head	1.4;
access;
symbols
	pkgsrc-2013Q2:1.4.0.36
	pkgsrc-2013Q2-base:1.4
	pkgsrc-2012Q4:1.4.0.34
	pkgsrc-2012Q4-base:1.4
	pkgsrc-2011Q4:1.4.0.32
	pkgsrc-2011Q4-base:1.4
	pkgsrc-2011Q2:1.4.0.30
	pkgsrc-2011Q2-base:1.4
	pkgsrc-2009Q4:1.4.0.28
	pkgsrc-2009Q4-base:1.4
	pkgsrc-2008Q4:1.4.0.26
	pkgsrc-2008Q4-base:1.4
	pkgsrc-2008Q3:1.4.0.24
	pkgsrc-2008Q3-base:1.4
	cube-native-xorg:1.4.0.22
	cube-native-xorg-base:1.4
	pkgsrc-2008Q2:1.4.0.20
	pkgsrc-2008Q2-base:1.4
	pkgsrc-2008Q1:1.4.0.18
	pkgsrc-2008Q1-base:1.4
	pkgsrc-2007Q4:1.4.0.16
	pkgsrc-2007Q4-base:1.4
	pkgsrc-2007Q3:1.4.0.14
	pkgsrc-2007Q3-base:1.4
	pkgsrc-2007Q2:1.4.0.12
	pkgsrc-2007Q2-base:1.4
	pkgsrc-2007Q1:1.4.0.10
	pkgsrc-2007Q1-base:1.4
	pkgsrc-2006Q4:1.4.0.8
	pkgsrc-2006Q4-base:1.4
	pkgsrc-2006Q3:1.4.0.6
	pkgsrc-2006Q3-base:1.4
	pkgsrc-2006Q2:1.4.0.4
	pkgsrc-2006Q2-base:1.4
	pkgsrc-2006Q1:1.4.0.2
	pkgsrc-2006Q1-base:1.4
	pkgsrc-2005Q4:1.3.0.6
	pkgsrc-2005Q4-base:1.3
	pkgsrc-2005Q3:1.3.0.4
	pkgsrc-2005Q3-base:1.3
	pkgsrc-2005Q2:1.3.0.2
	pkgsrc-2005Q2-base:1.3
	pkgsrc-2005Q1:1.1.0.4
	pkgsrc-2005Q1-base:1.1
	pkgsrc-2004Q4:1.1.0.2;
locks; strict;
comment	@# @;


1.4
date	2006.01.09.14.39.03;	author tonio;	state dead;
branches;
next	1.3;

1.3
date	2005.05.09.13.21.16;	author minskim;	state Exp;
branches;
next	1.2;

1.2
date	2005.04.20.12.40.40;	author adam;	state dead;
branches;
next	1.1;

1.1
date	2005.03.10.19.22.22;	author adam;	state Exp;
branches
	1.1.2.1
	1.1.4.1;
next	;

1.1.2.1
date	2005.03.10.19.22.22;	author snj;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2005.03.11.06.08.38;	author snj;	state Exp;
branches;
next	;

1.1.4.1
date	2005.05.14.05.49.56;	author snj;	state Exp;
branches;
next	;


desc
@@


1.4
log
@Remove patch-aa and patch-ab as exif_get_sshort is no more declared static
Fix build under darwin/gcc4
@
text
@$NetBSD: patch-ab,v 1.3 2005/05/09 13:21:16 minskim Exp $

--- libexif/exif-utils.c.orig	2005-03-12 20:27:13.000000000 -0600
+++ libexif/exif-utils.c
@@@@ -22,6 +22,9 @@@@
 
 #include <libexif/exif-utils.h>
 
+static ExifSShort
+exif_get_sshort (const unsigned char *buf, ExifByteOrder order);
+
 void
 exif_array_set_byte_order (ExifFormat f, unsigned char *b, unsigned int n,
 		ExifByteOrder o_orig, ExifByteOrder o_new)
@


