[pkgsrc/trunk]: pkgsrc/graphics/tiff tiff: add my own patch for CVE-2017-17095.

[maya <maya%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/769da3aef850
branches:  trunk
changeset: 372337:769da3aef850
user:      maya <maya%pkgsrc.org@localhost>
date:      Sun Dec 03 09:07:06 2017 +0000

description:
tiff: add my own patch for CVE-2017-17095.

bump PKGREVISION

diffstat:

 graphics/tiff/Makefile                      |   4 ++--
 graphics/tiff/distinfo                      |   3 ++-
 graphics/tiff/patches/patch-tools_pal2rgb.c |  23 +++++++++++++++++++++++
 3 files changed, 27 insertions(+), 3 deletions(-)

diffs (53 lines):

diff -r 2cdacab68ad6 -r 769da3aef850 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Sun Dec 03 08:50:02 2017 +0000
+++ b/graphics/tiff/Makefile    Sun Dec 03 09:07:06 2017 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.138 2017/11/19 16:31:04 he Exp $
+# $NetBSD: Makefile,v 1.139 2017/12/03 09:07:06 maya Exp $
 
 DISTNAME=      tiff-4.0.9
-#PKGREVISION=  1
+PKGREVISION=   1
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://download.osgeo.org/libtiff/
 
diff -r 2cdacab68ad6 -r 769da3aef850 graphics/tiff/distinfo
--- a/graphics/tiff/distinfo    Sun Dec 03 08:50:02 2017 +0000
+++ b/graphics/tiff/distinfo    Sun Dec 03 09:07:06 2017 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.87 2017/11/19 16:31:04 he Exp $
+$NetBSD: distinfo,v 1.88 2017/12/03 09:07:06 maya Exp $
 
 SHA1 (tiff-4.0.9.tar.gz) = 87d4543579176cc568668617c22baceccd568296
 RMD160 (tiff-4.0.9.tar.gz) = ab5b3b7297e79344775b1e70c4d54c90c06836a3
 SHA512 (tiff-4.0.9.tar.gz) = 04f3d5eefccf9c1a0393659fe27f3dddd31108c401ba0dc587bca152a1c1f6bc844ba41622ff5572da8cc278593eff8c402b44e7af0a0090e91d326c2d79f6cd
 Size (tiff-4.0.9.tar.gz) = 2305681 bytes
 SHA1 (patch-configure) = a0032133f06b6ac92bbf52349fabe83f74ea14a6
+SHA1 (patch-tools_pal2rgb.c) = f91652e8013940c162add870ceb9845e2730bc2c
diff -r 2cdacab68ad6 -r 769da3aef850 graphics/tiff/patches/patch-tools_pal2rgb.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/tiff/patches/patch-tools_pal2rgb.c       Sun Dec 03 09:07:06 2017 +0000
@@ -0,0 +1,23 @@
+$NetBSD: patch-tools_pal2rgb.c,v 1.1 2017/12/03 09:07:06 maya Exp $
+
+CVE-2017-17095 Heap-based buffer overflow bug in pal2rgb
+
+--- tools/pal2rgb.c.orig       2015-08-28 22:17:08.172200823 +0000
++++ tools/pal2rgb.c
+@@ -39,6 +39,7 @@
+ # include "libport.h"
+ #endif
+ 
++#include "tiffiop.h"
+ #include "tiffio.h"
+ 
+ #define       streq(a,b)      (strcmp(a,b) == 0)
+@@ -185,7 +186,7 @@
+         register unsigned char* pp;
+         register uint32 x;
+         ibuf = (unsigned char*)_TIFFmalloc(TIFFScanlineSize(in));
+-        obuf = (unsigned char*)_TIFFmalloc(TIFFScanlineSize(out));
++        obuf = (unsigned char*)_TIFFmalloc(TIFFSafeMultiply(tmsize_t, imagewidth, 3*sizeof(short)));
+         switch (config) {
+         case PLANARCONFIG_CONTIG:
+               for (row = 0; row < imagelength; row++) {