pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/x11/xorg-libs Incorporate libXpm security fixes of X.O...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/de556c8253a9
branches:  trunk
changeset: 480619:de556c8253a9
user:      minskim <minskim%pkgsrc.org@localhost>
date:      Thu Sep 16 19:36:10 2004 +0000

description:
Incorporate libXpm security fixes of X.Org X11R6.8.1.

Bump PKGREVISION and BUILDLINK_RECOMMENDED.

diffstat:

 x11/xorg-libs/Makefile         |    4 +-
 x11/xorg-libs/buildlink3.mk    |    3 +-
 x11/xorg-libs/distinfo         |   10 ++-
 x11/xorg-libs/patches/patch-aj |   53 ++++++++++++
 x11/xorg-libs/patches/patch-ak |   13 ++
 x11/xorg-libs/patches/patch-al |   31 +++++++
 x11/xorg-libs/patches/patch-am |  179 +++++++++++++++++++++++++++++++++++++++++
 x11/xorg-libs/patches/patch-an |   68 +++++++++++++++
 x11/xorg-libs/patches/patch-ao |   30 ++++++
 x11/xorg-libs/patches/patch-ap |   13 ++
 x11/xorg-libs/patches/patch-aq |   36 ++++++++
 11 files changed, 436 insertions(+), 4 deletions(-)

diffs (truncated from 507 to 300 lines):

diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/Makefile
--- a/x11/xorg-libs/Makefile    Thu Sep 16 19:33:09 2004 +0000
+++ b/x11/xorg-libs/Makefile    Thu Sep 16 19:36:10 2004 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.4 2004/08/11 15:40:49 recht Exp $
+# $NetBSD: Makefile,v 1.5 2004/09/16 19:36:10 minskim Exp $
 
 DISTNAME=              ${DISTFILES}
 PKGNAME=               xorg-libs-${XORG_VER}
-PKGREVISION=           1
+PKGREVISION=           2
 CATEGORIES=            x11
 MASTER_SITES=          ${MASTER_SITE_XORG}
 DISTFILES=             X11R6.7.0-src1.tar.gz X11R6.7.0-src2.tar.gz \
diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/buildlink3.mk
--- a/x11/xorg-libs/buildlink3.mk       Thu Sep 16 19:33:09 2004 +0000
+++ b/x11/xorg-libs/buildlink3.mk       Thu Sep 16 19:36:10 2004 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.3 2004/07/30 07:48:56 xtraeme Exp $
+# $NetBSD: buildlink3.mk,v 1.4 2004/09/16 19:36:10 minskim Exp $
 
 BUILDLINK_DEPTH:=              ${BUILDLINK_DEPTH}+
 XORG_LIBS_BUILDLINK3_MK:=      ${XORG_LIBS_BUILDLINK3_MK}+
@@ -19,6 +19,7 @@
 .if !empty(XORG_LIBS_BUILDLINK3_MK:M+)
 
 BUILDLINK_DEPENDS.xorg-libs+=  xorg-libs>=6.7.0
+BUILDLINK_RECOMMENDED.xorg-libs+=      xorg-libs>=6.7.0nb2
 BUILDLINK_PKGSRCDIR.xorg-libs?=        ../../x11/xorg-libs
 BUILDLINK_TRANSFORM.xorg-libs+=        -e "s|/${X11ROOT_PREFIX}/|/|"
 
diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/distinfo
--- a/x11/xorg-libs/distinfo    Thu Sep 16 19:33:09 2004 +0000
+++ b/x11/xorg-libs/distinfo    Thu Sep 16 19:36:10 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2004/07/29 04:50:53 xtraeme Exp $
+$NetBSD: distinfo,v 1.2 2004/09/16 19:36:10 minskim Exp $
 
