[pkgsrc/trunk]: pkgsrc/x11/libXfont libXfont-1.3.1nb2:

[joerg <joerg%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/99378a8533f9
branches:  trunk
changeset: 537904:99378a8533f9
user:      joerg <joerg%pkgsrc.org@localhost>
date:      Sun Jan 20 18:24:51 2008 +0000

description:
libXfont-1.3.1nb2:
Include upstream fix for another PCF integer overflow.
This is CVE-2008-0006.

diffstat:

 x11/libXfont/Makefile         |   4 ++--
 x11/libXfont/distinfo         |   3 ++-
 x11/libXfont/patches/patch-ab |  24 ++++++++++++++++++++++++
 3 files changed, 28 insertions(+), 3 deletions(-)

diffs (54 lines):

diff -r ab3a9d324587 -r 99378a8533f9 x11/libXfont/Makefile
--- a/x11/libXfont/Makefile     Sun Jan 20 15:18:55 2008 +0000
+++ b/x11/libXfont/Makefile     Sun Jan 20 18:24:51 2008 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.8 2007/09/24 16:24:48 joerg Exp $
+# $NetBSD: Makefile,v 1.9 2008/01/20 18:24:51 joerg Exp $
 #
 
 DISTNAME=              libXfont-1.3.1
-PKGREVISION=           1
+PKGREVISION=           2
 CATEGORIES=            x11 devel fonts
 MASTER_SITES=          http://xorg.freedesktop.org/releases/individual/lib/
 EXTRACT_SUFX=          .tar.bz2
diff -r ab3a9d324587 -r 99378a8533f9 x11/libXfont/distinfo
--- a/x11/libXfont/distinfo     Sun Jan 20 15:18:55 2008 +0000
+++ b/x11/libXfont/distinfo     Sun Jan 20 18:24:51 2008 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.7 2007/09/24 16:24:48 joerg Exp $
+$NetBSD: distinfo,v 1.8 2008/01/20 18:24:51 joerg Exp $
 
 SHA1 (libXfont-1.3.1.tar.bz2) = 90153414cd3580d92cad6469166c099749cddd29
 RMD160 (libXfont-1.3.1.tar.bz2) = 13c8ed7b33ec0c4f08c032d74958e49d3c177464
 Size (libXfont-1.3.1.tar.bz2) = 564235 bytes
 SHA1 (patch-aa) = e421de2c9b67b46c2dab651ba1bab13fd08df914
+SHA1 (patch-ab) = 56339bd99f714be3d9a7d697c39eab1b13794c3b
diff -r ab3a9d324587 -r 99378a8533f9 x11/libXfont/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/libXfont/patches/patch-ab     Sun Jan 20 18:24:51 2008 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-ab,v 1.3 2008/01/20 18:24:51 joerg Exp $
+
+--- src/bitmap/pcfread.c.orig  2007-09-05 02:18:23.000000000 +0200
++++ src/bitmap/pcfread.c
+@@ -588,6 +588,9 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
+     pFont->info.lastRow = pcfGetINT16(file, format);
+     pFont->info.defaultCh = pcfGetINT16(file, format);
+     if (IS_EOF(file)) goto Bail;
++    if (pFont->info.firstCol > pFont->info.lastCol ||
++       pFont->info.firstRow > pFont->info.lastRow ||
++       pFont->info.lastCol-pFont->info.firstCol > 255) goto Bail;
+ 
+     nencoding = (pFont->info.lastCol - pFont->info.firstCol + 1) *
+       (pFont->info.lastRow - pFont->info.firstRow + 1);
+@@ -726,6 +729,9 @@ pcfReadFontInfo(FontInfoPtr pFontInfo, F
+     pFontInfo->lastRow = pcfGetINT16(file, format);
+     pFontInfo->defaultCh = pcfGetINT16(file, format);
+     if (IS_EOF(file)) goto Bail;
++    if (pFontInfo->firstCol > pFontInfo->lastCol ||
++       pFontInfo->firstRow > pFontInfo->lastRow ||
++       pFontInfo->lastCol-pFontInfo->firstCol > 255) goto Bail;
+ 
+     nencoding = (pFontInfo->lastCol - pFontInfo->firstCol + 1) *
+       (pFontInfo->lastRow - pFontInfo->firstRow + 1);