[pkgsrc/pkgsrc-2009Q4]: pkgsrc/devel/pango Pullup ticket #3066 - requested by...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/9d69ac6ee023
branches:  pkgsrc-2009Q4
changeset: 569301:9d69ac6ee023
user:      tron <tron%pkgsrc.org@localhost>
date:      Sat Mar 27 17:51:38 2010 +0000

description:
Pullup ticket #3066 - requested by taca
pango: security patch

Revisions pulled up:
- devel/pango/Makefile                  1.140-1.141
- devel/pango/distinfo                  1.82-1.83
- devel/pango/patches/patch-ae          1.5
- devel/pango/patches/patch-am          1.1
---
Module Name:    pkgsrc
Committed By:   tron
Date:           Sun Feb 21 23:51:26 UTC 2010

Modified Files:
        pkgsrc/devel/pango: Makefile distinfo
        pkgsrc/devel/pango/patches: patch-ae

Log Message:
Change very questionable C++ code slightly to avoid high CPU usage under
Mac OS X. (see https://bugzilla.gnome.org/show_bug.cgi?id=593240 for
more details). Tested with XChat and Wireshark under Mac OS 10.6.2 and
NetBSD/amd64 5.0_STABLE.
---
Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Mar 27 15:59:34 UTC 2010

Modified Files:
        pkgsrc/devel/pango: Makefile distinfo
Added Files:
        pkgsrc/devel/pango/patches: patch-am

Log Message:
Add a patch to fix CVE-2010-0421, DoS security fix.

Bump PKGREVISION.

diffstat:

 devel/pango/Makefile         |   3 +-
 devel/pango/distinfo         |   5 ++-
 devel/pango/patches/patch-ae |  49 +++++++++----------------------------------
 devel/pango/patches/patch-am |  24 +++++++++++++++++++++
 4 files changed, 40 insertions(+), 41 deletions(-)

diffs (115 lines):

diff -r 413aa6d15fdf -r 9d69ac6ee023 devel/pango/Makefile
--- a/devel/pango/Makefile      Sat Mar 27 14:45:22 2010 +0000
+++ b/devel/pango/Makefile      Sat Mar 27 17:51:38 2010 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.139 2009/12/15 15:09:21 drochner Exp $
+# $NetBSD: Makefile,v 1.139.2.1 2010/03/27 17:51:38 tron Exp $
 
 DISTNAME=              pango-1.26.2
+PKGREVISION=           2
 CATEGORIES=            devel fonts
 MASTER_SITES=          ${MASTER_SITE_GNOME:=sources/pango/1.26/}
 EXTRACT_SUFX=          .tar.bz2
diff -r 413aa6d15fdf -r 9d69ac6ee023 devel/pango/distinfo
--- a/devel/pango/distinfo      Sat Mar 27 14:45:22 2010 +0000
+++ b/devel/pango/distinfo      Sat Mar 27 17:51:38 2010 +0000
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.81 2009/12/15 15:09:21 drochner Exp $
+$NetBSD: distinfo,v 1.81.2.1 2010/03/27 17:51:38 tron Exp $
 
 SHA1 (pango-1.26.2.tar.bz2) = 051b6f7b5f98a4c8083ef6a5178cb5255a992b98
 RMD160 (pango-1.26.2.tar.bz2) = 6613bddf643d5c912e6656d84c6671aa6ce88a9d
 Size (pango-1.26.2.tar.bz2) = 1536011 bytes
 SHA1 (patch-aa) = 1a87d055dc722eff28517a11d0832ae19df5eb59
 SHA1 (patch-ab) = 12c09b12ba31be19fa0d602f89909811e6221bd8
-SHA1 (patch-ae) = 2ebb8a0886a745fbfb0106dece91c5c990982ef8
+SHA1 (patch-ae) = 9eb458be84f6dfce27fb469d45cc78e34acd9c36
+SHA1 (patch-am) = dc7387b4da24356a56ab8d07ef0462b6f4b3b209
diff -r 413aa6d15fdf -r 9d69ac6ee023 devel/pango/patches/patch-ae
--- a/devel/pango/patches/patch-ae      Sat Mar 27 14:45:22 2010 +0000
+++ b/devel/pango/patches/patch-ae      Sat Mar 27 17:51:38 2010 +0000
@@ -1,45 +1,18 @@
-$NetBSD: patch-ae,v 1.4 2009/11/23 17:18:52 tron Exp $
+$NetBSD: patch-ae,v 1.4.2.1 2010/03/27 17:51:38 tron Exp $
 