 SHA1 (X11R6.7.0-src1.tar.gz) = 14f282cee9dc1ff6ebc34d834892599b53195f8b
 Size (X11R6.7.0-src1.tar.gz) = 30039655 bytes
@@ -15,3 +15,11 @@
 SHA1 (patch-ag) = 178d556fa11818420cd685308cf179ee5f6f7dac
 SHA1 (patch-ah) = 4545d9fd50c2a7b6f5a04da330784eaf9a5373ad
 SHA1 (patch-ai) = 841c2e76c3934b9da967aaed1876b78d3fc0465e
+SHA1 (patch-aj) = db9c5c632af1bc1398ba3761ee9ed2a2470a0a76
+SHA1 (patch-ak) = faefb423f2fd8d996a94a4828d9a637d47249d42
+SHA1 (patch-al) = 65a0e16cae97ad0970ef9e4eee2aaade3fea7b98
+SHA1 (patch-am) = b52649d74b8c6f0d946728c1d706c03860bbedf6
+SHA1 (patch-an) = b47bec52f41d846df82c6dfd9d7dadb12e630334
+SHA1 (patch-ao) = 9d6a0406f9a872063bdd2c6960585c61ddd4ee86
+SHA1 (patch-ap) = c5e1789afa5eeda9be795d78eca6a0c1692fff9a
+SHA1 (patch-aq) = 1eb268c329b33ad9822d752638a8bde62dca4d92
diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/patches/patch-aj
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/xorg-libs/patches/patch-aj    Thu Sep 16 19:36:10 2004 +0000
@@ -0,0 +1,53 @@
+$NetBSD: patch-aj,v 1.1 2004/09/16 19:36:10 minskim Exp $
+
+--- extras/Xpm/lib/create.c.orig       2004-03-04 11:46:10.000000000 -0600
++++ extras/Xpm/lib/create.c
+@@ -816,6 +816,9 @@ XpmCreateImageFromXpmImage(display, imag
+ 
+     ErrorStatus = XpmSuccess;
+ 
++    if (image->ncolors >= SIZE_MAX / sizeof(Pixel))
++      return (XpmNoMemory);
++
+     /* malloc pixels index tables */
+     image_pixels = (Pixel *) XpmMalloc(sizeof(Pixel) * image->ncolors);
+     if (!image_pixels)
+@@ -988,6 +991,8 @@ CreateXImage(display, visual, depth, for
+       return (XpmNoMemory);
+ 
+ #if !defined(FOR_MSW) && !defined(AMIGA)
++    if (height != 0 && (*image_return)->bytes_per_line >= SIZE_MAX / height)
++      return XpmNoMemory;
+     /* now that bytes_per_line must have been set properly alloc data */
+     (*image_return)->data =
+       (char *) XpmMalloc((*image_return)->bytes_per_line * height);
+@@ -2055,6 +2060,9 @@ xpmParseDataAndCreate(display, data, ima
+       xpmGetCmt(data, &colors_cmt);
+ 
+     /* malloc pixels index tables */
++    if (ncolors >= SIZE_MAX / sizeof(Pixel)) 
++      return XpmNoMemory;
++
+     image_pixels = (Pixel *) XpmMalloc(sizeof(Pixel) * ncolors);
+     if (!image_pixels)
+       RETURN(XpmNoMemory);
+@@ -2309,7 +2317,8 @@ ParseAndPutPixels(
+           }
+           obm = SelectObject(*dc, image->bitmap);
+ #endif
+-
++          if (ncolors > 256)
++              return (XpmFileInvalid);
+ 
+           bzero((char *)colidx, 256 * sizeof(short));
+           for (a = 0; a < ncolors; a++)
+@@ -2415,6 +2424,9 @@ if (cidx[f]) XpmFree(cidx[f]);}
+           char *s;
+           char buf[BUFSIZ];
+ 
++          if (cpp >= sizeof(buf))
++              return (XpmFileInvalid);
++
+           buf[cpp] = '\0';
+           if (USE_HASHTABLE) {
+               xpmHashAtom *slot;
diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/patches/patch-ak
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/xorg-libs/patches/patch-ak    Thu Sep 16 19:36:10 2004 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ak,v 1.1 2004/09/16 19:36:10 minskim Exp $
+
+--- extras/Xpm/lib/data.c.orig 2004-03-04 11:46:10.000000000 -0600
++++ extras/Xpm/lib/data.c
+@@ -375,7 +375,7 @@ xpmGetCmt(data, cmt)
+ {
+     if (!data->type)
+       *cmt = NULL;
+-    else if (data->CommentLength) {
++    else if (data->CommentLength != 0 && data->CommentLength < SIZE_MAX - 1) {
+       *cmt = (char *) XpmMalloc(data->CommentLength + 1);
+       strncpy(*cmt, data->Comment, data->CommentLength);
