head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.24
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.22
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.20
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.18
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.16
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.14
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.12
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.10
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.8
	pkgsrc-2008Q2-base:1.2
	pkgsrc-2008Q1:1.2.0.6
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.4
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.2.0.2
	pkgsrc-2007Q3-base:1.2
	pkgsrc-2007Q2:1.1.0.8
	pkgsrc-2007Q2-base:1.1
	pkgsrc-2007Q1:1.1.0.6
	pkgsrc-2007Q1-base:1.1
	pkgsrc-2006Q4:1.1.0.4
	pkgsrc-2006Q4-base:1.1
	pkgsrc-2006Q3:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2007.09.18.19.18.12;	author drochner;	state dead;
branches;
next	1.1;

1.1
date	2006.11.24.12.46.12;	author drochner;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2006.11.24.12.46.12;	author ghen;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2006.11.29.17.16.35;	author ghen;	state Exp;
branches;
next	;


desc
@@


1.2
log
@update to 1.4.0
changes: security fixes, and a few crashes fixed
@
text
@$NetBSD: patch-cd,v 1.1 2006/11/24 12:46:12 drochner Exp $

--- src/modules/loaders/loader_png.c.orig	2006-09-05 02:37:07.000000000 +0200
+++ src/modules/loaders/loader_png.c
@@@@ -83,6 +83,13 @@@@ load(ImlibImage * im, ImlibProgressFunct
         png_get_IHDR(png_ptr, info_ptr, (png_uint_32 *) (&w32),
                      (png_uint_32 *) (&h32), &bit_depth, &color_type,
                      &interlace_type, NULL, NULL);
+        if (w32 < 1 || h32 < 1 || w32 > 16383 || h32 > 16383)
+           {
+              png_read_end(png_ptr, info_ptr);
+              png_destroy_read_struct(&png_ptr, &info_ptr, (png_infopp) NULL);
+              fclose(f);
+              return 0;
+           }
         im->w = (int)w32;
         im->h = (int)h32;
         if (color_type == PNG_COLOR_TYPE_PALETTE)
@


1.1
log
@fix some insufficient validation of graphics files, patches from Ubuntu
(CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809)
update to 1.3.0 (no changelog available)
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-cd was added on branch pkgsrc-2006Q3 on 2006-11-24 12:46:12 +0000
@
text
@d1 18
@


1.1.2.2
log
@Pullup ticket 1926 - requested by drochner
security update for imlib2

- pkgsrc/graphics/imlib2/Makefile		1.41
- pkgsrc/graphics/imlib2/PLIST			1.8
- pkgsrc/graphics/imlib2/distinfo		1.17
- pkgsrc/graphics/imlib2/patches/patch-aa	removed
- pkgsrc/graphics/imlib2/patches/patch-ba	removed
- pkgsrc/graphics/imlib2/patches/patch-bb	removed
- pkgsrc/graphics/imlib2/patches/patch-bc	removed
- pkgsrc/graphics/imlib2/patches/patch-bd	removed
- pkgsrc/graphics/imlib2/patches/patch-ca	1.1
- pkgsrc/graphics/imlib2/patches/patch-cb	1.1
- pkgsrc/graphics/imlib2/patches/patch-cc	1.1
- pkgsrc/graphics/imlib2/patches/patch-cd	1.1
- pkgsrc/graphics/imlib2/patches/patch-ce	1.1
- pkgsrc/graphics/imlib2/patches/patch-cf	1.1
- pkgsrc/graphics/imlib2/patches/patch-cg	1.1

   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Fri Nov 24 12:46:12 UTC 2006

   Modified Files:
        pkgsrc/graphics/imlib2: Makefile PLIST distinfo
   Added Files:
        pkgsrc/graphics/imlib2/patches: patch-ca patch-cb patch-cc patch-cd
            patch-ce patch-cf patch-cg
   Removed Files:
        pkgsrc/graphics/imlib2/patches: patch-ba patch-bb patch-bc patch-bd

   Log Message:
   fix some insufficient validation of graphics files, patches from Ubuntu
   (CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809)
   update to 1.3.0 (no changelog available)
---
   Module Name:	pkgsrc
   Committed By:	drochner
   Date:		Wed Nov 29 15:37:09 UTC 2006

   Removed Files:
	pkgsrc/graphics/imlib2/patches: patch-aa

   Log Message:
   remove stale patchfile, pointed out by Kouichirou Hiratsuka
@
text
@a0 18
$NetBSD: patch-cd,v 1.1.2.1 2006/11/29 17:16:35 ghen Exp $

--- src/modules/loaders/loader_png.c.orig	2006-09-05 02:37:07.000000000 +0200
+++ src/modules/loaders/loader_png.c
@@@@ -83,6 +83,13 @@@@ load(ImlibImage * im, ImlibProgressFunct
         png_get_IHDR(png_ptr, info_ptr, (png_uint_32 *) (&w32),
                      (png_uint_32 *) (&h32), &bit_depth, &color_type,
                      &interlace_type, NULL, NULL);
+        if (w32 < 1 || h32 < 1 || w32 > 16383 || h32 > 16383)
+           {
+              png_read_end(png_ptr, info_ptr);
+              png_destroy_read_struct(&png_ptr, &info_ptr, (png_infopp) NULL);
+              fclose(f);
+              return 0;
+           }
         im->w = (int)w32;
         im->h = (int)h32;
         if (color_type == PNG_COLOR_TYPE_PALETTE)
@