Pullup ticket #3803 - requested by he

graphics/gdk-pixbuf: security patch

Revisions pulled up:
- graphics/gdk-pixbuf/Makefile                                  1.45
- graphics/gdk-pixbuf/distinfo                                  1.23
- graphics/gdk-pixbuf/patches/patch-ao                          1.1

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Fri May 25 08:29:36 UTC 2012

   Modified Files:
   	pkgsrc/graphics/gdk-pixbuf: Makefile distinfo

   Log Message:
   Add fix for http://secunia.com/advisories/49125/, taken from
   http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
   Bump pkgrevision.

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Fri May 25 08:31:35 UTC 2012

   Added Files:
   	pkgsrc/graphics/gdk-pixbuf/patches: patch-ao

   Log Message:
   Add fix for http://secunia.com/advisories/49125/, taken from
   http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.

3 files changed, 39 insertions, 3 deletions

diff --git a/graphics/gdk-pixbuf/Makefile b/graphics/gdk-pixbuf/Makefile
index 82a2d0607cf..87be405e1fe 100644
--- a/graphics/gdk-pixbuf/Makefile
+++ b/graphics/gdk-pixbuf/Makefile
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.44 2012/02/06 12:40:22 wiz Exp $
+# $NetBSD: Makefile,v 1.44.2.1 2012/05/25 15:31:58 tron Exp $
 #
 PKG_DESTDIR_SUPPORT=	user-destdir
 
 .include "Makefile.common"
 
-PKGREVISION=	16
+PKGREVISION=	17
 COMMENT=	The GNOME image loading library
 
 # XXX hopefully there is no x.gnome-config.x in PATH
diff --git a/graphics/gdk-pixbuf/distinfo b/graphics/gdk-pixbuf/distinfo
index 4be85736805..f5d6087196c 100644
--- a/graphics/gdk-pixbuf/distinfo
+++ b/graphics/gdk-pixbuf/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.22 2011/08/03 10:01:25 drochner Exp $
+$NetBSD: distinfo,v 1.22.6.1 2012/05/25 15:31:58 tron Exp $
 
 SHA1 (gdk-pixbuf-0.22.0.tar.bz2) = 495324afb5abebc14567ffd5a6cd72333bcc7f5b
 RMD160 (gdk-pixbuf-0.22.0.tar.bz2) = 0e56a0f883fd8e3fb4d49b9a38f984b95cd96ece
@@ -17,3 +17,4 @@ SHA1 (patch-ak) = 123b32f70b0feb91bb3e0c2ca8e705ff2ae381bf
 SHA1 (patch-al) = cf05f283c7676c9fa51b822f5ced66524dfa487e
 SHA1 (patch-am) = 44180cb58cba4b5cc5663acc0215978001f82fa0
 SHA1 (patch-an) = ec341ab166c5ce98d1d0ba13b676646af50f7038
+SHA1 (patch-ao) = c4d76635d1a79ede36dfa9f11e4dc0922b1f461a
diff --git a/graphics/gdk-pixbuf/patches/patch-ao b/graphics/gdk-pixbuf/patches/patch-ao
new file mode 100644
index 00000000000..a7ae35ce1b4
--- /dev/null
+++ b/graphics/gdk-pixbuf/patches/patch-ao
@@ -0,0 +1,35 @@
+$NetBSD: patch-ao,v 1.1.2.2 2012/05/25 15:31:58 tron Exp $
+
+Add fix for http://secunia.com/advisories/49125/, taken from
+http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
+
+--- gdk-pixbuf/io-xbm.c.orig	2001-01-21 04:13:40.000000000 +0000
++++ gdk-pixbuf/io-xbm.c
+@@ -177,10 +177,16 @@ read_bitmap_file_data (FILE *fstream,
+ 				type++;
+ 			}
+ 
+-			if (!strcmp ("width", type))
++			if (!strcmp ("width", type)) {
++				if (value <= 0)
++					RETURN (FALSE);
+ 				ww = (unsigned int) value;
+-			if (!strcmp ("height", type))
++			}
++			if (!strcmp ("height", type)) {
++				if (value <= 0)
++					RETURN (FALSE);
+ 				hh = (unsigned int) value;
++			}
+ 			if (!strcmp ("hot", type)) {
+ 				if (type-- == name_and_type
+ 				    || type-- == name_and_type)
+@@ -221,6 +227,8 @@ read_bitmap_file_data (FILE *fstream,
+ 		bytes_per_line = (ww+7)/8 + padding;
+ 
+ 		size = bytes_per_line * hh;
++		if (size / bytes_per_line != hh) /* overflow */
++			RETURN (FALSE);
+ 		bits = g_malloc (size);
+ 
+ 		if (version10p) {