-Avoid high CPU usage caused by code generaton problems in Apple's toolchain.
+Avoid high CPU usage under Mac OS X caused by questionable C++ code.
 
 Please look here for details:
 https://bugzilla.gnome.org/show_bug.cgi?id=593240
 
---- pango/pango-ot-info.c.orig 2009-11-17 16:35:44.000000000 +0000
-+++ pango/pango-ot-info.c      2009-11-23 13:55:29.000000000 +0000
-@@ -536,13 +536,22 @@
- {
-   unsigned int i;
- 
-+#if defined(__APPLE__) && defined(__GNUC__)
-+  (void)fflush(stdout);
-+#endif
-+
-   for (i = 0; i < ruleset->rules->len; i++)
-     {
--      PangoOTRule *rule = &g_array_index (ruleset->rules, PangoOTRule, i);
-+      PangoOTRule *rule;
-       hb_mask_t mask;
-       unsigned int lookup_count, j;
-       unsigned int lookup_indexes[1000];
+--- pango/opentype/hb-open-type-private.hh.orig        2009-11-26 00:44:17.000000000 +0000
++++ pango/opentype/hb-open-type-private.hh     2010-02-21 23:41:06.000000000 +0000
+@@ -61,7 +61,7 @@
+ /* Null objects */
  
-+#if defined(__APPLE__) && defined(__GNUC__)
-+      (void)fprintf(stdout, "%d", i);
-+#endif
-+
-+      rule = &g_array_index (ruleset->rules, const PangoOTRule, i);
-       if (rule->table_type != PANGO_OT_TABLE_GSUB)
-       continue;
+ /* Global nul-content Null pool.  Enlarge as necessary. */
+-static const char NullPool[32] = "";
++static const void *NullPool[32];
  
-@@ -561,6 +570,11 @@
-                                       lookup_indexes[j],
-                                       rule->property_bit);
-     }
-+
-+#if defined(__APPLE__) && defined(__GNUC__)
-+  (void)fpurge(stdout);
-+#endif
-+
- }
- 
- void
+ /* Generic template for nul-content sizeof-sized Null objects. */
+ template <typename Type>
diff -r 413aa6d15fdf -r 9d69ac6ee023 devel/pango/patches/patch-am
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/pango/patches/patch-am      Sat Mar 27 17:51:38 2010 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-am,v 1.1.2.2 2010/03/27 17:51:38 tron Exp $
+
+Fix for CVE-2010-0421.
+
+--- pango/opentype/hb-ot-layout.cc.orig        2009-11-26 00:44:17.000000000 +0000
++++ pango/opentype/hb-ot-layout.cc
+@@ -44,6 +44,8 @@ _hb_ot_layout_init (hb_face_t *face)
+ {
+   hb_ot_layout_t *layout = &face->ot_layout;
+ 
++  memset (layout, 0, sizeof (*layout));
++
+   layout->gdef_blob = Sanitizer<GDEF>::sanitize (hb_face_get_table (face, HB_OT_TAG_GDEF));
+   layout->gdef = &Sanitizer<GDEF>::lock_instance (layout->gdef_blob);
+ 
+@@ -293,7 +295,7 @@ hb_ot_layout_build_glyph_classes (hb_fac
+     return;
+ 
+   if (layout->new_gdef.len == 0) {
+-    layout->new_gdef.klasses = (unsigned char *) calloc (num_total_glyphs, sizeof (unsigned char));
++    layout->new_gdef.klasses = (unsigned char *) calloc (count, sizeof (unsigned char));
+     layout->new_gdef.len = count;
+   }
+