diff options
| author | tron <tron> | 2010-04-20 21:26:19 +0000 |
|---|---|---|
| committer | tron <tron> | 2010-04-20 21:26:19 +0000 |
| commit | c980f89eda2820b7a4deb1b4c5be22a5a46b8a26 (patch) | |
| tree | 30bb772942b88666933ff01d2b19a755a4b8dc4e | |
| parent | 6dba0108cc998d87162c6987c17c95c23928d2f3 (diff) | |
| download | pkgsrc-c980f89eda2820b7a4deb1b4c5be22a5a46b8a26.tar.gz | |
Pullup ticket #3084 - requested by minskim
print/dvipsk: security patch
Revisions pulled up:
- print/dvipsk/Makefile 1.5
- print/dvipsk/distinfo 1.4
- print/dvipsk/patches/patch-ab 1.3
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Apr 20 17:07:28 UTC 2010
Modified Files:
pkgsrc/print/dvipsk: Makefile distinfo
Added Files:
pkgsrc/print/dvipsk/patches: patch-ab
Log Message:
Avoid integer overflow (CVE-2010-0739).
Patch from TeX Live repository (Revision 17559).
| -rw-r--r-- | print/dvipsk/Makefile | 3 | ||||
| -rw-r--r-- | print/dvipsk/distinfo | 3 | ||||
| -rw-r--r-- | print/dvipsk/patches/patch-ab | 17 |
3 files changed, 21 insertions, 2 deletions
diff --git a/print/dvipsk/Makefile b/print/dvipsk/Makefile index 7c378f0deae..c926c0b8f48 100644 --- a/print/dvipsk/Makefile +++ b/print/dvipsk/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.4 2010/01/16 03:47:31 minskim Exp $ +# $NetBSD: Makefile,v 1.4.2.1 2010/04/20 21:26:19 tron Exp $ DISTNAME= texlive-20091011-source PKGNAME= dvipsk-5.98 +PKGREVISION= 1 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_TEX_CTAN:=systems/texlive/Source/} EXTRACT_SUFX= .tar.xz diff --git a/print/dvipsk/distinfo b/print/dvipsk/distinfo index 7aed89d00e2..36d4cc322da 100644 --- a/print/dvipsk/distinfo +++ b/print/dvipsk/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.3 2010/01/16 03:47:31 minskim Exp $ +$NetBSD: distinfo,v 1.3.2.1 2010/04/20 21:26:19 tron Exp $ SHA1 (texlive-20091011-source.tar.xz) = 82fc9fcdb82c63a00f4b08a51733c761cbda897d RMD160 (texlive-20091011-source.tar.xz) = 81b86cd93e629d6b1b3d7918848dd76babc0d5a9 Size (texlive-20091011-source.tar.xz) = 29683728 bytes SHA1 (patch-aa) = 825b091fecb17e8cc9135a0341b90e49ffd56baf +SHA1 (patch-ab) = 4acf55b8027b9b2edc64c01568d3c22b50b7eafa diff --git a/print/dvipsk/patches/patch-ab b/print/dvipsk/patches/patch-ab new file mode 100644 index 00000000000..7d3bac81ccb --- /dev/null +++ b/print/dvipsk/patches/patch-ab @@ -0,0 +1,17 @@ +$NetBSD: patch-ab,v 1.3.2.2 2010/04/20 21:26:19 tron Exp $ + +--- dospecial.c.orig 2009-06-23 09:46:14.000000000 +0000 ++++ dospecial.c +@@ -334,6 +334,12 @@ predospecial(integer numbytes, Boolean s + static int omega_specials = 0; + + if (nextstring + numbytes > maxstring) { ++ if (numbytes < 0 ++ || (numbytes > 0 && 2 > INT_MAX / numbytes) ++ || 2 * numbytes > 1000 + 2 * numbytes) { ++ error("! Integer overflow in predospecial"); ++ exit(1); ++ } + p = nextstring = mymalloc(1000 + 2 * numbytes) ; + maxstring = nextstring + 2 * numbytes + 700 ; + } |