[pkgsrc/trunk]: pkgsrc/graphics/tiff Apply fix from upstream to fix CVE-2016-...

[he <he%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/5a97975bc4c7
branches:  trunk
changeset: 362129:5a97975bc4c7
user:      he <he%pkgsrc.org@localhost>
date:      Fri May 05 19:16:57 2017 +0000

description:
Apply fix from upstream to fix CVE-2016-10092, ref.
http://bugzilla.maptools.org/show_bug.cgi?id=2620 and
https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
Bump PKGREVISION.

diffstat:

 graphics/tiff/Makefile                       |   4 ++--
 graphics/tiff/patches/patch-tools_tiffcrop.c |  17 +++++++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)

diffs (34 lines):

diff -r 0f77b3fc5b37 -r 5a97975bc4c7 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Fri May 05 18:12:24 2017 +0000
+++ b/graphics/tiff/Makefile    Fri May 05 19:16:57 2017 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.126 2017/05/03 23:00:59 sevan Exp $
+# $NetBSD: Makefile,v 1.127 2017/05/05 19:16:57 he Exp $
 
 DISTNAME=      tiff-4.0.7
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://download.osgeo.org/libtiff/
 
diff -r 0f77b3fc5b37 -r 5a97975bc4c7 graphics/tiff/patches/patch-tools_tiffcrop.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/tiff/patches/patch-tools_tiffcrop.c      Fri May 05 19:16:57 2017 +0000
@@ -0,0 +1,17 @@
+$NetBSD$
+
+Fix for CVE-2016-10092, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2620
+and
+https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
+
+--- tools/tiffcrop.c.orig      2016-11-19 01:45:30.000000000 +0000
++++ tools/tiffcrop.c
+@@ -3698,7 +3698,7 @@ static int readContigStripsIntoBuffer (T
+                                   (unsigned long) strip, (unsigned long)rows);
+                         return 0;
+                 }
+-                bufp += bytes_read;
++                bufp += stripsize;
+         }
+ 
+         return 1;