pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2005Q3]: pkgsrc/graphics/libungif Pullup ticket 893 - requeste...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/04dba436c339
branches:  pkgsrc-2005Q3
changeset: 499658:04dba436c339
user:      salo <salo%pkgsrc.org@localhost>
date:      Sat Nov 05 14:03:41 2005 +0000

description:
Pullup ticket 893 - requested by Adrian Portelli
security fix for libungif

Revisions pulled up:
- pkgsrc/graphics/libungif/Makefile             1.35
- pkgsrc/graphics/libungif/distinfo             1.10
- pkgsrc/graphics/libungif/patches/patch-ac     1.6
- pkgsrc/graphics/libungif/patches/patch-ad     1.1
- pkgsrc/graphics/libungif/patches/patch-ae     1.1

   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Sat Nov  5 13:32:36 UTC 2005

   Modified Files:
        pkgsrc/graphics/libungif: Makefile distinfo
   Added Files:
        pkgsrc/graphics/libungif/patches: patch-ac patch-ad patch-ae

   Log Message:
   Add patches for http://secunia.com/advisories/17436/ via. RedHat

diffstat:

 graphics/libungif/Makefile         |   6 +-
 graphics/libungif/distinfo         |   5 ++-
 graphics/libungif/patches/patch-ac |  16 +++++++++
 graphics/libungif/patches/patch-ad |  63 ++++++++++++++++++++++++++++++++++++++
 graphics/libungif/patches/patch-ae |  21 ++++++++++++
 5 files changed, 107 insertions(+), 4 deletions(-)

diffs (149 lines):

diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/Makefile
--- a/graphics/libungif/Makefile        Fri Nov 04 08:07:37 2005 +0000
+++ b/graphics/libungif/Makefile        Sat Nov 05 14:03:41 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.34 2005/04/11 21:46:06 tv Exp $
+# $NetBSD: Makefile,v 1.34.4.1 2005/11/05 14:03:41 salo Exp $
 
 DISTNAME=      libungif-4.1.3
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=libungif/}
 EXTRACT_SUFX=  .tar.bz2
@@ -27,7 +27,7 @@
 REPLACE_PERL=          util/gifburst
 
 post-patch:
-       ${RM} ${WRKSRC}/doc/gif2x11.html
+       @${RM} ${WRKSRC}/doc/gif2x11.html
 
 post-install:
        cd ${PREFIX}/lib &&                                             \
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/distinfo
--- a/graphics/libungif/distinfo        Fri Nov 04 08:07:37 2005 +0000
+++ b/graphics/libungif/distinfo        Sat Nov 05 14:03:41 2005 +0000
@@ -1,7 +1,10 @@
-$NetBSD: distinfo,v 1.9 2005/03/20 11:07:33 schwarz Exp $
+$NetBSD: distinfo,v 1.9.6.1 2005/11/05 14:03:41 salo Exp $
 
