)sp->RasterBits);
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/libungif/patches/patch-ad Sat Nov 05 14:03:41 2005 +0000
@@ -0,0 +1,63 @@
+$NetBSD: patch-ad,v 1.1.2.2 2005/11/05 14:03:41 salo Exp $
+
+--- lib/dgif_lib.c.orig 2004-05-29 19:59:59.000000000 +0100
++++ lib/dgif_lib.c
+@@ -263,6 +263,7 @@ DGifGetScreenDesc(GifFileType * GifFile)
+ for (i = 0; i < GifFile->SColorMap->ColorCount; i++) {
+ if (READ(GifFile, Buf, 3) != 3) {
+ FreeMapObject(GifFile->SColorMap);
++ GifFile->SColorMap = NULL;
+ _GifError = D_GIF_ERR_READ_FAILED;
+ return GIF_ERROR;
+ }
+@@ -363,6 +364,7 @@ DGifGetImageDesc(GifFileType * GifFile)
+ for (i = 0; i < GifFile->Image.ColorMap->ColorCount; i++) {
+ if (READ(GifFile, Buf, 3) != 3) {
+ FreeMapObject(GifFile->Image.ColorMap);
++ GifFile->Image.ColorMap = NULL;
+ _GifError = D_GIF_ERR_READ_FAILED;
+ return GIF_ERROR;
+ }
+@@ -923,6 +925,12 @@ DGifDecompressInput(GifFileType * GifFil
+ 0x0fff
+ };
+
++ /* The image can't contain more than LZ_BITS per code. */
++ if (Private->RunningBits > LZ_BITS) {
++ _GifError = D_GIF_ERR_IMAGE_DEFECT;
++ return GIF_ERROR;
++ }
++
+ while (Private->CrntShiftState < Private->RunningBits) {
+ /* Needs to get more bytes from input stream for next code: */
+ if (DGifBufferedInput(GifFile, Private->Buf, &NextByte) == GIF_ERROR) {
+@@ -938,8 +946,12 @@ DGifDecompressInput(GifFileType * GifFil
+ Private->CrntShiftState -= Private->RunningBits;
+
+ /* If code cannot fit into RunningBits bits, must raise its size. Note
+- * however that codes above 4095 are used for special signaling. */
+- if (++Private->RunningCode > Private->MaxCode1 &&
++ * however that codes above 4095 are used for special signaling.
++ * If we're using LZ_BITS bits already and we're at the max code, just
++ * keep using the table as it is, don't increment Private->RunningCode.
++ */
++ if (Private->RunningCode < LZ_MAX_CODE + 2 &&
++ ++Private->RunningCode > Private->MaxCode1 &&
+ Private->RunningBits < LZ_BITS) {
+ Private->MaxCode1 <<= 1;
+ Private->RunningBits++;
+@@ -964,6 +976,14 @@ DGifBufferedInput(GifFileType * GifFile,
+ _GifError = D_GIF_ERR_READ_FAILED;
+ return GIF_ERROR;
+ }
++ /* There shouldn't be any empty data blocks here as the LZW spec
++ * says the LZW termination code should come first. Therefore we
++ * shouldn't be inside this routine at that point.
++ */
++ if (Buf[0] == 0) {
++ _GifError = D_GIF_ERR_IMAGE_DEFECT;
++ return GIF_ERROR;
++ }
+ if (READ(GifFile, &Buf[1], Buf[0]) != Buf[0]) {
+ _GifError = D_GIF_ERR_READ_FAILED;
+ return GIF_ERROR;
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/libungif/patches/patch-ae Sat Nov 05 14:03:41 2005 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-ae,v 1.1.2.2 2005/11/05 14:03:41 salo Exp $
+
+--- lib/egif_lib.c.orig 2004-05-29 22:53:36.000000000 +0100
++++ lib/egif_lib.c
+@@ -712,10 +712,14 @@ EGifCloseFile(GifFileType * GifFile) {
+ Buf = ';';
+ WRITE(GifFile, &Buf, 1);
+
+- if (GifFile->Image.ColorMap)
++ if (GifFile->Image.ColorMap) {
+ FreeMapObject(GifFile->Image.ColorMap);
+- if (GifFile->SColorMap)
++ GifFile->Image.ColorMap = NULL;
++ }
++ if (GifFile->SColorMap) {
+ FreeMapObject(GifFile->SColorMap);
++ GifFile->SColorMap = NULL;
++ }
+ if (Private) {
+ free((char *)Private);
+ }
Home |
Main Index |
Thread Index |
Old Index