[pkgsrc/pkgsrc-2016Q3]: pkgsrc/graphics/gd Pullup ticket #5124 - requested by...

[bsiegert <bsiegert%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/1cc865e20bcb
branches:  pkgsrc-2016Q3
changeset: 408777:1cc865e20bcb
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Thu Oct 06 18:25:40 2016 +0000

description:
Pullup ticket #5124 - requested by taca
graphics/gc: security fix

Revisions pulled up:
- graphics/gd/Makefile                                          1.112
- graphics/gd/distinfo                                          1.42
- graphics/gd/patches/patch-src_gd__webp.c                      1.1

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Wed Oct  5 03:10:31 UTC 2016

   Modified Files:
        pkgsrc/graphics/gd: Makefile distinfo
   Added Files:
        pkgsrc/graphics/gd/patches: patch-src_gd__webp.c

   Log Message:
   Add fix for CVE-2016-7568.

   Bump PKGREVISION.

diffstat:

 graphics/gd/Makefile                     |   3 ++-
 graphics/gd/distinfo                     |   3 ++-
 graphics/gd/patches/patch-src_gd__webp.c |  21 +++++++++++++++++++++
 3 files changed, 25 insertions(+), 2 deletions(-)

diffs (49 lines):

diff -r 46e1b27b68e3 -r 1cc865e20bcb graphics/gd/Makefile
--- a/graphics/gd/Makefile      Thu Oct 06 18:22:40 2016 +0000
+++ b/graphics/gd/Makefile      Thu Oct 06 18:25:40 2016 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.111 2016/08/02 18:29:21 adam Exp $
+# $NetBSD: Makefile,v 1.111.2.1 2016/10/06 18:25:40 bsiegert Exp $
 
 DISTNAME=      libgd-2.2.3
+PKGREVISION=   1
 PKGNAME=       ${DISTNAME:S/libgd/gd/}
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=libgd/}
diff -r 46e1b27b68e3 -r 1cc865e20bcb graphics/gd/distinfo
--- a/graphics/gd/distinfo      Thu Oct 06 18:22:40 2016 +0000
+++ b/graphics/gd/distinfo      Thu Oct 06 18:25:40 2016 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.41 2016/08/02 18:29:21 adam Exp $
+$NetBSD: distinfo,v 1.41.2.1 2016/10/06 18:25:40 bsiegert Exp $
 
 SHA1 (libgd-2.2.3.tar.xz) = 2f8cebec5afd6c83a3d5cb92f40ea4926b4daa98
 RMD160 (libgd-2.2.3.tar.xz) = e6c29133c2ea33c8ba16571892d2798ef0f5afea
 SHA512 (libgd-2.2.3.tar.xz) = bdc6d086bc054beda6574ec46baa4cd94048a5f2f357f875ba05983e92d247f1b731434b9e438c6aef09d46fa96f1a7e1f330a25a77ffd2dd78aa8a32d652557
 Size (libgd-2.2.3.tar.xz) = 2164152 bytes
+SHA1 (patch-src_gd__webp.c) = 55c5929007ffe0d9ab23b7fed9abf373bc188de8
diff -r 46e1b27b68e3 -r 1cc865e20bcb graphics/gd/patches/patch-src_gd__webp.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/gd/patches/patch-src_gd__webp.c  Thu Oct 06 18:25:40 2016 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-src_gd__webp.c,v 1.1.2.2 2016/10/06 18:25:40 bsiegert Exp $
+
+Fix for CVE-2016-7568.
+
+--- src/gd_webp.c.orig 2016-07-21 08:06:42.000000000 +0000
++++ src/gd_webp.c
+@@ -126,6 +126,14 @@ void gdImageWebpCtx (gdImagePtr im, gdIO
+               quantization = 80;
+       }
+ 
++      if (overflow2(gdImageSX(im), 4)) {
++              return;
++      }
++
++      if (overflow2(gdImageSX(im) * 4, gdImageSY(im))) {
++              return;
++      }
++
+       argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im));
+       if (!argb) {
+               return;