diff options
| author | marcus <marcus@df743ca5-7f9a-e211-a948-0013205c9059> | 2007-05-22 06:26:54 +0800 |
|---|---|---|
| committer | marcus <marcus@df743ca5-7f9a-e211-a948-0013205c9059> | 2007-05-22 06:26:54 +0800 |
| commit | 6c0dc7c981195a225603e808dab4d3be61f23ba6 (patch) | |
| tree | ef7b673f8e51d3de79d79fead4f8de7c072dd05d /print | |
| parent | 22463ad9decbe3fd9631ecff3ea1d239cb6d87da (diff) | |
| download | marcuscom-ports-6c0dc7c981195a225603e808dab4d3be61f23ba6.tar.gz marcuscom-ports-6c0dc7c981195a225603e808dab4d3be61f23ba6.tar.zst marcuscom-ports-6c0dc7c981195a225603e808dab4d3be61f23ba6.zip | |
Fix the integer signedness error in freetype2 that is described in
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754 .
PR: 112769
Submitted by: Nick Barkas <snb@threerings.net>
Obtained from: Freetype CVS
Security: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754
git-svn-id: svn://creme-brulee.marcuscom.com/ports/trunk@8905 df743ca5-7f9a-e211-a948-0013205c9059
Diffstat (limited to 'print')
| -rw-r--r-- | print/freetype2/Makefile | 4 | ||||
| -rw-r--r-- | print/freetype2/files/patch-src_truetype_ttgload.c | 32 |
2 files changed, 34 insertions, 2 deletions
diff --git a/print/freetype2/Makefile b/print/freetype2/Makefile index 6265a7889..6dfcc0cea 100644 --- a/print/freetype2/Makefile +++ b/print/freetype2/Makefile @@ -3,12 +3,12 @@ # Whom: jseger@FreeBSD.org # # $FreeBSD$ -# $MCom: ports/print/freetype2/Makefile,v 1.8 2007/04/15 02:42:12 marcus Exp $ +# $MCom: ports/print/freetype2/Makefile,v 1.9 2007/05/19 21:36:20 marcus Exp $ # PORTNAME= freetype2 PORTVERSION= 2.3.4 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:S,%SUBDIR%,freetype,} \ http://sunsite.cnlab-switch.ch/ftp/mirror/freetype/%SUBDIR%/ \ diff --git a/print/freetype2/files/patch-src_truetype_ttgload.c b/print/freetype2/files/patch-src_truetype_ttgload.c new file mode 100644 index 000000000..803bdeeb3 --- /dev/null +++ b/print/freetype2/files/patch-src_truetype_ttgload.c @@ -0,0 +1,32 @@ +--- src/truetype/ttgload.c.orig Tue Feb 14 12:44:56 2006 ++++ src/truetype/ttgload.c Fri May 18 13:05:34 2007 +@@ -269,7 +269,11 @@ + + n_points = 0; + if ( n_contours > 0 ) ++ { + n_points = cont[-1] + 1; ++ if ( n_points < 0 ) ++ goto Invalid_Outline; ++ } + + /* note that we will add four phantom points later */ + error = FT_GLYPHLOADER_CHECK_POINTS( gloader, n_points + 4, 0 ); +@@ -677,7 +681,7 @@ + FT_GlyphLoader gloader = loader->gloader; + FT_Error error = TT_Err_Ok; + FT_Outline* outline; +- FT_UInt n_points; ++ FT_Int n_points; + + + outline = &gloader->current.outline; +@@ -704,7 +708,7 @@ + /* Deltas apply to the unscaled data. */ + FT_Vector* deltas; + FT_Memory memory = loader->face->memory; +- FT_UInt i; ++ FT_Int i; + + + error = TT_Vary_Get_Glyph_Deltas( (TT_Face)(loader->face), |