diff options
author | naddy <naddy@FreeBSD.org> | 2005-10-20 21:25:43 +0800 |
---|---|---|
committer | naddy <naddy@FreeBSD.org> | 2005-10-20 21:25:43 +0800 |
commit | 80fef688a3709bcd419a88ddc8ca0ebab642e5ce (patch) | |
tree | b0cda1aaeb92391bc806a08992cbc480c6b23942 | |
parent | 2704aeec8ed010f9eb9e23e63faafdcf5a4e0db3 (diff) | |
download | freebsd-ports-gnome-80fef688a3709bcd419a88ddc8ca0ebab642e5ce.tar.gz freebsd-ports-gnome-80fef688a3709bcd419a88ddc8ca0ebab642e5ce.tar.zst freebsd-ports-gnome-80fef688a3709bcd419a88ddc8ca0ebab642e5ce.zip |
Update to Debian revision 15.
Contains a fix for buffer overflows in title handling of NIFF images.
Approved by: jmz
Security: CAN-2005-3178
-rw-r--r-- | x11/xloadimage/Makefile | 9 | ||||
-rw-r--r-- | x11/xloadimage/distinfo | 4 | ||||
-rw-r--r-- | x11/xloadimage/files/patch-4.1.14.2 | 92 | ||||
-rw-r--r-- | x11/xloadimage/files/patch-Makefile.in | 4 | ||||
-rw-r--r-- | x11/xloadimage/files/patch-rlelib.c | 10 | ||||
-rw-r--r-- | x11/xloadimage/files/patch-tile | 31 |
6 files changed, 10 insertions, 140 deletions
diff --git a/x11/xloadimage/Makefile b/x11/xloadimage/Makefile index 527b8a1c13b7..d33774c4f892 100644 --- a/x11/xloadimage/Makefile +++ b/x11/xloadimage/Makefile @@ -6,7 +6,7 @@ # VERSION= 4.1 -REVISION= 14.2 +REVISION= 15 PORTREVISION= 0 PORTNAME= xloadimage @@ -15,12 +15,15 @@ CATEGORIES= x11 graphics MASTER_SITES= ftp://ftp.x.org/R5contrib/ DISTNAME= ${PORTNAME}.${VERSION} PATCH_SITES= ${MASTER_SITE_DEBIAN_POOL} -PATCHFILES= xloadimage_4.1-10.diff.gz +PATCHFILES= ${PORTNAME}_${VERSION}-${REVISION}.diff.gz PATCH_DIST_STRIP= -p1 MAINTAINER= jmz@FreeBSD.org COMMENT= X11 Image Loading Utility +PATCH_STRIP= -p1 +EXTRA_PATCHES= ${WRKSRC}/debian/patches/*.dpatch + USE_XLIB= yes LIB_DEPENDS= jpeg.9:${PORTSDIR}/graphics/jpeg \ png.5:${PORTSDIR}/graphics/png \ @@ -35,7 +38,7 @@ MLINKS= xloadimage.1 xsetbg.1 \ xloadimage.1 xview.1 post-patch: - @chmod a+rx ${WRKSRC}/configure + @${CHMOD} a+rx ${WRKSRC}/configure @cd ${WRKSRC}; ${MV} xloadimage.man xloadimage.man.old; \ ${SED} -e s:/etc/X11/Xloadimage:${PREFIX}/etc/xloadimagerc: \ -e s:/usr/lib/xloadimagerc:${PREFIX}/etc/xloadimagerc: \ diff --git a/x11/xloadimage/distinfo b/x11/xloadimage/distinfo index f0b3197de124..e29dfadfc8b1 100644 --- a/x11/xloadimage/distinfo +++ b/x11/xloadimage/distinfo @@ -1,4 +1,4 @@ MD5 (xloadimage.4.1.tar.gz) = 7331850fc04056ab8ae6b5725d1fb3d2 SIZE (xloadimage.4.1.tar.gz) = 596021 -MD5 (xloadimage_4.1-10.diff.gz) = deb1c1f1c93df1c86b24181ea2be5cbf -SIZE (xloadimage_4.1-10.diff.gz) = 48968 +MD5 (xloadimage_4.1-15.diff.gz) = 546f446c617456d1a0187be57fe09ec6 +SIZE (xloadimage_4.1-15.diff.gz) = 67508 diff --git a/x11/xloadimage/files/patch-4.1.14.2 b/x11/xloadimage/files/patch-4.1.14.2 deleted file mode 100644 index 23ed2d19f07c..000000000000 --- a/x11/xloadimage/files/patch-4.1.14.2 +++ /dev/null @@ -1,92 +0,0 @@ ---- new.c.orig Sun Aug 28 23:41:17 2005 -+++ new.c Sun Aug 28 23:44:11 2005 -@@ -67,6 +67,18 @@ - } - - -+static unsigned int ovmul(unsigned int a, unsigned int b) -+{ -+ unsigned int r; -+ -+ r = a * b; -+ if (r / a != b) { -+ memoryExhausted(); -+ } -+ -+ return r; -+} -+ - void goodImage(image, func) - Image *image; - char *func; -@@ -132,7 +144,7 @@ - image->height= height; - image->depth= 1; - linelen= (width / 8) + (width % 8 ? 