Apply vendor patch for "Avoid overflow in ljpeg_start()"

(changeset 983bda1f) to prevent a denial of service (crash) via a
crafted image

PR:		200199
Obtained from:	https://github.com/rawstudio/rawstudio/commit/983bda1f0fa5fa86884381208274198a620f006e
Security:	CVE-2015-3885
Security:	57325ecf-facc-11e4-968f-b888e347c638
Submitted by:	Jason Unovitch <jason unovitch gmail com>
Reported by:	Sevan Janiyan <venture37 geeklan co uk>
Approved by:	samm os2 kiev ua (maintainer)
MFH:		2015Q2

2 files changed, 13 insertions, 1 deletions

diff --git a/graphics/rawstudio/Makefile b/graphics/rawstudio/Makefile
index f4f10fcb192e..4f6d822c94de 100644
--- a/graphics/rawstudio/Makefile
+++ b/graphics/rawstudio/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	rawstudio
 PORTVERSION=	2.0
-PORTREVISION=	10
+PORTREVISION=	11
 CATEGORIES=	graphics
 MASTER_SITES=	http://rawstudio.org/files/release/
 
diff --git a/graphics/rawstudio/files/patch-plugins_load-dcraw_dcraw.cc b/graphics/rawstudio/files/patch-plugins_load-dcraw_dcraw.cc
new file mode 100644
index 000000000000..3a9cb9944315
--- /dev/null
+++ b/graphics/rawstudio/files/patch-plugins_load-dcraw_dcraw.cc
@@ -0,0 +1,12 @@
+--- plugins/load-dcraw/dcraw.cc.orig	2015-05-29 01:03:46 UTC
++++ plugins/load-dcraw/dcraw.cc
+@@ -869,7 +869,8 @@ struct jhead {
+ 
+ int CLASS ljpeg_start (struct jhead *jh, int info_only)
+ {
+-  int c, tag, len;
++  int c, tag;
++  ushort len;
+   uchar data[0x10000];
+   const uchar *dp;
+