CVS commit: [pkgsrc-2017Q1] pkgsrc/graphics/gdk-pixbuf2

["Benny Siegert" <bsiegert%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Fri Jun  2 19:54:50 UTC 2017

Modified Files:
        pkgsrc/graphics/gdk-pixbuf2 [pkgsrc-2017Q1]: Makefile.version PLIST
            distinfo
Added Files:
        pkgsrc/graphics/gdk-pixbuf2/patches [pkgsrc-2017Q1]:
            patch-gdk-pixbuf_io-icns.c patch-gdk-pixbuf_io-ico.c
            patch-gdk-pixbuf_io-tiff.c

Log Message:
Pullup ticket #5440 - requested by sevan
graphics/gdk-pixbuf2: security fix

Revisions pulled up:
- graphics/gdk-pixbuf2/Makefile.version                         1.16
- graphics/gdk-pixbuf2/PLIST                                    1.16
- graphics/gdk-pixbuf2/distinfo                                 1.33
- graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-icns.c       1.3
- graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-ico.c        1.1
- graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-tiff.c       1.1

---
   Module Name:    pkgsrc
   Committed By:   spz
   Date:           Sun May 14 12:55:16 UTC 2017

   Modified Files:
           pkgsrc/graphics/gdk-pixbuf2: Makefile.version PLIST distinfo
   Added Files:
           pkgsrc/graphics/gdk-pixbuf2/patches: patch-gdk-pixbuf_io-icns.c
               patch-gdk-pixbuf_io-ico.c patch-gdk-pixbuf_io-tiff.c
               patch-thumbnailer_gnome-thumbnailer-skeleton.c

   Log Message:
   updating from version 2.36.4 to 2.36.6
   adding patches for: CVE-2017-6311 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314
   from bugzilla.gnome.org


To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.15.2.1 pkgsrc/graphics/gdk-pixbuf2/Makefile.version \
    pkgsrc/graphics/gdk-pixbuf2/PLIST
cvs rdiff -u -r1.32 -r1.32.2.1 pkgsrc/graphics/gdk-pixbuf2/distinfo
cvs rdiff -u -r0 -r1.3.2.2 \
    pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-icns.c
cvs rdiff -u -r0 -r1.1.2.2 \
    pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-ico.c \
    pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-tiff.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/graphics/gdk-pixbuf2/Makefile.version
diff -u pkgsrc/graphics/gdk-pixbuf2/Makefile.version:1.15 pkgsrc/graphics/gdk-pixbuf2/Makefile.version:1.15.2.1
--- pkgsrc/graphics/gdk-pixbuf2/Makefile.version:1.15   Sun Jan 29 06:09:51 2017
+++ pkgsrc/graphics/gdk-pixbuf2/Makefile.version        Fri Jun  2 19:54:50 2017
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile.version,v 1.15 2017/01/29 06:09:51 tsutsui Exp $
+# $NetBSD: Makefile.version,v 1.15.2.1 2017/06/02 19:54:50 bsiegert Exp $
 #
 # used by graphics/gdk-pixbuf2/Makefile
 # used by graphics/gdk-pixbuf2-jasper/Makefile
 # used by graphics/gdk-pixbuf2-xlib/Makefile
 
-PIXBUF2_VERSION=       2.36.4
+PIXBUF2_VERSION=       2.36.6
 MSITE_VERSION=         ${PIXBUF2_VERSION:R}
Index: pkgsrc/graphics/gdk-pixbuf2/PLIST
diff -u pkgsrc/graphics/gdk-pixbuf2/PLIST:1.15 pkgsrc/graphics/gdk-pixbuf2/PLIST:1.15.2.1
--- pkgsrc/graphics/gdk-pixbuf2/PLIST:1.15      Sun Jan 29 06:09:51 2017
+++ pkgsrc/graphics/gdk-pixbuf2/PLIST   Fri Jun  2 19:54:50 2017
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.15 2017/01/29 06:09:51 tsutsui Exp $
+@comment $NetBSD: PLIST,v 1.15.2.1 2017/06/02 19:54:50 bsiegert Exp $
 bin/gdk-pixbuf-csource
 bin/gdk-pixbuf-pixdata
 bin/gdk-pixbuf-query-loaders
@@ -37,18 +37,6 @@ man/man1/gdk-pixbuf-query-loaders.1
 share/gir-1.0/GdkPixbuf-2.0.gir
 share/gtk-doc/html/gdk-pixbuf/GdkPixbufLoader.html
 share/gtk-doc/html/gdk-pixbuf/annotation-glossary.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-12.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-14.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-2.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-26.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-28.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-30.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-32.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-36.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-4.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-6.html
-share/gtk-doc/html/gdk-pixbuf/api-index-2-8.html
-share/gtk-doc/html/gdk-pixbuf/api-index-deprecated.html
 share/gtk-doc/html/gdk-pixbuf/api-index-full.html
 share/gtk-doc/html/gdk-pixbuf/composite.png
 share/gtk-doc/html/gdk-pixbuf/gdk-pixbuf-Animations.html

