[pkgsrc/trunk]: pkgsrc/graphics/png Don't read past the end of the error mess...

[fredb <fredb%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/080b3a84e127
branches:  trunk
changeset: 475099:080b3a84e127
user:      fredb <fredb%pkgsrc.org@localhost>
date:      Mon May 10 01:15:14 2004 +0000

description:
Don't read past the end of the error message string. This patch was
posted to png-implement by Glenn Randers-Pherson, libpng's maintainer.

This error was widely reported as "security issue",

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421

even though there is no security issue. The most the error could do is
SIGSEGV, and that only with some fairly uncommon circumstances. The patch
posted with the advisory is in fact flawed, in that it calls strlen() on
presumably arbitrary data.

Bump PKGREVISION.

diffstat:

 graphics/png/Makefile         |   4 ++--
 graphics/png/distinfo         |   5 +++--
 graphics/png/patches/patch-ae |  20 ++++++++++++++++++--
 graphics/png/patches/patch-af |  13 +++++++++++++
 4 files changed, 36 insertions(+), 6 deletions(-)

diffs (81 lines):

diff -r b98c261c60b9 -r 080b3a84e127 graphics/png/Makefile
--- a/graphics/png/Makefile     Mon May 10 00:21:20 2004 +0000
+++ b/graphics/png/Makefile     Mon May 10 01:15:14 2004 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.60 2004/04/27 19:36:27 tv Exp $
+# $NetBSD: Makefile,v 1.61 2004/05/10 01:15:14 fredb Exp $
 
 # On update, don't forget to increase shared library major/minor's in
 # accordance with changes (patch-aa).
 DISTNAME=      libpng-1.2.5
 PKGNAME=       ${DISTNAME:S/lib//}
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=libpng/} \
                http://www.libpng.org/pub/png/src/ \
diff -r b98c261c60b9 -r 080b3a84e127 graphics/png/distinfo
--- a/graphics/png/distinfo     Mon May 10 00:21:20 2004 +0000
+++ b/graphics/png/distinfo     Mon May 10 01:15:14 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2004/04/27 22:40:35 tv Exp $
+$NetBSD: distinfo,v 1.18 2004/05/10 01:15:14 fredb Exp $
 
 SHA1 (libpng-1.2.5.tar.bz2) = 6752eaf1a604edbbb0149b781155ef9cb47d80c3
 Size (libpng-1.2.5.tar.bz2) = 378030 bytes
@@ -6,4 +6,5 @@
 SHA1 (patch-ab) = be7dc4a3e21c0056a913c5f1488528558024e6ea
 SHA1 (patch-ac) = 96e42c626b9aec1f2d68f920f147463ca77da27c
 SHA1 (patch-ad) = edfe5d2c827939eba9d62f426f5dca51979be245
-SHA1 (patch-ae) = a0f17e4a95d80ca51fb99d0abffffb31e20cc7f2
+SHA1 (patch-ae) = 8556ab8a0f3d2dab1f83a8aa7dcc6b5e6728f2a2
+SHA1 (patch-af) = 47ee1f744dc629d9160cbce239d1ec80a970d9be
diff -r b98c261c60b9 -r 080b3a84e127 graphics/png/patches/patch-ae
--- a/graphics/png/patches/patch-ae     Mon May 10 00:21:20 2004 +0000
+++ b/graphics/png/patches/patch-ae     Mon May 10 01:15:14 2004 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-ae,v 1.1 2004/03/30 11:09:15 wiz Exp $
+$NetBSD: patch-ae,v 1.2 2004/05/10 01:15:14 fredb Exp $
 
---- pngconf.h.orig     Thu Oct  3 13:32:27 2002
+--- pngconf.h.orig     2002-10-03 06:32:27.000000000 -0500
 +++ pngconf.h
 @@ -252,8 +252,8 @@
  #      undef _BSD_SOURCE
@@ -13,3 +13,19 @@
  #    endif
  #  endif /* __linux__ */
  
+@@ -1280,6 +1280,7 @@
+ #  define CVT_PTR(ptr) (png_far_to_near(png_ptr,ptr,CHECK))
+ #  define CVT_PTR_NOCHECK(ptr) (png_far_to_near(png_ptr,ptr,NOCHECK))
+ #  define png_strcpy _fstrcpy
++#  define png_strncpy _fstrncpy    /* Added to v 1.2.6 */
+ #  define png_strlen _fstrlen
+ #  define png_memcmp _fmemcmp      /* SJT: added */
+ #  define png_memcpy _fmemcpy
+@@ -1288,6 +1289,7 @@
+ #  define CVT_PTR(ptr)         (ptr)
+ #  define CVT_PTR_NOCHECK(ptr) (ptr)
+ #  define png_strcpy strcpy
++#  define png_strncpy strncpy   /* Added to v 1.2.6 */
+ #  define png_strlen strlen
+ #  define png_memcmp memcmp     /* SJT: added */
+ #  define png_memcpy memcpy
diff -r b98c261c60b9 -r 080b3a84e127 graphics/png/patches/patch-af
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/png/patches/patch-af     Mon May 10 01:15:14 2004 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-af,v 1.1 2004/05/10 01:15:14 fredb Exp $
+
+--- pngerror.c.orig    2002-10-03 06:32:27.000000000 -0500
++++ pngerror.c
+@@ -137,7 +137,7 @@ png_format_buffer(png_structp png_ptr, p
+    {
+       buffer[iout++] = ':';
+       buffer[iout++] = ' ';
+-      png_memcpy(buffer+iout, error_message, 64);
++      png_strncpy(buffer+iout, error_message, 63);
+       buffer[iout+63] = 0;
+    }
+ }