head 1.2; access; symbols pkgsrc-2015Q1:1.1.0.80 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.78 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.76 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.74 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.72 pkgsrc-2014Q1-base:1.1 pkgsrc-2013Q4:1.1.0.70 pkgsrc-2013Q4-base:1.1 pkgsrc-2013Q3:1.1.0.68 pkgsrc-2013Q3-base:1.1 pkgsrc-2013Q2:1.1.0.66 pkgsrc-2013Q2-base:1.1 pkgsrc-2013Q1:1.1.0.64 pkgsrc-2013Q1-base:1.1 pkgsrc-2012Q4:1.1.0.62 pkgsrc-2012Q4-base:1.1 pkgsrc-2012Q3:1.1.0.60 pkgsrc-2012Q3-base:1.1 pkgsrc-2012Q2:1.1.0.58 pkgsrc-2012Q2-base:1.1 pkgsrc-2012Q1:1.1.0.56 pkgsrc-2012Q1-base:1.1 pkgsrc-2011Q4:1.1.0.54 pkgsrc-2011Q4-base:1.1 pkgsrc-2011Q3:1.1.0.52 pkgsrc-2011Q3-base:1.1 pkgsrc-2011Q2:1.1.0.50 pkgsrc-2011Q2-base:1.1 pkgsrc-2011Q1:1.1.0.48 pkgsrc-2011Q1-base:1.1 pkgsrc-2010Q4:1.1.0.46 pkgsrc-2010Q4-base:1.1 pkgsrc-2010Q3:1.1.0.44 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.42 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.40 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.38 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.36 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.34 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.32 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.30 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.28 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.26 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.24 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.22 pkgsrc-2008Q1:1.1.0.20 pkgsrc-2008Q1-base:1.1 pkgsrc-2007Q4:1.1.0.18 pkgsrc-2007Q4-base:1.1 pkgsrc-2007Q3:1.1.0.16 pkgsrc-2007Q3-base:1.1 pkgsrc-2007Q2:1.1.0.14 pkgsrc-2007Q2-base:1.1 pkgsrc-2007Q1:1.1.0.12 pkgsrc-2007Q1-base:1.1 pkgsrc-2006Q4:1.1.0.10 pkgsrc-2006Q4-base:1.1 pkgsrc-2006Q3:1.1.0.8 pkgsrc-2006Q3-base:1.1 pkgsrc-2006Q2:1.1.0.6 pkgsrc-2006Q2-base:1.1 pkgsrc-2006Q1:1.1.0.4 pkgsrc-2006Q1-base:1.1 pkgsrc-2005Q4:1.1.0.2; locks; strict; comment @# @; 1.2 date 2015.04.30.10.43.54; author markd; state dead; branches; next 1.1; commitid Qi19hTbn97F9pBjy; 1.1 date 2006.01.24.21.51.36; author tron; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2006.01.24.21.51.36; author salo; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2006.01.25.12.45.20; author salo; state Exp; branches; next ; desc @@ 1.2 log @Convert to meta package. The only remaining files in the PLIST were symlinks in bin for commands that didn't actually work. Plus some related documentation. @ text @$NetBSD: patch-al,v 1.1 2006/01/24 21:51:36 tron Exp $ --- libs/xpdf/xpdf/Stream.cc.orig 2004-01-22 01:26:45.000000000 +0000 +++ libs/xpdf/xpdf/Stream.cc 2006-01-24 21:37:45.000000000 +0000 @@@@ -15,6 +15,7 @@@@ #include #include #include +#include #ifndef WIN32 #include #endif @@@@ -412,13 +413,28 @@@@ width = widthA; nComps = nCompsA; nBits = nBitsA; + predLine = NULL; + ok = gFalse; + if (width <= 0 || nComps <= 0 || nBits <= 0 || + nComps >= INT_MAX/nBits || + width >= INT_MAX/nComps/nBits) { + return; + } nVals = width * nComps; + if (nVals * nBits + 7 <= 0) { + return; + } pixBytes = (nComps * nBits + 7) >> 3; rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes; + if (rowBytes < 0) { + return; + } predLine = (Guchar *)gmalloc(rowBytes); memset(predLine, 0, rowBytes); predIdx = rowBytes; + + ok = gTrue; } StreamPredictor::~StreamPredictor() { @@@@ -1012,6 +1028,10 @@@@ FilterStream(strA) { if (predictor != 1) { pred = new StreamPredictor(this, predictor, columns, colors, bits); + if (!pred->isOk()) { + delete pred; + pred = NULL; + } } else { pred = NULL; } @@@@ -1260,6 +1280,9 @@@@ endOfLine = endOfLineA; byteAlign = byteAlignA; columns = columnsA; + if (columns + 3 < 1 || columns + 4 < 1 || columns < 1) { + columns = 1; + } rows = rowsA; endOfBlock = endOfBlockA; black = blackA; @@@@ -2897,6 +2920,10 @@@@ height = read16(); width = read16(); numComps = str->getChar(); + if (numComps <= 0 || numComps > 4) { + error(getPos(), "Bad number of components in DCT stream", prec); + return gFalse; + } if (prec != 8) { error(getPos(), "Bad DCT precision %d", prec); return gFalse; @@@@ -2923,6 +2950,10 @@@@ height = read16(); width = read16(); numComps = str->getChar(); + if (numComps <= 0 || numComps > 4) { + error(getPos(), "Bad number of components in DCT stream", prec); + return gFalse; + } if (prec != 8) { error(getPos(), "Bad DCT precision %d", prec); return gFalse; @@@@ -2945,6 +2976,10 @@@@ length = read16() - 2; scanInfo.numComps = str->getChar(); + if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) { + error(getPos(), "Bad number of components in DCT stream"); + return gFalse; + } --length; if (length != 2 * scanInfo.numComps + 3) { error(getPos(), "Bad DCT scan info block"); @@@@ -3019,12 +3054,12 @@@@ while (length > 0) { index = str->getChar(); --length; - if ((index & 0x0f) >= 4) { + if ((index & ~0x10) >= 4 || (index & ~0x10) < 0) { error(getPos(), "Bad DCT Huffman table"); return gFalse; } if (index & 0x10) { - index &= 0x0f; + index &= 0x03; if (index >= numACHuffTables) numACHuffTables = index+1; tbl = &acHuffTables[index]; @@@@ -3255,6 +3290,10 @@@@ FilterStream(strA) { if (predictor != 1) { pred = new StreamPredictor(this, predictor, columns, colors, bits); + if (!pred->isOk()) { + delete pred; + pred = NULL; + } } else { pred = NULL; } @ 1.1 log @Incorporate fixes for vulnerabilities reported in SA17916 and SA18329, bump package revision. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-al was added on branch pkgsrc-2005Q4 on 2006-01-24 21:51:36 +0000 @ text @d1 121 @ 1.1.2.2 log @Pullup ticket 1059 - requested by Matthias Scheler security fixes for teTeX3-bin Updated via patch provided by the submitter. Module Name: pkgsrc Committed By: tron Date: Tue Jan 24 21:51:36 UTC 2006 Modified Files: pkgsrc/print/teTeX3-bin: Makefile distinfo Added Files: pkgsrc/print/teTeX3-bin/patches: patch-ag patch-ah patch-ai patch-al Log Message: Incorporate fixes for vulnerabilities reported in SA17916 and SA18329, bump package revision. @ text @a0 121 $NetBSD: patch-al,v 1.1.2.1 2006/01/25 12:45:20 salo Exp $ --- libs/xpdf/xpdf/Stream.cc.orig 2004-01-22 01:26:45.000000000 +0000 +++ libs/xpdf/xpdf/Stream.cc 2006-01-24 21:37:45.000000000 +0000 @@@@ -15,6 +15,7 @@@@ #include #include #include +#include #ifndef WIN32 #include #endif @@@@ -412,13 +413,28 @@@@ width = widthA; nComps = nCompsA; nBits = nBitsA; + predLine = NULL; + ok = gFalse; + if (width <= 0 || nComps <= 0 || nBits <= 0 || + nComps >= INT_MAX/nBits || + width >= INT_MAX/nComps/nBits) { + return; + } nVals = width * nComps; + if (nVals * nBits + 7 <= 0) { + return; + } pixBytes = (nComps * nBits + 7) >> 3; rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes; + if (rowBytes < 0) { + return; + } predLine = (Guchar *)gmalloc(rowBytes); memset(predLine, 0, rowBytes); predIdx = rowBytes; + + ok = gTrue; } StreamPredictor::~StreamPredictor() { @@@@ -1012,6 +1028,10 @@@@ FilterStream(strA) { if (predictor != 1) { pred = new StreamPredictor(this, predictor, columns, colors, bits); + if (!pred->isOk()) { + delete pred; + pred = NULL; + } } else { pred = NULL; } @@@@ -1260,6 +1280,9 @@@@ endOfLine = endOfLineA; byteAlign = byteAlignA; columns = columnsA; + if (columns + 3 < 1 || columns + 4 < 1 || columns < 1) { + columns = 1; + } rows = rowsA; endOfBlock = endOfBlockA; black = blackA; @@@@ -2897,6 +2920,10 @@@@ height = read16(); width = read16(); numComps = str->getChar(); + if (numComps <= 0 || numComps > 4) { + error(getPos(), "Bad number of components in DCT stream", prec); + return gFalse; + } if (prec != 8) { error(getPos(), "Bad DCT precision %d", prec); return gFalse; @@@@ -2923,6 +2950,10 @@@@ height = read16(); width = read16(); numComps = str->getChar(); + if (numComps <= 0 || numComps > 4) { + error(getPos(), "Bad number of components in DCT stream", prec); + return gFalse; + } if (prec != 8) { error(getPos(), "Bad DCT precision %d", prec); return gFalse; @@@@ -2945,6 +2976,10 @@@@ length = read16() - 2; scanInfo.numComps = str->getChar(); + if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) { + error(getPos(), "Bad number of components in DCT stream"); + return gFalse; + } --length; if (length != 2 * scanInfo.numComps + 3) { error(getPos(), "Bad DCT scan info block"); @@@@ -3019,12 +3054,12 @@@@ while (length > 0) { index = str->getChar(); --length; - if ((index & 0x0f) >= 4) { + if ((index & ~0x10) >= 4 || (index & ~0x10) < 0) { error(getPos(), "Bad DCT Huffman table"); return gFalse; } if (index & 0x10) { - index &= 0x0f; + index &= 0x03; if (index >= numACHuffTables) numACHuffTables = index+1; tbl = &acHuffTables[index]; @@@@ -3255,6 +3290,10 @@@@ FilterStream(strA) { if (predictor != 1) { pred = new StreamPredictor(this, predictor, columns, colors, bits); + if (!pred->isOk()) { + delete pred; + pred = NULL; + } } else { pred = NULL; } @