+       (*cmt)[data->CommentLength] = '\0';
diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/patches/patch-al
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/xorg-libs/patches/patch-al    Thu Sep 16 19:36:10 2004 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-al,v 1.1 2004/09/16 19:36:10 minskim Exp $
+
+--- extras/Xpm/lib/hashtab.c.orig      2003-11-14 10:48:24.000000000 -0600
++++ extras/Xpm/lib/hashtab.c
+@@ -135,7 +135,7 @@ HashTableGrows(table)
+     xpmHashTable *table;
+ {
+     xpmHashAtom *atomTable = table->atomTable;
+-    int size = table->size;
++    unsigned int size = table->size;
+     xpmHashAtom *t, *p;
+     int i;
+     int oldSize = size;
+@@ -144,6 +144,8 @@ HashTableGrows(table)
+     HASH_TABLE_GROWS
+       table->size = size;
+     table->limit = size / 3;
++    if (size >= SIZE_MAX / sizeof(*atomTable)) 
++      return (XpmNoMemory);
+     atomTable = (xpmHashAtom *) XpmMalloc(size * sizeof(*atomTable));
+     if (!atomTable)
+       return (XpmNoMemory);
+@@ -204,6 +206,8 @@ xpmHashTableInit(table)
+     table->size = INITIAL_HASH_SIZE;
+     table->limit = table->size / 3;
+     table->used = 0;
++    if (table->size >= SIZE_MAX / sizeof(*atomTable))
++      return (XpmNoMemory);
+     atomTable = (xpmHashAtom *) XpmMalloc(table->size * sizeof(*atomTable));
+     if (!atomTable)
+       return (XpmNoMemory);
diff -r 3cc0a016a7aa -r de556c8253a9 x11/xorg-libs/patches/patch-am
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/xorg-libs/patches/patch-am    Thu Sep 16 19:36:10 2004 +0000
@@ -0,0 +1,179 @@
+$NetBSD: patch-am,v 1.1 2004/09/16 19:36:10 minskim Exp $
+
+--- extras/Xpm/lib/parse.c.orig        2004-03-04 11:46:10.000000000 -0600
++++ extras/Xpm/lib/parse.c
+@@ -44,6 +44,24 @@
+ #include <ctype.h>
+ #include <string.h>
+ 
++#ifdef HAS_STRLCAT
++# define STRLCAT(dst, src, dstsize) { \
++      if (strlcat(dst, src, dstsize) >= (dstsize)) \
++          return (XpmFileInvalid); }
++# define STRLCPY(dst, src, dstsize) { \
++      if (strlcpy(dst, src, dstsize) >= (dstsize)) \
++          return (XpmFileInvalid); }
++#else
++# define STRLCAT(dst, src, dstsize) { \
++      if ((strlen(dst) + strlen(src)) < (dstsize)) \
++          strcat(dst, src); \
++      else return (XpmFileInvalid); }
++# define STRLCPY(dst, src, dstsize) { \
++      if (strlen(src) < (dstsize)) \
++          strcpy(dst, src); \
++      else return (XpmFileInvalid); }
++#endif
++
+ LFUNC(ParsePixels, int, (xpmData *data, unsigned int width,
+                        unsigned int height, unsigned int ncolors,
+                        unsigned int cpp, XpmColor *colorTable,
+@@ -66,7 +84,7 @@ xpmParseValues(data, width, height, ncol
+     unsigned int *extensions;
+ {
+     unsigned int l;
+-    char buf[BUFSIZ];
++    char buf[BUFSIZ + 1];
+ 
+     if (!data->format) {              /* XPM 2 or 3 */
+ 
+@@ -175,10 +193,10 @@ xpmParseColors(data, ncolors, cpp, color
+     XpmColor **colorTablePtr;
+     xpmHashTable *hashtable;
+ {
+-    unsigned int key = 0, l, a, b;
++    unsigned int key = 0, l, a, b, len;
+     unsigned int curkey;              /* current color key */
+     unsigned int lastwaskey;          /* key read */
+-    char buf[BUFSIZ];
++    char buf[BUFSIZ+1];
+     char curbuf[BUFSIZ];              /* current buffer */
+     char **sptr, *s;
+     XpmColor *color;
+@@ -186,6 +204,8 @@ xpmParseColors(data, ncolors, cpp, color
+     char **defaults;
+     int ErrorStatus;
+ 
++    if (ncolors >= SIZE_MAX / sizeof(XpmColor))
