pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/tiff add patch from Redhat bug #871700 to fix...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/0eec8322b8a2
branches:  trunk
changeset: 610758:0eec8322b8a2
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Mon Nov 05 12:41:48 2012 +0000

description:
add patch from Redhat bug #871700 to fix a possible buffer overflow
due to integer overflow in the ppm2tiff cmd line tool (CVE-2012-4564)
bump PKGREV

diffstat:

 graphics/tiff/Makefile                    |   3 +-
 graphics/tiff/distinfo                    |   3 +-
 graphics/tiff/patches/patch-CVE-2012-4564 |  33 +++++++++++++++++++++++++++++++
 3 files changed, 37 insertions(+), 2 deletions(-)

diffs (61 lines):

diff -r c20c65defe4e -r 0eec8322b8a2 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Sun Nov 04 23:50:21 2012 +0000
+++ b/graphics/tiff/Makefile    Mon Nov 05 12:41:48 2012 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.108 2012/10/06 14:11:23 asau Exp $
+# $NetBSD: Makefile,v 1.109 2012/11/05 12:41:48 drochner Exp $
 
 DISTNAME=      tiff-4.0.3
+PKGREVISION=   1
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://ftp.remotesensing.org/pub/libtiff/ \
                http://libtiff.maptools.org/dl/
diff -r c20c65defe4e -r 0eec8322b8a2 graphics/tiff/distinfo
--- a/graphics/tiff/distinfo    Sun Nov 04 23:50:21 2012 +0000
+++ b/graphics/tiff/distinfo    Mon Nov 05 12:41:48 2012 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.58 2012/10/01 18:11:30 adam Exp $
+$NetBSD: distinfo,v 1.59 2012/11/05 12:41:48 drochner Exp $
 
 SHA1 (tiff-4.0.3.tar.gz) = 652e97b78f1444237a82cbcfe014310e776eb6f0
 RMD160 (tiff-4.0.3.tar.gz) = eacd725fb3c299682c1c2e508049d98acd170f31
 Size (tiff-4.0.3.tar.gz) = 2051630 bytes
+SHA1 (patch-CVE-2012-4564) = bda3b26e431e8234e5afd984a086c980a8eb6c41
 SHA1 (patch-configure) = 1fb9ef790a59ac9c1396dd8e962c75946e2c998a
diff -r c20c65defe4e -r 0eec8322b8a2 graphics/tiff/patches/patch-CVE-2012-4564
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/tiff/patches/patch-CVE-2012-4564 Mon Nov 05 12:41:48 2012 +0000
@@ -0,0 +1,33 @@
+$NetBSD: patch-CVE-2012-4564,v 1.1 2012/11/05 12:41:48 drochner Exp $
+
+see https://bugzilla.redhat.com/show_bug.cgi?id=871700
+
+--- tools/ppm2tiff.c.orig      2010-04-10 19:22:34.000000000 +0000
++++ tools/ppm2tiff.c
+@@ -89,6 +89,7 @@ main(int argc, char* argv[])
+       int c;
+       extern int optind;
+       extern char* optarg;
++      tmsize_t scanline_size;
+ 
+       if (argc < 2) {
+           fprintf(stderr, "%s: Too few arguments\n", argv[0]);
+@@ -237,8 +238,16 @@ main(int argc, char* argv[])
+       }
+       if (TIFFScanlineSize(out) > linebytes)
+               buf = (unsigned char *)_TIFFmalloc(linebytes);
+-      else
+-              buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++      else {
++              scanline_size = TIFFScanlineSize(out);
++              if (scanline_size != 0)
++                      buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++              else {
++                      fprintf(stderr, "%s: scanline size overflow\n",infile);
++                      (void) TIFFClose(out);
++                      exit(-2);
++              }
++      }
+       if (resolution > 0) {
+               TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
+               TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);



Home | Main Index | Thread Index | Old Index