[pkgsrc/trunk]: pkgsrc/graphics/SDL_image Update to 1.2.7, security fixes wer...

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/89ba4fd70fe4
branches:  trunk
changeset: 550962:89ba4fd70fe4
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Wed Dec 03 08:33:07 2008 +0000

description:
Update to 1.2.7, security fixes were already in pkgsrc.

1.2.7:
Sam Lantinga - Sun Nov  2 15:08:27 PST 2008
 * Fixed buffer overflow in BMP loading code, discovered by j00ru//vx
Sam Lantinga - Fri Dec 28 08:34:54 PST 2007
 * Fixed buffer overflow in GIF loading code, discovered by Michael Skladnikiewicz

diffstat:

 graphics/SDL_image/Makefile         |   5 ++---
 graphics/SDL_image/distinfo         |  10 ++++------
 graphics/SDL_image/patches/patch-aa |  30 ------------------------------
 graphics/SDL_image/patches/patch-ab |  15 ---------------
 4 files changed, 6 insertions(+), 54 deletions(-)

diffs (81 lines):

diff -r aa05db38702e -r 89ba4fd70fe4 graphics/SDL_image/Makefile
--- a/graphics/SDL_image/Makefile       Wed Dec 03 08:29:48 2008 +0000
+++ b/graphics/SDL_image/Makefile       Wed Dec 03 08:33:07 2008 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.30 2008/02/11 10:12:24 drochner Exp $
+# $NetBSD: Makefile,v 1.31 2008/12/03 08:33:07 wiz Exp $
 
-DISTNAME=      SDL_image-1.2.6
-PKGREVISION=   2
+DISTNAME=      SDL_image-1.2.7
 CATEGORIES=    graphics devel
 MASTER_SITES=  http://www.libsdl.org/projects/SDL_image/release/
 
diff -r aa05db38702e -r 89ba4fd70fe4 graphics/SDL_image/distinfo
--- a/graphics/SDL_image/distinfo       Wed Dec 03 08:29:48 2008 +0000
+++ b/graphics/SDL_image/distinfo       Wed Dec 03 08:33:07 2008 +0000
@@ -1,7 +1,5 @@
-$NetBSD: distinfo,v 1.8 2008/02/11 10:12:24 drochner Exp $
+$NetBSD: distinfo,v 1.9 2008/12/03 08:33:07 wiz Exp $
 
-SHA1 (SDL_image-1.2.6.tar.gz) = 5045df31e4db29d8890110fd18024c9d08efca30
-RMD160 (SDL_image-1.2.6.tar.gz) = 8aea5f07216eb887f599c0908f8ea2c2f9eeac93
-Size (SDL_image-1.2.6.tar.gz) = 1308812 bytes
-SHA1 (patch-aa) = eb852fd3c7218fe257ca40a6e90c81ec13dcaeb1
-SHA1 (patch-ab) = 5ddd8f064834a47b7ebda5b1bc1e473351b3e005
+SHA1 (SDL_image-1.2.7.tar.gz) = 0cffd05e41014651e7114d7fea309c9f37ef2d8a
+RMD160 (SDL_image-1.2.7.tar.gz) = d54233077c0a49f075bf11dc1cc2cfe7c0a64efa
+Size (SDL_image-1.2.7.tar.gz) = 1315517 bytes
diff -r aa05db38702e -r 89ba4fd70fe4 graphics/SDL_image/patches/patch-aa
--- a/graphics/SDL_image/patches/patch-aa       Wed Dec 03 08:29:48 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,30 +0,0 @@
-$NetBSD: patch-aa,v 1.1 2008/02/08 12:33:31 drochner Exp $
-
---- IMG_lbm.c.orig     2007-07-20 06:36:32.000000000 +0200
-+++ IMG_lbm.c
-@@ -28,6 +28,7 @@
-    EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain
-    (http://www.multimania.com/mavati) in December 2003.
-    Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004.
-+   Buffer overflow fix in RLE decompression by David Raulo in January 2008.
- */
- 
- #include <stdio.h>
-@@ -328,7 +329,7 @@ SDL_Surface *IMG_LoadLBM_RW( SDL_RWops *
-                                               count ^= 0xFF;
-                                               count += 2; /* now it */
- 
--                                              if ( !SDL_RWread( src, &color, 1, 1 ) )
-+                                              if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) )
-                                               {
-                                                  error="error reading BODY chunk";
-                                                       goto done;
-@@ -339,7 +340,7 @@ SDL_Surface *IMG_LoadLBM_RW( SDL_RWops *
-                                       {
-                                               ++count;
- 
--                                              if ( !SDL_RWread( src, ptr, count, 1 ) )
-+                                              if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) )
-                                               {
-                                                  error="error reading BODY chunk";
-                                                       goto done;
diff -r aa05db38702e -r 89ba4fd70fe4 graphics/SDL_image/patches/patch-ab
--- a/graphics/SDL_image/patches/patch-ab       Wed Dec 03 08:29:48 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-ab,v 1.1 2008/02/11 10:12:24 drochner Exp $
-
---- IMG_gif.c.orig     2007-07-02 04:03:48.000000000 +0200
-+++ IMG_gif.c
-@@ -418,6 +418,10 @@ LWZReadByte(SDL_RWops *src, int flag, in
-     static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
-     register int i;
- 
-+    /* Fixed buffer overflow found by Michael Skladnikiewicz */
-+    if (input_code_size > MAX_LWZ_BITS)
-+        return -1;
-+
-     if (flag) {
-       set_code_size = input_code_size;
-       code_size = set_code_size + 1;