tech-pkg archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
graphics/freetype2
Hi,
I think security patch for graphics/freetype2 2.4.10 should be included
into pkgsrc-2012Q4 branch.
How about the attached patches?
They are taken from following pages.
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=309b8b31e0319e659b32a0187fc52e56943882cc
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8ac5c5c8a570fdb9a92e8f811e3ea5b623188ee1
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a
From: "Takahiro Kambe" <taca%NetBSD.org@localhost>, Date: Wed, 26 Dec 2012
04:25:43 +0000
> Module Name: pkgsrc
> Committed By: taca
> Date: Wed Dec 26 04:25:43 UTC 2012
>
> Modified Files:
> pkgsrc/doc: TODO
>
> Log Message:
> + freetype-2.4.11 [security].
>
>
> To generate a diff of this commit:
> cvs rdiff -u -r1.11785 -r1.11786 pkgsrc/doc/TODO
>
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.
>
--
Ryo ONODERA // ryo_on%yk.rim.or.jp@localhost
PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
$NetBSD$
--- src/base/fttrigon.c.orig 2009-07-31 16:45:18.000000000 +0000
+++ src/base/fttrigon.c
@@ -36,7 +36,7 @@
};
/* the Cordic shrink factor, multiplied by 2^32 */
-#define FT_TRIG_SCALE 1166391785UL /* 0x4585BA38UL */
+#define FT_TRIG_SCALE 1166391864UL /* 0x4585BA38UL */
#ifdef FT_CONFIG_HAS_INT64
$NetBSD$
--- src/sfnt/ttload.c.orig 2012-06-14 05:35:58.000000000 +0000
+++ src/sfnt/ttload.c
@@ -1239,11 +1239,11 @@
num_ranges = face->gasp.numRanges;
FT_TRACE3(( "numRanges: %u\n", num_ranges ));
- if ( FT_QNEW_ARRAY( gaspranges, num_ranges ) ||
+ if ( FT_QNEW_ARRAY( face->gasp.gaspRanges, num_ranges ) ||
FT_FRAME_ENTER( num_ranges * 4L ) )
goto Exit;
- face->gasp.gaspRanges = gaspranges;
+ gaspranges = face->gasp.gaspRanges;
for ( j = 0; j < num_ranges; j++ )
{
$NetBSD$
--- src/bdf/bdflib.c.orig 2012-06-14 05:35:58.000000000 +0000
+++ src/bdf/bdflib.c
@@ -1624,12 +1624,16 @@
if ( p->glyph_enc == -1 && p->list.used > 2 )
p->glyph_enc = _bdf_atol( p->list.field[2], 0, 10 );
+ if ( p->glyph_enc < -1 )
+ p->glyph_enc = -1;
+
FT_TRACE4(( DBGMSG2, p->glyph_enc ));
/* Check that the encoding is in the Unicode range because */
/* otherwise p->have (a bitmap with static size) overflows. */
- if ( p->glyph_enc > 0 &&
- (size_t)p->glyph_enc >= sizeof ( p->have ) * 8 )
+ if ( p->glyph_enc > 0 &&
+ (size_t)p->glyph_enc >= sizeof ( p->have ) /
+ sizeof ( unsigned long ) * 32 )
{
FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG5, lineno, "ENCODING" ));
error = BDF_Err_Invalid_File_Format;
@@ -2169,7 +2173,10 @@
p->cnt = p->font->props_size = _bdf_atoul( p->list.field[1], 0, 10 );
if ( FT_NEW_ARRAY( p->font->props, p->cnt ) )
+ {
+ p->font->props_size = 0;
goto Exit;
+ }
p->flags |= _BDF_PROPS;
*next = _bdf_parse_properties;
Home |
Main Index |
Thread Index |
Old Index