1.3
log
@Declare a static function in .c, not in .h.
@
text
@d1 1
a1 1
$NetBSD$
@


1.2
log
@Changes 0.6.12:
  * Final fix of Ubuntu Security Notice USN-91-1 (CAN-2005-0664)
    https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
  * Updated build system with cross compile capabilities
  * Small fixes:
    Fix tag order, use even offsets, improve Nikon&Olympus mnote tags.
@
text
@d1 1
a1 1
$NetBSD: patch-ab,v 1.1 2005/03/10 19:22:22 adam Exp $
d3 3
a5 4
--- libexif/exif-data.c.orig	Tue Oct  5 21:10:04 2004
+++ libexif/exif-data.c
@@@@ -628,7 +628,7 @@@@ exif_data_load_data (ExifData *data, con
 		  "Found EXIF header.");
d7 1
a7 9
 	/* Byte order (offset 6, length 2) */
-	if (ds < 12)
+	if (ds < 14)
 		return;
 	if (!memcmp (d + 6, "II", 2))
 		data->priv->order = EXIF_BYTE_ORDER_INTEL;
@@@@ -646,12 +646,18 @@@@ exif_data_load_data (ExifData *data, con
 	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", 
 		  "IFD 0 at %i.", (int) offset);
d9 2
a10 2
+	if (ds < 6 + 4 + offset)
+		return;
d12 3
a14 12
 	/* Parse the actual exif data (offset 14) */
 	exif_data_load_data_content (data, data->ifd[EXIF_IFD_0], d + 6,
 				     ds - 6, offset);
 
 	/* IFD 1 offset */
 	n = exif_get_short (d + 6 + offset, data->priv->order);
+	if (ds < 6 + offset + 2 + 12 * n + 4)
+		return;
+
 	offset = exif_get_long (d + 6 + offset + 2 + 12 * n, data->priv->order);
 	if (offset) {
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
@


1.1
log
@Added a patch to fix buffer overflow:

  * SECURITY UPDATE: Fix buffer overflow.
  * libexif/exif-data.c: Add buffer size checks in several places before
    trying to access it.
  * Thanks to Sylvain Defresne for spotting this and the patch.
  * References:
    https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152

Thanks to wiz@@ for heads-up. :)
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-ab was added on branch pkgsrc-2004Q4 on 2005-03-10 19:22:22 +0000
@
text
@d1 32
@


1.1.2.2
log
@Pullup ticket 349 - requested by Lubomir Sedlacik
security fix for libexif

Revisions pulled up:
- pkgsrc/graphics/libexif/Makefile		1.22
- pkgsrc/graphics/libexif/buildlink3.mk		1.6
- pkgsrc/graphics/libexif/distinfo		1.12
- pkgsrc/graphics/libexif/patches/patch-ab	1.1


    Module Name:    pkgsrc
    Committed By:   adam
    Date:           Thu Mar 10 19:22:22 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: distinfo
    Added Files:
            pkgsrc/graphics/libexif/patches: patch-ab

    Log Message:
    Added a patch to fix buffer overflow:

      * SECURITY UPDATE: Fix buffer overflow.
      * libexif/exif-data.c: Add buffer size checks in several places before
        trying to access it.
      * Thanks to Sylvain Defresne for spotting this and the patch.
      * References:
        https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152

    Thanks to wiz@@ for heads-up. :)

    ----

    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Thu Mar 10 22:21:56 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: Makefile buildlink3.mk

    Log Message:
    Bump PKGREVISION and BUILDLINK_RECOMMENDED for the security fix. (hi adam!)
@
text
@a0 32
$NetBSD: patch-ab,v 1.1.2.1 2005/03/11 06:08:38 snj Exp $

--- libexif/exif-data.c.orig	Tue Oct  5 21:10:04 2004
+++ libexif/exif-data.c
@@@@ -628,7 +628,7 @@@@ exif_data_load_data (ExifData *data, con
 		  "Found EXIF header.");
 