 SHA1 (libungif-4.1.3.tar.bz2) = 04aab31b3e9e719a80320667bc23b3ee35505a34
 RMD160 (libungif-4.1.3.tar.bz2) = 287abf7560f5394e62c475f0d722938842ba6786
 Size (libungif-4.1.3.tar.bz2) = 439960 bytes
 SHA1 (patch-aa) = eb2d1f1d21e19adc8bc33dcbd24be5c20560f4fd
 SHA1 (patch-ab) = a93e2fe0a93aacda4566e723e681fd316fe2cb2a
+SHA1 (patch-ac) = 58985225879ea2d60a1eb9e8a17595f8a0ed95a5
+SHA1 (patch-ad) = dc5e0123b950674abe46be6508f3f8bb1a69641d
+SHA1 (patch-ae) = 43b271ae9ec6eddd8341526e6b8636c503cd209c
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/libungif/patches/patch-ac        Sat Nov 05 14:03:41 2005 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ac,v 1.5.10.1 2005/11/05 14:03:41 salo Exp $
+
+--- lib/gifalloc.c.orig        2004-05-29 19:59:59.000000000 +0100
++++ lib/gifalloc.c
+@@ -420,8 +420,10 @@ FreeSavedImages(GifFileType * GifFile) {
+     }
+     for (sp = GifFile->SavedImages;
+          sp < GifFile->SavedImages + GifFile->ImageCount; sp++) {
+-        if (sp->ImageDesc.ColorMap)
++      if (sp->ImageDesc.ColorMap) {
+             FreeMapObject(sp->ImageDesc.ColorMap);
++          sp->ImageDesc.ColorMap = NULL;
++      }
+ 
+         if (sp->RasterBits)
+             free((char *)sp->RasterBits);
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/patches/patch-ad
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/libungif/patches/patch-ad        Sat Nov 05 14:03:41 2005 +0000
@@ -0,0 +1,63 @@
+$NetBSD: patch-ad,v 1.1.2.2 2005/11/05 14:03:41 salo Exp $
+
+--- lib/dgif_lib.c.orig        2004-05-29 19:59:59.000000000 +0100
++++ lib/dgif_lib.c
+@@ -263,6 +263,7 @@ DGifGetScreenDesc(GifFileType * GifFile)
+         for (i = 0; i < GifFile->SColorMap->ColorCount; i++) {
+             if (READ(GifFile, Buf, 3) != 3) {
+                 FreeMapObject(GifFile->SColorMap);
++              GifFile->SColorMap = NULL;
+                 _GifError = D_GIF_ERR_READ_FAILED;
+                 return GIF_ERROR;
+             }
+@@ -363,6 +364,7 @@ DGifGetImageDesc(GifFileType * GifFile) 
+         for (i = 0; i < GifFile->Image.ColorMap->ColorCount; i++) {
+             if (READ(GifFile, Buf, 3) != 3) {
+                 FreeMapObject(GifFile->Image.ColorMap);
++              GifFile->Image.ColorMap = NULL;
+                 _GifError = D_GIF_ERR_READ_FAILED;
+                 return GIF_ERROR;
+             }
+@@ -923,6 +925,12 @@ DGifDecompressInput(GifFileType * GifFil
+         0x0fff
+     };
+ 
++    /* The image can't contain more than LZ_BITS per code. */
++    if (Private->RunningBits > LZ_BITS) {
++        _GifError = D_GIF_ERR_IMAGE_DEFECT;
++        return GIF_ERROR;
++    }    
++
+     while (Private->CrntShiftState < Private->RunningBits) {
+         /* Needs to get more bytes from input stream for next code: */
+         if (DGifBufferedInput(GifFile, Private->Buf, &NextByte) == GIF_ERROR) {
+@@ -938,8 +946,12 @@ DGifDecompressInput(GifFileType * GifFil
+     Private->CrntShiftState -= Private->RunningBits;
+ 
+     /* If code cannot fit into RunningBits bits, must raise its size. Note
+-     * however that codes above 4095 are used for special signaling.  */
+-    if (++Private->RunningCode > Private->MaxCode1 &&
++     * however that codes above 4095 are used for special signaling.
++     * If we're using LZ_BITS bits already and we're at the max code, just
++     * keep using the table as it is, don't increment Private->RunningCode.
++     */
++    if (Private->RunningCode < LZ_MAX_CODE + 2 &&
++      ++Private->RunningCode > Private->MaxCode1 &&
+         Private->RunningBits < LZ_BITS) {
+         Private->MaxCode1 <<= 1;
+         Private->RunningBits++;
+@@ -964,6 +976,14 @@ DGifBufferedInput(GifFileType * GifFile,
+             _GifError = D_GIF_ERR_READ_FAILED;
+             return GIF_ERROR;
+         }
++        /* There shouldn't be any empty data blocks here as the LZW spec
++         * says the LZW termination code should come first.  Therefore we
++         * shouldn't be inside this routine at that point.
++         */
++        if (Buf[0] == 0) {
++            _GifError = D_GIF_ERR_IMAGE_DEFECT;
++            return GIF_ERROR;
++        }
+         if (READ(GifFile, &Buf[1], Buf[0]) != Buf[0]) {
+             _GifError = D_GIF_ERR_READ_FAILED;
+             return GIF_ERROR;
diff -r 95b2b0c631dd -r 04dba436c339 graphics/libungif/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/libungif/patches/patch-ae        Sat Nov 05 14:03:41 2005 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-ae,v 1.1.2.2 2005/11/05 14:03:41 salo Exp $
+
+--- lib/egif_lib.c.orig        2004-05-29 22:53:36.000000000 +0100
++++ lib/egif_lib.c
+@@ -712,10 +712,14 @@ EGifCloseFile(GifFileType * GifFile) {
+     Buf = ';';
+     WRITE(GifFile, &Buf, 1);
+ 
+-    if (GifFile->Image.ColorMap)
++    if (GifFile->Image.ColorMap) {
+         FreeMapObject(GifFile->Image.ColorMap);
+-    if (GifFile->SColorMap)
++      GifFile->Image.ColorMap = NULL;
++    }
++    if (GifFile->SColorMap) {
+         FreeMapObject(GifFile->SColorMap);
++      GifFile->SColorMap = NULL;
++    }
+     if (Private) {
+         free((char *)Private);
+     }



Home | Main Index | Thread Index | Old Index