diff options
| author | drochner <drochner@pkgsrc.org> | 2008-02-08 12:33:31 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2008-02-08 12:33:31 +0000 |
| commit | 80fd9f3d62ab4265d15fd8ab8b0b692da20980b4 (patch) | |
| tree | d713856e81fb0530cc7ff7ec46bc6057a64f8567 /graphics/SDL_image | |
| parent | 518772d5b9ea2cae6ecfb659fec46a1be66f7c0b (diff) | |
| download | pkgsrc-80fd9f3d62ab4265d15fd8ab8b0b692da20980b4.tar.gz | |
add a patch from upstream CVS to fix buffer overflow (CVE-2008-0544),
bump PKGREVISION
Diffstat (limited to 'graphics/SDL_image')
| -rw-r--r-- | graphics/SDL_image/Makefile | 3 | ||||
| -rw-r--r-- | graphics/SDL_image/distinfo | 3 | ||||
| -rw-r--r-- | graphics/SDL_image/patches/patch-aa | 30 |
3 files changed, 34 insertions, 2 deletions
diff --git a/graphics/SDL_image/Makefile b/graphics/SDL_image/Makefile index aeb9f707364..b075e7285d2 100644 --- a/graphics/SDL_image/Makefile +++ b/graphics/SDL_image/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.28 2007/07/25 23:53:58 wiz Exp $ +# $NetBSD: Makefile,v 1.29 2008/02/08 12:33:31 drochner Exp $ DISTNAME= SDL_image-1.2.6 +PKGREVISION= 1 CATEGORIES= graphics devel MASTER_SITES= http://www.libsdl.org/projects/SDL_image/release/ diff --git a/graphics/SDL_image/distinfo b/graphics/SDL_image/distinfo index 11e1830eb49..d55f2adc284 100644 --- a/graphics/SDL_image/distinfo +++ b/graphics/SDL_image/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.6 2007/07/25 23:53:58 wiz Exp $ +$NetBSD: distinfo,v 1.7 2008/02/08 12:33:31 drochner Exp $ SHA1 (SDL_image-1.2.6.tar.gz) = 5045df31e4db29d8890110fd18024c9d08efca30 RMD160 (SDL_image-1.2.6.tar.gz) = 8aea5f07216eb887f599c0908f8ea2c2f9eeac93 Size (SDL_image-1.2.6.tar.gz) = 1308812 bytes +SHA1 (patch-aa) = eb852fd3c7218fe257ca40a6e90c81ec13dcaeb1 diff --git a/graphics/SDL_image/patches/patch-aa b/graphics/SDL_image/patches/patch-aa new file mode 100644 index 00000000000..aad2dcc3650 --- /dev/null +++ b/graphics/SDL_image/patches/patch-aa @@ -0,0 +1,30 @@ +$NetBSD: patch-aa,v 1.1 2008/02/08 12:33:31 drochner Exp $ + +--- IMG_lbm.c.orig 2007-07-20 06:36:32.000000000 +0200 ++++ IMG_lbm.c +@@ -28,6 +28,7 @@ + EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain + (http://www.multimania.com/mavati) in December 2003. + Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004. ++ Buffer overflow fix in RLE decompression by David Raulo in January 2008. + */ + + #include <stdio.h> +@@ -328,7 +329,7 @@ SDL_Surface *IMG_LoadLBM_RW( SDL_RWops * + count ^= 0xFF; + count += 2; /* now it */ + +- if ( !SDL_RWread( src, &color, 1, 1 ) ) ++ if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) ) + { + error="error reading BODY chunk"; + goto done; +@@ -339,7 +340,7 @@ SDL_Surface *IMG_LoadLBM_RW( SDL_RWops * + { + ++count; + +- if ( !SDL_RWread( src, ptr, count, 1 ) ) ++ if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) ) + { + error="error reading BODY chunk"; + goto done; |