diff options
author | drochner <drochner> | 2011-03-31 11:08:29 +0000 |
---|---|---|
committer | drochner <drochner> | 2011-03-31 11:08:29 +0000 |
commit | b59c085264648db920014fea5fe9f96bc937e20c (patch) | |
tree | a484dd19006bcadc114da1bd96a6c940a247f83f /geography/gdal-lib | |
parent | 18450de3b6c2f39941b5d6ee2d42489f92151b39 (diff) | |
download | pkgsrc-b59c085264648db920014fea5fe9f96bc937e20c.tar.gz |
copy patch from graphics/tiff for CVE-2011-1167 (don't know whether
this code is used here, but anyway), ride on last night's revbump
Diffstat (limited to 'geography/gdal-lib')
-rw-r--r-- | geography/gdal-lib/distinfo | 3 | ||||
-rw-r--r-- | geography/gdal-lib/patches/patch-CVE-2011-1167 | 72 |
2 files changed, 74 insertions, 1 deletions
diff --git a/geography/gdal-lib/distinfo b/geography/gdal-lib/distinfo index a006c57878d..bc64ff34e35 100644 --- a/geography/gdal-lib/distinfo +++ b/geography/gdal-lib/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.15 2011/03/30 18:39:05 drochner Exp $ +$NetBSD: distinfo,v 1.16 2011/03/31 11:08:29 drochner Exp $ SHA1 (gdal-1.8.0.tar.gz) = e5a2802933054050c6fb0b0a0e1f46b5dd195b0a RMD160 (gdal-1.8.0.tar.gz) = 0e116f41b23ff5b44c692f56459facab332c6201 Size (gdal-1.8.0.tar.gz) = 8837824 bytes +SHA1 (patch-CVE-2011-1167) = e402a72a244b8778dc0c445d6c38f7aa1d36cdb6 SHA1 (patch-SA43593) = 896b39c25d819e40c8d774ae6a04653df1645eea SHA1 (patch-ab) = 2d13b396a79883d41751148762ad10839e6e18dc diff --git a/geography/gdal-lib/patches/patch-CVE-2011-1167 b/geography/gdal-lib/patches/patch-CVE-2011-1167 new file mode 100644 index 00000000000..1887d3cad35 --- /dev/null +++ b/geography/gdal-lib/patches/patch-CVE-2011-1167 @@ -0,0 +1,72 @@ +$NetBSD: patch-CVE-2011-1167,v 1.1 2011/03/31 11:08:29 drochner Exp $ + +--- frmts/gtiff/libtiff/tif_thunder.c.orig 2011-01-14 05:19:04.000000000 +0000 ++++ frmts/gtiff/libtiff/tif_thunder.c +@@ -25,6 +25,7 @@ + */ + + #include "tiffiop.h" ++#include <assert.h> + #ifdef THUNDER_SUPPORT + /* + * TIFF Library. +@@ -55,15 +56,35 @@ + static const int twobitdeltas[4] = { 0, 1, 0, -1 }; + static const int threebitdeltas[8] = { 0, 1, 2, 3, 0, -3, -2, -1 }; + +-#define SETPIXEL(op, v) { \ +- lastpixel = (v) & 0xf; \ +- if (npixels++ & 1) \ +- *op++ |= lastpixel; \ +- else \ +- op[0] = (uint8) (lastpixel << 4); \ ++#define SETPIXEL(op, v) { \ ++ lastpixel = (v) & 0xf; \ ++ if ( npixels < maxpixels ) \ ++ { \ ++ if (npixels++ & 1) \ ++ *op++ |= lastpixel; \ ++ else \ ++ op[0] = (uint8) (lastpixel << 4); \ ++ } \ + } + + static int ++ThunderSetupDecode(TIFF* tif) ++{ ++ static const char module[] = "ThunderSetupDecode"; ++ ++ if( tif->tif_dir.td_bitspersample != 4 ) ++ { ++ TIFFErrorExt(tif->tif_clientdata, module, ++ "Wrong bitspersample value (%d), Thunder decoder only supports 4bits per sample.", ++ (int) tif->tif_dir.td_bitspersample ); ++ return 0; ++ } ++ ++ ++ return (1); ++ } ++ ++static int + ThunderDecode(TIFF* tif, uint8* op, tmsize_t maxpixels) + { + static const char module[] = "ThunderDecode"; +@@ -160,7 +181,8 @@ ThunderDecodeRow(TIFF* tif, uint8* buf, + occ -= tif->tif_scanlinesize; + row += tif->tif_scanlinesize; + } +- return (1); ++ ++ return (1); + } + + int +@@ -169,6 +191,7 @@ TIFFInitThunderScan(TIFF* tif, int schem + (void) scheme; + tif->tif_decoderow = ThunderDecodeRow; + tif->tif_decodestrip = ThunderDecodeRow; ++ tif->tif_setupdecode = ThunderSetupDecode; + return (1); + } + #endif /* THUNDER_SUPPORT */ |