Index: pkgsrc/graphics/gdk-pixbuf2/distinfo
diff -u pkgsrc/graphics/gdk-pixbuf2/distinfo:1.32 pkgsrc/graphics/gdk-pixbuf2/distinfo:1.32.2.1
--- pkgsrc/graphics/gdk-pixbuf2/distinfo:1.32   Sun Jan 29 06:09:51 2017
+++ pkgsrc/graphics/gdk-pixbuf2/distinfo        Fri Jun  2 19:54:50 2017
@@ -1,9 +1,13 @@
-$NetBSD: distinfo,v 1.32 2017/01/29 06:09:51 tsutsui Exp $
+$NetBSD: distinfo,v 1.32.2.1 2017/06/02 19:54:50 bsiegert Exp $
 
-SHA1 (gdk-pixbuf-2.36.4.tar.xz) = d511ec0244b74bd3591eda7ccefcf79123f17d9d
-RMD160 (gdk-pixbuf-2.36.4.tar.xz) = db3e3f36826e5c866867b1ecf76e45e9c5e2c675
-SHA512 (gdk-pixbuf-2.36.4.tar.xz) = 3cede681a980998f0ace1a53cbf6faf25c0766582196c84a2860f1db7b2f08e04ef60c2046483b1ca5f9025bc20859a93ad295fd34c56dedcc214356c6375466
-Size (gdk-pixbuf-2.36.4.tar.xz) = 5158812 bytes
+SHA1 (gdk-pixbuf-2.36.6.tar.xz) = 8caa99dbbb143cddbb896bf35e01da717bb1479f
+RMD160 (gdk-pixbuf-2.36.6.tar.xz) = 9894ee0a16ed9fd6e7a152c1a5c2636985430d3a
+SHA512 (gdk-pixbuf-2.36.6.tar.xz) = b963f01161b58463c83499079545aa946fd824ec5e7167e0898698ac46e0cc3fb3dcb0cac5afabd6b7d957391b9c9bba55f340294076433155fc91052d5403ec
+Size (gdk-pixbuf-2.36.6.tar.xz) = 5166980 bytes
 SHA1 (patch-contrib_gdk-pixbuf-xlib_Makefile.in) = 636ab94c6bfde10c118b7833b4637a586781bfd5
 SHA1 (patch-gdk-pixbuf_Makefile.in) = 9173c4dbc89e4a4d34359e52885121c19a8a7ba6
 SHA1 (patch-gdk-pixbuf_gdk-pixbuf-scaled-anim.c) = 486db8d3f352b0d72b7074ba48f14ccbfa09deda
+SHA1 (patch-gdk-pixbuf_io-icns.c) = 71c1aa8ab88a260086b2bb345094d6a4376319a4
+SHA1 (patch-gdk-pixbuf_io-ico.c) = b9899618924d8201f3577d4d010e9c00be1c5d3b
+SHA1 (patch-gdk-pixbuf_io-tiff.c) = a43137f861ff9a240d148adb2a278c2112291652
+SHA1 (patch-thumbnailer_gnome-thumbnailer-skeleton.c) = ea0f9dd8fa79f3eb794873745ea3b132e157e176

Added files:

