head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.22 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.20 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.18 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.16 pkgsrc-2011Q2-base:1.4 pkgsrc-2010Q3:1.4.0.14 pkgsrc-2009Q4:1.4.0.12 pkgsrc-2009Q4-base:1.4 pkgsrc-2008Q4:1.4.0.10 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.8 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.6 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.4 pkgsrc-2008Q2-base:1.4 pkgsrc-2008Q1:1.4.0.2 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.3.0.14 pkgsrc-2007Q4-base:1.3 pkgsrc-2007Q3:1.3.0.12 pkgsrc-2007Q3-base:1.3 pkgsrc-2007Q2:1.3.0.10 pkgsrc-2007Q2-base:1.3 pkgsrc-2007Q1:1.3.0.8 pkgsrc-2007Q1-base:1.3 pkgsrc-2006Q4:1.3.0.6 pkgsrc-2006Q4-base:1.3 pkgsrc-2006Q3:1.3.0.4 pkgsrc-2006Q3-base:1.3 pkgsrc-2006Q2:1.3.0.2 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.2.0.14 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.12 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.10 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.8 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.6 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.4 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.2 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.1.0.2 pkgsrc-2004Q2-base:1.1; locks; strict; comment @# @; 1.4 date 2008.02.13.14.26.24; author kefren; state dead; branches 1.4.14.1; next 1.3; 1.3 date 2006.04.22.18.28.04; author joerg; state Exp; branches; next 1.2; 1.2 date 2004.06.26.20.19.42; author recht; state dead; branches; next 1.1; 1.1 date 2004.05.11.17.37.48; author recht; state Exp; branches; next ; 1.4.14.1 date 2008.02.13.14.26.24; author tron; state dead; branches; next 1.4.14.2; 1.4.14.2 date 2010.10.17.17.40.29; author tron; state Exp; branches; next ; desc @@ 1.4 log @Update to libgdiplus 1.2.6 @ text @$NetBSD: patch-ab,v 1.3 2006/04/22 18:28:04 joerg Exp $ --- cairo/test/Makefile.in.orig 2006-04-22 18:07:01.000000000 +0000 +++ cairo/test/Makefile.in @@@@ -44,7 +44,7 @@@@ host_triplet = @@host@@ @@CAIRO_HAS_PS_SURFACE_TRUE@@am__append_3 = ps-surface @@CAIRO_HAS_XLIB_SURFACE_TRUE@@am__append_4 = xlib-surface check_PROGRAMS = $(am__EXEEXT_1) -@@HAVE_PTHREAD_TRUE@@am__append_5 = -lpthread +@@HAVE_PTHREAD_TRUE@@am__append_5 = ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS} noinst_PROGRAMS = imagediff$(EXEEXT) subdir = test DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in @ 1.4.14.1 log @file patch-ab was added on branch pkgsrc-2010Q3 on 2010-10-17 17:40:29 +0000 @ text @d1 13 @ 1.4.14.2 log @Pullup ticket #3247 - requested by kefren graphics/libgdiplus: security patch Revisions pulled up: - graphics/libgdiplus/Makefile patch - graphics/libgdiplus/distinfo patch - graphics/libgdiplus/patches/patch-aa new file - graphics/libgdiplus/patches/patch-ab new file - graphics/libgdiplus/patches/patch-ac new file --- Apply patch to fix the security vulnerability reported in CVE-2010-1526 (execution of code via crafted TIFF, JPEG or BMP files.) @ text @a0 69 $NetBSD$ Fix for CVE-2010-1526 --- src/jpegcodec.c.orig 2009-09-25 18:06:51.000000000 +0300 +++ src/jpegcodec.c 2010-10-17 08:37:03.000000000 +0300 @@@@ -282,6 +282,7 @@@@ gdip_load_jpeg_image_internal (struct jp BYTE *lines[4] = {NULL, NULL, NULL, NULL}; GpStatus status; int stride; + unsigned long long int size; destbuf = NULL; result = NULL; @@@@ -323,20 +324,21 @@@@ gdip_load_jpeg_image_internal (struct jp if (cinfo.num_components == 1) { result->cairo_format = CAIRO_FORMAT_A8; - result->active_bitmap->stride = cinfo.image_width; result->active_bitmap->pixel_format = PixelFormat8bppIndexed; + size = 1; } else if (cinfo.num_components == 3) { /* libjpeg gives us RGB for many formats and * we convert to RGB format when needed. JPEG * does not support alpha (transparency). */ result->cairo_format = CAIRO_FORMAT_ARGB32; - result->active_bitmap->stride = 4 * cinfo.image_width; result->active_bitmap->pixel_format = PixelFormat24bppRGB; + size = 4; } else if (cinfo.num_components == 4) { result->cairo_format = CAIRO_FORMAT_ARGB32; - result->active_bitmap->stride = 4 * cinfo.image_width; result->active_bitmap->pixel_format = PixelFormat32bppRGB; - } + size = 4; + } else + goto error; switch (cinfo.jpeg_color_space) { case JCS_GRAYSCALE: @@@@ -360,7 +362,12 @@@@ gdip_load_jpeg_image_internal (struct jp break; } - stride = result->active_bitmap->stride; + size *= cinfo.image_width; + /* stride is a (signed) _int_ and once multiplied by 4 it should hold a value that can be allocated by GdipAlloc + * this effectively limits 'width' to 536870911 pixels */ + if (size > G_MAXINT32) + goto error; + stride = result->active_bitmap->stride = size; /* Request cairo-compat output */ /* libjpeg can do only following conversions, @@@@ -397,7 +404,13 @@@@ gdip_load_jpeg_image_internal (struct jp jpeg_start_decompress (&cinfo); - destbuf = GdipAlloc (stride * cinfo.output_height); + /* ensure total 'size' does not overflow an integer and fits inside our 2GB limit */ + size *= cinfo.output_height; + if (size > G_MAXINT32) { + status = OutOfMemory; + goto error; + } + destbuf = GdipAlloc (size); if (destbuf == NULL) { status = OutOfMemory; goto error; @ 1.3 log @Don't hard-code -lpthread, use correct pkgsrc variables instead. @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @update to libgdiplus-0.10 (release candidate 1) No real NEWS file available, so guessing from the ChangeLog: - bug-fixes - tiff load/save from stream @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.1 2004/05/11 17:37:48 recht Exp $ d3 11 a13 14 --- src/tiffcodec.c.orig 2004-05-11 18:19:51.000000000 +0200 +++ src/tiffcodec.c @@@@ -14,7 +14,10 @@@@ #endif #include -#include + +/* pkgsrc */ +/* #include */ + #include "tiffcodec.h" #ifdef HAVE_LIBTIFF @ 1.1 log @update to libgdiplus-0.5 (part of mono beta1) Sadly, there's no real news file avaiable. So, I guess it's the usual bug-fixes and optimizations. @ text @d1 1 a1 1 $NetBSD$ @