++      return (XpmNoMemory);
+     colorTable = (XpmColor *) XpmCalloc(ncolors, sizeof(XpmColor));
+     if (!colorTable)
+       return (XpmNoMemory);
+@@ -197,6 +217,10 @@ xpmParseColors(data, ncolors, cpp, color
+           /*
+            * read pixel value
+            */
++          if (cpp >= SIZE_MAX - 1) {
++              xpmFreeColorTable(colorTable, ncolors);
++              return (XpmNoMemory);
++          }
+           color->string = (char *) XpmMalloc(cpp + 1);
+           if (!color->string) {
+               xpmFreeColorTable(colorTable, ncolors);
+@@ -234,13 +258,14 @@ xpmParseColors(data, ncolors, cpp, color
+               }
+               if (!lastwaskey && key < NKEYS) {       /* open new key */
+                   if (curkey) {       /* flush string */
+-                      s = (char *) XpmMalloc(strlen(curbuf) + 1);
++                      len = strlen(curbuf) + 1;
++                      s = (char *) XpmMalloc(len);
+                       if (!s) {
+                           xpmFreeColorTable(colorTable, ncolors);
+                           return (XpmNoMemory);
+                       }
+                       defaults[curkey] = s;
+-                      strcpy(s, curbuf);
++                      memcpy(s, curbuf, len);
+                   }
+                   curkey = key + 1;   /* set new key  */
+                   *curbuf = '\0';     /* reset curbuf */
+@@ -251,9 +276,9 @@ xpmParseColors(data, ncolors, cpp, color
+                       return (XpmFileInvalid);
+                   }
+                   if (!lastwaskey)
+-                      strcat(curbuf, " ");    /* append space */
++                      STRLCAT(curbuf, " ", sizeof(curbuf)); /* append space */
+                   buf[l] = '\0';
+-                  strcat(curbuf, buf);/* append buf */
++                  STRLCAT(curbuf, buf, sizeof(curbuf));/* append buf */
+                   lastwaskey = 0;
+               }
+           }
+@@ -261,12 +286,13 @@ xpmParseColors(data, ncolors, cpp, color
+               xpmFreeColorTable(colorTable, ncolors);
+               return (XpmFileInvalid);
+           }
+-          s = defaults[curkey] = (char *) XpmMalloc(strlen(curbuf) + 1);
++          len = strlen(curbuf) + 1;
++          s = defaults[curkey] = (char *) XpmMalloc(len);
+           if (!s) {
+               xpmFreeColorTable(colorTable, ncolors);
+               return (XpmNoMemory);
+           }
+-          strcpy(s, curbuf);
++          memcpy(s, curbuf, len);
+       }
+     } else {                          /* XPM 1 */
+       /* get to the beginning of the first string */
+@@ -279,6 +305,10 @@ xpmParseColors(data, ncolors, cpp, color
+           /*
+            * read pixel value
+            */
++          if (cpp >= SIZE_MAX - 1) {
++              xpmFreeColorTable(colorTable, ncolors);
++              return (XpmNoMemory);
++          }
+           color->string = (char *) XpmMalloc(cpp + 1);
+           if (!color->string) {
+               xpmFreeColorTable(colorTable, ncolors);
+@@ -307,16 +337,17 @@ xpmParseColors(data, ncolors, cpp, color
+           *curbuf = '\0';             /* init curbuf */
+           while ((l = xpmNextWord(data, buf, BUFSIZ))) {
+               if (*curbuf != '\0')
+-                  strcat(curbuf, " ");/* append space */
++                  STRLCAT(curbuf, " ", sizeof(curbuf));/* append space */
+               buf[l] = '\0';
+-              strcat(curbuf, buf);    /* append buf */



Home | Main Index | Thread Index | Old Index