Pullup ticket #3377 - requested by tron

devel/pango: security update Revisions pulled up: - devel/pango/Makefile 1.151 - devel/pango/distinfo 1.87 - devel/pango/patches/patch-ac 1.15 - devel/pango/patches/patch-ad 1.12 ---------------------------------------------------------------------------- Module Name: pkgsrc Committed By: drochner Date: Thu Jan 27 14:04:51 UTC 2011 Modified Files: pkgsrc/devel/pango: Makefile distinfo Added Files: pkgsrc/devel/pango/patches: patch-ac patch-ad Log Message: -add patch from https://bugzilla.gnome.org/show_bug.cgi?id=3D639882 to fix possible heap corruption when parsing a corrupt font (CVE-2011-0020) -being here, add a patch from upstream to fix a scaling inconsistency bump PKGREV
author: spz <spz> 2011-03-05 17:58:14 +0000
committer: spz <spz> 2011-03-05 17:58:14 +0000
commit: 9eb1ced616e1ea0392e447ae5aab9131e8f01e5d (patch)
tree: 762337e09770c88903455c19a321b28d3c6e8173
parent: 295f9ae8a12e0e035af5b838cd359f3499aab59e (diff)
download: pkgsrc-9eb1ced616e1ea0392e447ae5aab9131e8f01e5d.tar.gz
4 files changed, 64 insertions, 2 deletions
diff --git a/devel/pango/Makefile b/devel/pango/Makefile
index d4591c3399e..e752bbc9272 100644
--- a/devel/pango/Makefile
+++ b/devel/pango/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.149 2010/10/16 18:00:02 wiz Exp $
+# $NetBSD: Makefile,v 1.149.2.1 2011/03/05 17:58:14 spz Exp $
 
 DISTNAME=		pango-1.28.3
+PKGREVISION=		2
 CATEGORIES=		devel fonts
 MASTER_SITES=		${MASTER_SITE_GNOME:=sources/pango/1.28/}
 EXTRACT_SUFX=		.tar.bz2
diff --git a/devel/pango/distinfo b/devel/pango/distinfo
index ce77e39f461..f2918fe828f 100644
--- a/devel/pango/distinfo
+++ b/devel/pango/distinfo
@@ -1,7 +1,9 @@
-$NetBSD: distinfo,v 1.86 2010/10/16 18:00:02 wiz Exp $
+$NetBSD: distinfo,v 1.86.2.1 2011/03/05 17:58:14 spz Exp $
 
 SHA1 (pango-1.28.3.tar.bz2) = e72887d6e147b9abf54628c003836e61d97767a1
 RMD160 (pango-1.28.3.tar.bz2) = cdfd6d695b169e15801956fbfd54438c109f7a61
 Size (pango-1.28.3.tar.bz2) = 1509501 bytes
 SHA1 (patch-aa) = 1a87d055dc722eff28517a11d0832ae19df5eb59
 SHA1 (patch-ab) = 12c09b12ba31be19fa0d602f89909811e6221bd8
+SHA1 (patch-ac) = 349eaf578f26e9d55df01c736951f27cd70a89fc
+SHA1 (patch-ad) = 135fda8c8ff2e37f048374b1840291f7d2f6369f
diff --git a/devel/pango/patches/patch-ac b/devel/pango/patches/patch-ac
new file mode 100644
index 00000000000..7d16a940d42
--- /dev/null
+++ b/devel/pango/patches/patch-ac
@@ -0,0 +1,15 @@
+$NetBSD: patch-ac,v 1.15.2.2 2011/03/05 17:58:14 spz Exp $
+
+https://bugzilla.gnome.org/show_bug.cgi?id=636348
+
+--- pango/pangocairo-font.c.orig	2010-07-01 14:00:29.000000000 +0000
++++ pango/pangocairo-font.c
+@@ -433,6 +433,8 @@ _pango_cairo_font_private_get_hex_box_in
+   pango_ctm.x0 = cairo_ctm.x0;
+   pango_ctm.y0 = cairo_ctm.y0;
+ 
++  size /= pango_matrix_get_font_scale_factor (&pango_ctm);
++
+   if (is_hinted)
+     {
+       /* prepare for some hinting */
diff --git a/devel/pango/patches/patch-ad b/devel/pango/patches/patch-ad
new file mode 100644
index 00000000000..94750f2648e
--- /dev/null
+++ b/devel/pango/patches/patch-ad
@@ -0,0 +1,44 @@
+$NetBSD: patch-ad,v 1.12.2.2 2011/03/05 17:58:14 spz Exp $
+
+https://bugzilla.gnome.org/show_bug.cgi?id=639882
+
+--- pango/pangoft2-render.c.orig	2010-02-09 12:06:28.000000000 +0000
++++ pango/pangoft2-render.c
+@@ -121,9 +121,14 @@ pango_ft2_font_render_box_glyph (int    
+ 
+   box->bitmap.width = width;
+   box->bitmap.rows = height;
+-  box->bitmap.pitch = height;
++  box->bitmap.pitch = width;
+ 
+-  box->bitmap.buffer = g_malloc0 (box->bitmap.rows * box->bitmap.pitch);
++  box->bitmap.buffer = g_malloc0_n (box->bitmap.rows, box->bitmap.pitch);
++
++  if (G_UNLIKELY (!box->bitmap.buffer)) {
++    g_slice_free (PangoFT2RenderedGlyph, box);
++    return NULL;
++  }
+ 
+   /* draw the box */
+   for (j = 0; j < line_width; j++)
+@@ -226,6 +231,11 @@ pango_ft2_font_render_glyph (PangoFont *
+       rendered->bitmap_left = face->glyph->bitmap_left;
+       rendered->bitmap_top = face->glyph->bitmap_top;
+ 
++      if (G_UNLIKELY (!rendered->bitmap.buffer)) {
++        g_slice_free (PangoFT2RenderedGlyph, rendered);
++	return NULL;
++      }
++
+       return rendered;
+     }
+   else
+@@ -276,6 +286,8 @@ pango_ft2_renderer_draw_glyph (PangoRend
+   if (rendered_glyph == NULL)
+     {
+       rendered_glyph = pango_ft2_font_render_glyph (font, glyph);
++      if (rendered_glyph == NULL)
++        return;
+       add_glyph_to_cache = TRUE;
+     }
+
author	spz <spz>	2011-03-05 17:58:14 +0000
committer	spz <spz>	2011-03-05 17:58:14 +0000
commit	9eb1ced616e1ea0392e447ae5aab9131e8f01e5d (patch)
tree	762337e09770c88903455c19a321b28d3c6e8173
parent	295f9ae8a12e0e035af5b838cd359f3499aab59e (diff)
download	pkgsrc-9eb1ced616e1ea0392e447ae5aab9131e8f01e5d.tar.gz