head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.6
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.4
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.2
	pkgsrc-2011Q4-base:1.2;
locks; strict;
comment	@# @;


1.2
date	2011.09.04.15.42.51;	author adam;	state dead;
branches;
next	1.1;

1.1
date	2011.08.30.22.18.31;	author drochner;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Qt 4.7.4 is a bug-fix release. It maintains both forward and backward
compatibility (source and binary) with Qt 4.7.0.  For more details,
refer to the online documentation included in this distribution. The
documentation is also available online.
  http:
@
text
@$NetBSD: patch-da,v 1.1 2011/08/30 22:18:31 drochner Exp $

CVE-2011-3194

--- src/gui/image/qtiffhandler.cpp.orig	2011-03-30 05:19:04.000000000 +0000
+++ src/gui/image/qtiffhandler.cpp
@@@@ -196,9 +196,12 @@@@ bool QTiffHandler::read(QImage *image)
     uint16 bitPerSample;
     if (!TIFFGetField(tiff, TIFFTAG_BITSPERSAMPLE, &bitPerSample))
         bitPerSample = 1;
+    uint16 samplesPerPixel; // they may be e.g. grayscale with 2 samples per pixel
+    if (!TIFFGetField(tiff, TIFFTAG_SAMPLESPERPIXEL, &samplesPerPixel))
+	samplesPerPixel = 1;
 
     bool grayscale = photometric == PHOTOMETRIC_MINISBLACK || photometric == PHOTOMETRIC_MINISWHITE;
-    if (grayscale && bitPerSample == 1) {
+    if (grayscale && bitPerSample == 1 && samplesPerPixel == 1) {
         if (image->size() != QSize(width, height) || image->format() != QImage::Format_Mono)
             *image = QImage(width, height, QImage::Format_Mono);
         QVector<QRgb> colortable(2);
@@@@ -220,7 +223,7 @@@@ bool QTiffHandler::read(QImage *image)
             }
         }
     } else {
-        if ((grayscale || photometric == PHOTOMETRIC_PALETTE) && bitPerSample == 8) {
+        if ((grayscale || photometric == PHOTOMETRIC_PALETTE) && bitPerSample == 8 && samplesPerPixel == 1) {
             if (image->size() != QSize(width, height) || image->format() != QImage::Format_Indexed8)
                 *image = QImage(width, height, QImage::Format_Indexed8);
             if (!image->isNull()) {
@


1.1
log
@add 2 patches from upstream to fix possible buffer overflows
(CVE-2011-3193, CVE-2011-3194)
bump PKGREV
@
text
@d1 1
a1 1
$NetBSD$
@