head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.8 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.6 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2010Q3:1.1.0.12 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.10 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.8 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.6 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.4 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.2; locks; strict; comment @# @; 1.2 date 2010.12.14.09.55.57; author adam; state dead; branches; next 1.1; 1.1 date 2009.08.28.21.33.08; author hasso; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2009.08.28.21.33.08; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2009.08.28.22.15.55; author tron; state Exp; branches; next ; desc @@ 1.2 log @Changes 1.7.0: * Added new atttribute types: M33dAttribute 3x3 double-precision matrix M44dAttribute 4x4 double-precision matrix V2d 2D double-precision vector V3d 3D double-precision vector * Bug fix: crash when reading a damaged image file (found by Apple). An exception thrown inside the PIZ Huffman decoder bypasses initialization of an array of pointers. The uninitialized pointers are later passed to operator delete. * Bug fix: crash when reading a damaged image file (found by Apple). Computing the size of input certain buffers may overflow and wrap around to a small number, later causing writes beyond the end of the buffer. * In the "Technical Introduction" document, added Premultiplied vs. Un-Premulitiplied Color section: states explicitly that pixels with zero alpha and non-zero RGB are allowed, points out that preserving such a pixel can be a problem in application programs with un-premultiplied internal image representations. * exrenvmap improvements: - New command line flags set the type of the input image to latitude-longitude map or cube-face map, overriding the envmap attribute in the input file header. - Cube-face maps can now be assembled from or split into six square sub-images. - Converting a cube-face map into a new cube-face map with the same face size copies the image instead of resampling it. This avoids blurring when a cube-face map is assembled from or split into sub-images. * Updated standard chromaticities in ImfAcesFile.cpp to match final ACES (Academy Color Encoding Specification) document. * Added worldToCamera and worldToNDC matrices to ImfStandardAttributes.h * Increased the maximum length of attribute and channel names from 31 to 255 characters. For files that do contain names longer than 31 characters, a new LONG_NAMES_FLAG in the fil version number is set. This flag causes older versions of the IlmImf library (1.6.1 and earlier) to reject files with long names. Without the flag, older library versions would mis-interpret files with long names as broken. * Reading luminance/chroma-encoded files via the RGBA interface is faster: buffer padding avoids cache thrashing for certain image sizes, redundant calls to saturation() have been eliminated. * Added "hemispherical blur" option to exrenvmap. * Added experimental version of I/O classes for ACES file format (restricted OpenEXR format with special primaries and white point); added exr2aces file converter. * Added new constructors to classes Imf::RgbaInputFile and Imf::TiledRgbaInputFile. The new constructors have a layerName parameter, which allows the caller to specify which layer of a multi-layer or multi-view image will be read. * A number of member functions in classes Imf::Header, Imf::ChannelList and Imf::FrameBuffer have parameters of type "const char *". Added equivalent functions that take "const std::string &" parameters. * Added library support for Weta Digital multi-view images: StringVector attribute type, multiView standard attribute of type StringVector, utility functions related to grouping channels into separate views. @ text @$NetBSD: patch-ah,v 1.1 2009/08/28 21:33:08 hasso Exp $ --- IlmImf/ImfZipCompressor.cpp.orig 2006-10-13 22:07:17.000000000 -0500 +++ IlmImf/ImfZipCompressor.cpp 2009-07-29 13:18:25.223038291 -0500 @@@@ -58,6 +58,9 @@@@ ZipCompressor::ZipCompressor _tmpBuffer (0), _outBuffer (0) { + if ((unsigned) maxScanLineSize > INT_MAX / (unsigned) numScanLines) { + throw Iex::InputExc ("Error: maxScanLineSize * numScanLines would overflow."); + } _tmpBuffer = new char [maxScanLineSize * numScanLines]; @ 1.1 log @Add patches for CVE-2009-1720 (multiple integer overflows in OpenEXR) and CVE-2009-1721 (denial of service (application crash) or possibly execute arbitrary code in the Imf::hufUncompress function). Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ah was added on branch pkgsrc-2009Q2 on 2009-08-28 22:15:55 +0000 @ text @d1 14 @ 1.1.2.2 log @Pullup ticket #2878 - requested by hasso openexr: security patch Revisions pulled up: - graphics/openexr/Makefile 1.22 - graphics/openexr/distinfo 1.13 via patch - graphics/openexr/patches/patch-ae 1.1 - graphics/openexr/patches/patch-af 1.1 - graphics/openexr/patches/patch-ag 1.1 - graphics/openexr/patches/patch-ah 1.1 - graphics/openexr/patches/patch-ai 1.1 --- Module Name: pkgsrc Committed By: hasso Date: Fri Aug 28 21:33:08 UTC 2009 Modified Files: pkgsrc/graphics/openexr: Makefile distinfo Added Files: pkgsrc/graphics/openexr/patches: patch-ae patch-af patch-ag patch-ah patch-ai Log Message: Add patches for CVE-2009-1720 (multiple integer overflows in OpenEXR) and CVE-2009-1721 (denial of service (application crash) or possibly execute arbitrary code in the Imf::hufUncompress function). Bump PKGREVISION. @ text @a0 14 $NetBSD: patch-ah,v 1.1 2009/08/28 21:33:08 hasso Exp $ --- IlmImf/ImfZipCompressor.cpp.orig 2006-10-13 22:07:17.000000000 -0500 +++ IlmImf/ImfZipCompressor.cpp 2009-07-29 13:18:25.223038291 -0500 @@@@ -58,6 +58,9 @@@@ ZipCompressor::ZipCompressor _tmpBuffer (0), _outBuffer (0) { + if ((unsigned) maxScanLineSize > INT_MAX / (unsigned) numScanLines) { + throw Iex::InputExc ("Error: maxScanLineSize * numScanLines would overflow."); + } _tmpBuffer = new char [maxScanLineSize * numScanLines]; @