1 : 0); /* thanx johnh@amcc.com */ -- image->data= (unsigned char *)lcalloc(linelen * height); -+ image->data= (unsigned char *)lcalloc(ovmul(linelen, height)); - return(image); - } - -@@ -153,7 +165,7 @@ - image->height= height; - image->depth= depth; - image->pixlen= pixlen; -- image->data= (unsigned char *)lmalloc(width * height * pixlen); -+ image->data= (unsigned char *)lmalloc(ovmul(ovmul(width, height), pixlen)); - return(image); - } - -@@ -169,6 +181,7 @@ - image->height= height; - image->depth= 24; - image->pixlen= 3; -+ image->data= (unsigned char *)lmalloc(ovmul(ovmul(width, height), 3)); - image->data= (unsigned char *)lmalloc(width * height * 3); - return(image); - } ---- ./zio.c~ Sun Aug 28 23:07:13 2005 -+++ ./zio.c Sun Jun 5 22:59:23 2005 -@@ -143,7 +143,7 @@ - char *name; - { int a; - ZFILE *zf; -- char buf[BUFSIZ]; -+ char *buf, *s, *t; - struct filter *filter; - - debug(("zopen(\"%s\") called\n", name)); -@@ -211,9 +211,30 @@ - if ((strlen(name) > strlen(filter->extension)) && - !strcmp(filter->extension, - name + (strlen(name) - strlen(filter->extension)))) { -- debug(("Filtering image through '%s'\n", filter->filter)); -- zf->type= ZPIPE; -- sprintf(buf, "%s %s", filter->filter, name); -+ char *fname, *t, *s; -+ -+ /* meta-char protection from xli. -+ * -+ * protect in single quotes, replacing single quotes -+ * with '"'"', so worst-case expansion is 5x -+ */ -+ -+ s = fname = (char *) lmalloc(1 + (5 * strlen(name)) + 1 + 1); -+ *s++ = '\''; -+ for (t = name; *t; ++t) { -+ if ('\'' == *t) { -+ /* 'foo'bar' -> 'foo'"'"'bar' */ -+ strcpy(s, "'\"'\"'"); -+ s += strlen(s); -+ } else { -+ *s++ = *t; -+ } -+ } -+ strcpy (s, "'"); -+ debug(("Filtering image through '%s'\n", filter->filter)); -+ zf->type= ZPIPE; -+ sprintf(buf, "%s %s", filter->filter, fname); -+ lfree (fname); - if (! (zf->stream= popen(buf, "r"))) { - lfree((byte *)zf->filename); - zf->filename= NULL; diff --git a/x11/xloadimage/files/patch-Makefile.in b/x11/xloadimage/files/patch-Makefile.in index 779a016887ee..0f222a117774 100644 --- a/x11/xloadimage/files/patch-Makefile.in +++ b/x11/xloadimage/files/patch-Makefile.in @@ -1,5 +1,5 @@ ---- Makefile.in.orig Tue Jul 10 23:53:36 2001 -+++ Makefile.in Wed Jul 11 12:28:36 2001 +--- ./Makefile.in.orig Tue Jul 10 23:53:36 2001 ++++ ./Makefile.in Wed Jul 11 12:28:36 2001 @@ -2,9 +2,10 @@ # Makefile for autoconf tutorial # diff --git a/x11/xloadimage/files/patch-rlelib.c b/x11/xloadimage/files/patch-rlelib.c deleted file mode 100644 index 7a11550ed960..000000000000 --- a/x11/xloadimage/files/patch-rlelib.c +++ /dev/null @@ -1,10 +0,0 @@ ---- rlelib.c.base Wed Oct 22 17:20:09 2003 -+++ rlelib.c Wed Oct 22 17:18:30 2003 -@@ -12,7 +12,6 @@ - - #include <stdio.h> - #include <math.h> --#include <varargs.h> - #include <ctype.h> - - #include "image.h" /* need ZFILE definition */ diff --git a/x11/xloadimage/files/patch-tile b/x11/xloadimage/files/patch-tile deleted file mode 100644 index 69beacda33d6..000000000000 --- a/x11/xloadimage/files/patch-tile +++ /dev/null @@ -1,31 +0,0 @@ ---- merge.c~ Thu Oct 21 22:28:39 1993 -+++ merge.c Mon Jun 18 02:23:58 2001 -@@ -244,6 +244,7 @@ - int x, y; - unsigned int width, height, verbose; - { Image *base, *tmp; -+ int nx, ny; - - if (verbose) { - printf(" Tiling..."); -@@ -259,16 +260,14 @@ - else - base = newTrueImage(width, height); - -- while (x < base->width) { -- while(y < base->height) { -- tmp = merge(base, image, x, y, 0); -+ for (nx = x; nx < base->width; nx += image->width) { -+ for(ny = y; ny < base->height; ny += image->height) { -+ tmp = merge(base, image, nx, ny, 0); - if (tmp != base) { - freeImage(base); - base = tmp; - } -- y += image->width; - } -- x += image->width; - } - printf("done.\n"); - return(base); - |