Add patch for CVE-2009-3994: buffer overflow in DICOM reader

Bump rev.

3 files changed, 21 insertions, 2 deletions

diff --git a/devel/devIL/Makefile b/devel/devIL/Makefile
index bae58108729..d3b02c60896 100644
--- a/devel/devIL/Makefile
+++ b/devel/devIL/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.23 2009/10/30 20:02:54 joerg Exp $
+# $NetBSD: Makefile,v 1.24 2009/12/15 10:29:35 tnn Exp $
 #
 
 DISTNAME=	DevIL-${DEVIL_VERSION}
 PKGNAME=	${DISTNAME:S/D/d/}
+PKGREVISION=	1
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=openil/}
 
diff --git a/devel/devIL/distinfo b/devel/devIL/distinfo
index 2e85ccda76c..5144bf0e295 100644
--- a/devel/devIL/distinfo
+++ b/devel/devIL/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.5 2009/10/30 20:02:54 joerg Exp $
+$NetBSD: distinfo,v 1.6 2009/12/15 10:29:35 tnn Exp $
 
 SHA1 (DevIL-1.7.8.tar.gz) = bc27e3e830ba666a3af03548789700d10561fcb1
 RMD160 (DevIL-1.7.8.tar.gz) = a3cdb14fcca5e75ada240a53cbdc3e749a759da5
 Size (DevIL-1.7.8.tar.gz) = 2051993 bytes
 SHA1 (patch-aa) = 2784234ee79ada44f04219c5f49d5ea2c9e6bf4c
+SHA1 (patch-ab) = 995f402fa98cbfe96d43b98f6c409e484a53bf09
diff --git a/devel/devIL/patches/patch-ab b/devel/devIL/patches/patch-ab
new file mode 100644
index 00000000000..ef124ded2af
--- /dev/null
+++ b/devel/devIL/patches/patch-ab
@@ -0,0 +1,17 @@
+$NetBSD: patch-ab,v 1.1 2009/12/15 10:29:35 tnn Exp $
+
+--- src-IL/src/il_dicom.c.orig	2009-03-08 07:10:09.000000000 +0000
++++ src-IL/src/il_dicom.c
+@@ -427,9 +427,11 @@ ILboolean GetUID(ILubyte *UID)
+ 		return IL_FALSE;
+ 
+ 	ValLen = GetLittleUShort();
++	if (ValLen > 64)
++		return IL_FALSE;
+ 	if (iread(UID, ValLen, 1) != 1)
+ 		return IL_FALSE;
+-	UID[64] = 0;  // Just to make sure that our string is terminated.
++	UID[ValLen] = 0;  // Just to make sure that our string is terminated.
+ 
+ 	return IL_TRUE;
+ }