Fix the integer signedness error in freetype2 that is described in

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754 .

PR:		112769
Submitted by:	Nick Barkas <snb@threerings.net>
Obtained from:	Freetype CVS
Security:	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754
Approved by:	portmgr (implicit)

2 files changed, 33 insertions, 1 deletions

diff --git a/print/freetype2/Makefile b/print/freetype2/Makefile
index 076556b5b752..9ee188f0cc5e 100644
--- a/print/freetype2/Makefile
+++ b/print/freetype2/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	freetype2
 PORTVERSION=	2.2.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	print
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:S,%SUBDIR%,freetype,} \
 		http://sunsite.cnlab-switch.ch/ftp/mirror/freetype/%SUBDIR%/ \
diff --git a/print/freetype2/files/patch-src_truetype_ttgload.c b/print/freetype2/files/patch-src_truetype_ttgload.c
new file mode 100644
index 000000000000..803bdeeb30e8
--- /dev/null
+++ b/print/freetype2/files/patch-src_truetype_ttgload.c
@@ -0,0 +1,32 @@
+--- src/truetype/ttgload.c.orig	Tue Feb 14 12:44:56 2006
++++ src/truetype/ttgload.c	Fri May 18 13:05:34 2007
+@@ -269,7 +269,11 @@
+ 
+     n_points = 0;
+     if ( n_contours > 0 )
++    {
+       n_points = cont[-1] + 1;
++      if ( n_points < 0 )
++        goto Invalid_Outline;
++    }
+ 
+     /* note that we will add four phantom points later */
+     error = FT_GLYPHLOADER_CHECK_POINTS( gloader, n_points + 4, 0 );
+@@ -677,7 +681,7 @@
+     FT_GlyphLoader  gloader = loader->gloader;
+     FT_Error        error   = TT_Err_Ok;
+     FT_Outline*     outline;
+-    FT_UInt         n_points;
++    FT_Int          n_points;
+ 
+ 
+     outline  = &gloader->current.outline;
+@@ -704,7 +708,7 @@
+       /* Deltas apply to the unscaled data. */
+       FT_Vector*  deltas;
+       FT_Memory   memory = loader->face->memory;
+-      FT_UInt     i;
++      FT_Int      i;
+ 
+ 
+       error = TT_Vary_Get_Glyph_Deltas( (TT_Face)(loader->face),