head	1.3;
access;
symbols
	pkgsrc-2015Q3:1.2.0.38
	pkgsrc-2015Q3-base:1.2
	pkgsrc-2015Q2:1.2.0.36
	pkgsrc-2015Q2-base:1.2
	pkgsrc-2015Q1:1.2.0.34
	pkgsrc-2015Q1-base:1.2
	pkgsrc-2014Q4:1.2.0.32
	pkgsrc-2014Q4-base:1.2
	pkgsrc-2014Q3:1.2.0.30
	pkgsrc-2014Q3-base:1.2
	pkgsrc-2014Q2:1.2.0.28
	pkgsrc-2014Q2-base:1.2
	pkgsrc-2014Q1:1.2.0.26
	pkgsrc-2014Q1-base:1.2
	pkgsrc-2013Q4:1.2.0.24
	pkgsrc-2013Q4-base:1.2
	pkgsrc-2013Q3:1.2.0.22
	pkgsrc-2013Q3-base:1.2
	pkgsrc-2013Q2:1.2.0.20
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2013Q1:1.2.0.18
	pkgsrc-2013Q1-base:1.2
	pkgsrc-2012Q4:1.2.0.16
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2012Q3:1.2.0.14
	pkgsrc-2012Q3-base:1.2
	pkgsrc-2012Q2:1.2.0.12
	pkgsrc-2012Q2-base:1.2
	pkgsrc-2012Q1:1.2.0.10
	pkgsrc-2012Q1-base:1.2
	pkgsrc-2011Q4:1.2.0.8
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q3:1.2.0.6
	pkgsrc-2011Q3-base:1.2
	pkgsrc-2011Q2:1.2.0.4
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2011Q1:1.2.0.2
	pkgsrc-2011Q1-base:1.2
	pkgsrc-2010Q4:1.1.0.10
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.8
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.6
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.4
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.2;
locks; strict;
comment	@# @;


1.3
date	2015.10.24.19.24.10;	author joerg;	state dead;
branches;
next	1.2;
commitid	oRJnQ9Y05Xi5CoGy;

1.2
date	2011.01.24.09.33.33;	author wiz;	state Exp;
branches;
next	1.1;

1.1
date	2010.02.16.17.35.34;	author taca;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2010.02.16.17.35.34;	author spz;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2010.02.28.13.34.22;	author spz;	state Exp;
branches;
next	;


desc
@@


1.3
log
@Retire wxGTK26.
@
text
@$NetBSD: patch-af,v 1.2 2011/01/24 09:33:33 wiz Exp $

Fix build with png-1.5.
deal with CVE-2009-2369.

--- src/common/imagpng.cpp.orig	2006-03-21 23:42:10.000000000 +0000
+++ src/common/imagpng.cpp
@@@@ -528,7 +528,7 @@@@ wxPNGHandler::LoadFile(wxImage *image,
     png_structp png_ptr = png_create_read_struct
                           (
                             PNG_LIBPNG_VER_STRING,
-                            (voidp) NULL,
+                            NULL,
                             wx_png_error,
                             wx_png_warning
                           );
@@@@ -570,18 +570,16 @@@@ wxPNGHandler::LoadFile(wxImage *image,
     if (!image->Ok())
         goto error;
 
-    lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char *)) );
+    // initialize all line pointers to NULL to ensure that they can be safely
+    // free()d if an error occurs before all of them could be allocated
+    lines = (unsigned char **)calloc(height, sizeof(unsigned char *));
     if ( !lines )
         goto error;
 
     for (i = 0; i < height; i++)
     {
         if ((lines[i] = (unsigned char *)malloc( (size_t)(width * (sizeof(unsigned char) * 4)))) == NULL)
-        {
-            for ( unsigned int n = 0; n < i; n++ )
-                free( lines[n] );
             goto error;
-        }
     }
 
     png_read_image( png_ptr, lines );
@


1.2
log
@Fix build with png-1.5.
@
text
@d1 1
a1 1
$NetBSD: patch-af,v 1.1 2010/02/16 17:35:34 taca Exp $
@


1.1
log
@Add patches for CVE-2009-2369 and CVE-2009-2625.

Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
d3 1
d8 9
@


1.1.2.1
log
@file patch-af was added on branch pkgsrc-2009Q4 on 2010-02-28 13:34:22 +0000
@
text
@d1 28
@


1.1.2.2
log
@Pullup ticket 3028 - requested by taca
security patch

Revisions pulled up:
- pkgsrc/x11/wxGTK26/Makefile		1.5
- pkgsrc/x11/wxGTK26/distinfo		1.4

Files added:
pkgsrc/x11/wxGTK26/patches/patch-ae
pkgsrc/x11/wxGTK26/patches/patch-af
pkgsrc/x11/wxGTK26/patches/patch-ag
pkgsrc/x11/wxGTK26/patches/patch-ah

   --------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue Feb 16 17:35:34 UTC 2010

   Modified Files:
           pkgsrc/x11/wxGTK26: Makefile distinfo
   Added Files:
           pkgsrc/x11/wxGTK26/patches: patch-ae patch-af patch-ag patch-ah

   Log Message:
   Add patches for CVE-2009-2369 and CVE-2009-2625.

   Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK26/Makefile
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/x11/wxGTK26/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK26/patches/patch-ae \
       pkgsrc/x11/wxGTK26/patches/patch-af pkgsrc/x11/wxGTK26/patches/patch-ag \
       pkgsrc/x11/wxGTK26/patches/patch-ah
@
text
@a0 28
$NetBSD: patch-af,v 1.1 2010/02/16 17:35:34 taca Exp $

deal with CVE-2009-2369.

--- src/common/imagpng.cpp.orig	2006-03-21 23:42:10.000000000 +0000
+++ src/common/imagpng.cpp
@@@@ -570,18 +570,16 @@@@ wxPNGHandler::LoadFile(wxImage *image,
     if (!image->Ok())
         goto error;
 
-    lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char *)) );
+    // initialize all line pointers to NULL to ensure that they can be safely
+    // free()d if an error occurs before all of them could be allocated
+    lines = (unsigned char **)calloc(height, sizeof(unsigned char *));
     if ( !lines )
         goto error;
 
     for (i = 0; i < height; i++)
     {
         if ((lines[i] = (unsigned char *)malloc( (size_t)(width * (sizeof(unsigned char) * 4)))) == NULL)
-        {
-            for ( unsigned int n = 0; n < i; n++ )
-                free( lines[n] );
             goto error;
-        }
     }
 
     png_read_image( png_ptr, lines );
@