 	/* Byte order (offset 6, length 2) */
-	if (ds < 12)
+	if (ds < 14)
 		return;
 	if (!memcmp (d + 6, "II", 2))
 		data->priv->order = EXIF_BYTE_ORDER_INTEL;
@@@@ -646,12 +646,18 @@@@ exif_data_load_data (ExifData *data, con
 	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", 
 		  "IFD 0 at %i.", (int) offset);
 
+	if (ds < 6 + 4 + offset)
+		return;
+
 	/* Parse the actual exif data (offset 14) */
 	exif_data_load_data_content (data, data->ifd[EXIF_IFD_0], d + 6,
 				     ds - 6, offset);
 
 	/* IFD 1 offset */
 	n = exif_get_short (d + 6 + offset, data->priv->order);
+	if (ds < 6 + offset + 2 + 12 * n + 4)
+		return;
+
 	offset = exif_get_long (d + 6 + offset + 2 + 12 * n, data->priv->order);
 	if (offset) {
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
@


1.1.4.1
log
@Pullup ticket 500 - requested by Lubomir Sedlacik
security fix for libexif

Revisions pulled up:
- pkgsrc/graphics/libexif/Makefile		1.24, 1.25
- pkgsrc/graphics/libexif/PLIST			1.12
- pkgsrc/graphics/libexif/distinfo		1.13, 1.14, 1.15
- pkgsrc/graphics/libexif/buildlink3.mk		1.7
- pkgsrc/graphics/libexif/patches/patch-aa	1.3
- pkgsrc/graphics/libexif/patches/patch-ab	1.3
- pkgsrc/graphics/libexif/patches/patch-ac	1.1

    Module Name:    pkgsrc
    Committed By:   adam
    Date:           Wed Apr 20 12:40:41 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: Makefile PLIST distinfo
    Removed Files:
            pkgsrc/graphics/libexif/patches: patch-aa patch-ab

    Log Message:
    Changes 0.6.12:
      * Final fix of Ubuntu Security Notice USN-91-1 (CAN-2005-0664)
        https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
      * Updated build system with cross compile capabilities
      * Small fixes:
        Fix tag order, use even offsets, improve Nikon&Olympus mnote tags.
----
    Module Name:    pkgsrc
    Committed By:   minskim
    Date:           Mon May  9 13:21:16 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: distinfo
    Added Files:
            pkgsrc/graphics/libexif/patches: patch-aa patch-ab

    Log Message:
    Declare a static function in .c, not in .h.
----
    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Fri May 13 11:58:00 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: Makefile buildlink3.mk distinfo
    Added Files:
            pkgsrc/graphics/libexif/patches: patch-ac

    Log Message:
    Security fix:

    "Matthias Clasen has reported a vulnerability in libexif, which can be
    exploited by malicious people to cause a DoS (Denial of Service).

    The vulnerability is caused due to an infinite recursion in the
    "exif_data_load_data_content()" function and can be exploited to
    cause a stack overflow when parsing a specially crafted image.

    Successful exploitation may crash an application linked against the
    vulnerable library."

    Bump PKGREVISION.  Patch from:
    http://sourceforge.net/tracker/index.php?func=detail&aid=1196787&group_id=12272&atid=112272
@
text
@d1 1
a1 1
$NetBSD: patch-ab,v 1.3 2005/05/09 13:21:16 minskim Exp $
d3 4
a6 3
--- libexif/exif-utils.c.orig	2005-03-12 20:27:13.000000000 -0600
+++ libexif/exif-utils.c
@@@@ -22,6 +22,9 @@@@
d8 9
a16 1
 #include <libexif/exif-utils.h>
d18 2
a19 2
+static ExifSShort
+exif_get_sshort (const unsigned char *buf, ExifByteOrder order);
d21 12
a32 3
 void
 exif_array_set_byte_order (ExifFormat f, unsigned char *b, unsigned int n,
 		ExifByteOrder o_orig, ExifByteOrder o_new)
@