diff options
| author | drochner <drochner> | 2012-11-05 12:41:48 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2012-11-05 12:41:48 +0000 |
| commit | a9edf40b382603a29e12df01ad2024f8d40a2f05 (patch) | |
| tree | eb18400398639fba22e2f1df6b261bcd6f598c57 | |
| parent | bca24ea0404049496237d5fa3d8b5d9cc3c472de (diff) | |
| download | pkgsrc-a9edf40b382603a29e12df01ad2024f8d40a2f05.tar.gz | |
add patch from Redhat bug #871700 to fix a possible buffer overflow
due to integer overflow in the ppm2tiff cmd line tool (CVE-2012-4564)
bump PKGREV
| -rw-r--r-- | graphics/tiff/Makefile | 3 | ||||
| -rw-r--r-- | graphics/tiff/distinfo | 3 | ||||
| -rw-r--r-- | graphics/tiff/patches/patch-CVE-2012-4564 | 33 |
3 files changed, 37 insertions, 2 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile index 3f7b7203f49..bc371543a68 100644 --- a/graphics/tiff/Makefile +++ b/graphics/tiff/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.108 2012/10/06 14:11:23 asau Exp $ +# $NetBSD: Makefile,v 1.109 2012/11/05 12:41:48 drochner Exp $ DISTNAME= tiff-4.0.3 +PKGREVISION= 1 CATEGORIES= graphics MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \ http://libtiff.maptools.org/dl/ diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo index 26ebe626b99..b74a06ffef1 100644 --- a/graphics/tiff/distinfo +++ b/graphics/tiff/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.58 2012/10/01 18:11:30 adam Exp $ +$NetBSD: distinfo,v 1.59 2012/11/05 12:41:48 drochner Exp $ SHA1 (tiff-4.0.3.tar.gz) = 652e97b78f1444237a82cbcfe014310e776eb6f0 RMD160 (tiff-4.0.3.tar.gz) = eacd725fb3c299682c1c2e508049d98acd170f31 Size (tiff-4.0.3.tar.gz) = 2051630 bytes +SHA1 (patch-CVE-2012-4564) = bda3b26e431e8234e5afd984a086c980a8eb6c41 SHA1 (patch-configure) = 1fb9ef790a59ac9c1396dd8e962c75946e2c998a diff --git a/graphics/tiff/patches/patch-CVE-2012-4564 b/graphics/tiff/patches/patch-CVE-2012-4564 new file mode 100644 index 00000000000..fe5a551ac75 --- /dev/null +++ b/graphics/tiff/patches/patch-CVE-2012-4564 @@ -0,0 +1,33 @@ +$NetBSD: patch-CVE-2012-4564,v 1.1 2012/11/05 12:41:48 drochner Exp $ + +see https://bugzilla.redhat.com/show_bug.cgi?id=871700 + +--- tools/ppm2tiff.c.orig 2010-04-10 19:22:34.000000000 +0000 ++++ tools/ppm2tiff.c +@@ -89,6 +89,7 @@ main(int argc, char* argv[]) + int c; + extern int optind; + extern char* optarg; ++ tmsize_t scanline_size; + + if (argc < 2) { + fprintf(stderr, "%s: Too few arguments\n", argv[0]); +@@ -237,8 +238,16 @@ main(int argc, char* argv[]) + } + if (TIFFScanlineSize(out) > linebytes) + buf = (unsigned char *)_TIFFmalloc(linebytes); +- else +- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); ++ else { ++ scanline_size = TIFFScanlineSize(out); ++ if (scanline_size != 0) ++ buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); ++ else { ++ fprintf(stderr, "%s: scanline size overflow\n",infile); ++ (void) TIFFClose(out); ++ exit(-2); ++ } ++ } + if (resolution > 0) { + TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution); + TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution); |