Index: pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-icns.c
diff -u /dev/null pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-icns.c:1.3.2.2
--- /dev/null   Fri Jun  2 19:54:50 2017
+++ pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-icns.c      Fri Jun  2 19:54:50 2017
@@ -0,0 +1,16 @@
+$NetBSD: patch-gdk-pixbuf_io-icns.c,v 1.3.2.2 2017/06/02 19:54:50 bsiegert Exp $
+
+from hint in https://bugzilla.gnome.org/show_bug.cgi?id=779016
+for CVE-2017-6313
+
+--- gdk-pixbuf/io-icns.c.orig  2016-10-22 03:38:29.000000000 +0000
++++ gdk-pixbuf/io-icns.c
+@@ -95,7 +95,7 @@ load_resources (unsigned size, IN gpoint
+       blocklen = GUINT32_FROM_BE (header->size);
+ 
+       /* Check that blocklen isn't garbage */
+-      if (blocklen > icnslen - (current - bytes))
++      if ((blocklen > icnslen - (current - bytes)) || (blocklen < sizeof (IcnsBlockHeader)))
+         return FALSE;
+ 
+       switch (size)

Index: pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-ico.c
diff -u /dev/null pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-ico.c:1.1.2.2
--- /dev/null   Fri Jun  2 19:54:50 2017
+++ pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-ico.c       Fri Jun  2 19:54:50 2017
@@ -0,0 +1,30 @@
+$NetBSD: patch-gdk-pixbuf_io-ico.c,v 1.1.2.2 2017/06/02 19:54:50 bsiegert Exp $
+
+from https://bugzilla.gnome.org/attachment.cgi?id=347366&action=diff
+for CVE-2017-6312
+
+--- gdk-pixbuf/io-ico.c.orig   2017-02-27 17:24:19.000000000 +0000
++++ gdk-pixbuf/io-ico.c
+@@ -330,10 +330,8 @@ static void DecodeHeader(guchar *Data, g
+                       return;
+               }
+ 
+-              /* We know how many bytes are in the "header" part. */
+-              State->HeaderSize = entry->DIBoffset + INFOHEADER_SIZE;
+-
+-              if (State->HeaderSize < 0) {
++              /* Avoid invoking undefined behavior in the State->HeaderSize calculation below */
++              if (entry->DIBoffset > G_MAXINT - INFOHEADER_SIZE) {
+                       g_set_error (error,
+                                    GDK_PIXBUF_ERROR,
+                                    GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
+@@ -341,6 +339,9 @@ static void DecodeHeader(guchar *Data, g
+                       return;
+               }
+ 
++              /* We know how many bytes are in the "header" part. */
++              State->HeaderSize = entry->DIBoffset + INFOHEADER_SIZE;
++
+               if (State->HeaderSize>State->BytesInHeaderBuf) {
+                       guchar *tmp=g_try_realloc(State->HeaderBuf,State->HeaderSize);
+                       if (!tmp) {
Index: pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-tiff.c
diff -u /dev/null pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-tiff.c:1.1.2.2
--- /dev/null   Fri Jun  2 19:54:50 2017
+++ pkgsrc/graphics/gdk-pixbuf2/patches/patch-gdk-pixbuf_io-tiff.c      Fri Jun  2 19:54:50 2017
@@ -0,0 +1,21 @@
+$NetBSD: patch-gdk-pixbuf_io-tiff.c,v 1.1.2.2 2017/06/02 19:54:50 bsiegert Exp $
+
+from https://bugzilla.gnome.org/attachment.cgi?id=350204&action=diff
+for CVE-2017-6314
+
+--- gdk-pixbuf/io-tiff.c.orig  2017-03-26 11:12:32.000000000 +0000
++++ gdk-pixbuf/io-tiff.c
+@@ -505,9 +505,12 @@ make_available_at_least (TiffContext *co
+         need_alloc = context->used + needed;
+         if (need_alloc > context->allocated) {
+                 guint new_size = 1;
+-                while (new_size < need_alloc)
++                while (new_size && (new_size < need_alloc))
+                         new_size *= 2;
+ 
++              if(!(new_size))
++                      return FALSE;
++
+                 new_buffer = g_try_realloc (context->buffer, new_size);
+                 if (new_buffer) {
+                         context->buffer = new_buffer;