summaryrefslogtreecommitdiff
path: root/graphics/jbigkit
diff options
context:
space:
mode:
authorwiz <wiz@pkgsrc.org>2020-08-03 21:34:06 +0000
committerwiz <wiz@pkgsrc.org>2020-08-03 21:34:06 +0000
commitf0e157985218f8e33a706d2a144649e9ef61ebb6 (patch)
tree510f9d79b71d0160fb1294075441ad8f598dd12b /graphics/jbigkit
parent386338b093518a96a41cbb8582869f93e04f8b02 (diff)
downloadpkgsrc-f0e157985218f8e33a706d2a144649e9ef61ebb6.tar.gz
jbigkit: fix CVE-2017-9937 using upstream commit
See e.g. https://gitlab.com/libtiff/libtiff/-/issues/97 Bump PKGREVISION.
Diffstat (limited to 'graphics/jbigkit')
-rw-r--r--graphics/jbigkit/Makefile3
-rw-r--r--graphics/jbigkit/distinfo4
-rw-r--r--graphics/jbigkit/patches/patch-libjbig_jbig.c25
-rw-r--r--graphics/jbigkit/patches/patch-libjbig_jbig.h15
4 files changed, 45 insertions, 2 deletions
diff --git a/graphics/jbigkit/Makefile b/graphics/jbigkit/Makefile
index e5cf11cb330..9d021f18add 100644
--- a/graphics/jbigkit/Makefile
+++ b/graphics/jbigkit/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.8 2020/01/26 17:31:21 rillig Exp $
+# $NetBSD: Makefile,v 1.9 2020/08/03 21:34:06 wiz Exp $
DISTNAME= jbigkit-2.1
+PKGREVISION= 1
CATEGORIES= graphics
MASTER_SITES= http://www.cl.cam.ac.uk/~mgk25/jbigkit/download/
diff --git a/graphics/jbigkit/distinfo b/graphics/jbigkit/distinfo
index 1bf5cdfee34..63f0d2cccf1 100644
--- a/graphics/jbigkit/distinfo
+++ b/graphics/jbigkit/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.7 2017/07/06 13:13:30 wiz Exp $
+$NetBSD: distinfo,v 1.8 2020/08/03 21:34:06 wiz Exp $
SHA1 (jbigkit-2.1.tar.gz) = 4864646df004e8331d19f2fa103ed731fdb6c099
RMD160 (jbigkit-2.1.tar.gz) = 71cc51fce3f65d8d9abf9ff52c29edf5469eb52f
@@ -7,3 +7,5 @@ Size (jbigkit-2.1.tar.gz) = 438710 bytes
SHA1 (patch-Makefile) = 3b5e5814be3f361b1ce5ffdd483e4078b94c4bf6
SHA1 (patch-aa) = 7786ab0be7e718549da37378588a8ba55ef8f187
SHA1 (patch-ab) = 893a3eeb636a92199d3759255b3ebef6d646d01e
+SHA1 (patch-libjbig_jbig.c) = 398c5e8b34f651be1d374dd7641526303231ea3a
+SHA1 (patch-libjbig_jbig.h) = c073578e4da787f51adf9214b31b6ac45734951f
diff --git a/graphics/jbigkit/patches/patch-libjbig_jbig.c b/graphics/jbigkit/patches/patch-libjbig_jbig.c
new file mode 100644
index 00000000000..3828acb302c
--- /dev/null
+++ b/graphics/jbigkit/patches/patch-libjbig_jbig.c
@@ -0,0 +1,25 @@
+$NetBSD: patch-libjbig_jbig.c,v 1.1 2020/08/03 21:34:06 wiz Exp $
+
+Fix CVE-2019-9937 using upstream commit bc3293299bc4981e83b7f37f3615a6b9b27b6837
+
+--- libjbig/jbig.c.orig 2014-03-27 18:47:15.000000000 +0000
++++ libjbig/jbig.c
+@@ -2051,6 +2051,7 @@ void jbg_dec_init(struct jbg_dec_state *
+ s->xmax = 4294967295UL;
+ s->ymax = 4294967295UL;
+ s->dmax = 256;
++ s->maxmem = 2000000000; /* no final image larger than 2 GB by default */
+ s->s = NULL;
+
+ return;
+@@ -2640,6 +2641,10 @@ int jbg_dec_in(struct jbg_dec_state *s,
+ return JBG_EIMPL | 5;
+ s->options = s->buffer[19];
+
++ /* will the final image require more bytes than permitted by s->maxmem? */
++ if (s->maxmem / s->planes / s->yd / jbg_ceil_half(s->xd, 3) == 0)
++ return JBG_ENOMEM; /* increase s->maxmem if needed */
++
+ /* calculate number of stripes that will be required */
+ s->stripes = jbg_stripes(s->l0, s->yd, s->d);
+
diff --git a/graphics/jbigkit/patches/patch-libjbig_jbig.h b/graphics/jbigkit/patches/patch-libjbig_jbig.h
new file mode 100644
index 00000000000..0ff272d4f34
--- /dev/null
+++ b/graphics/jbigkit/patches/patch-libjbig_jbig.h
@@ -0,0 +1,15 @@
+$NetBSD: patch-libjbig_jbig.h,v 1.1 2020/08/03 21:34:06 wiz Exp $
+
+Fix CVE-2019-9937 using upstream commit bc3293299bc4981e83b7f37f3615a6b9b27b6837
+
+--- libjbig/jbig.h.orig 2014-03-27 18:47:15.000000000 +0000
++++ libjbig/jbig.h
+@@ -181,6 +181,8 @@ struct jbg_dec_state {
+ unsigned long xmax, ymax; /* if possible abort before image gets *
+ * larger than this size */
+ int dmax; /* abort after this layer */
++ size_t maxmem; /* return JBG_ENOMEM if final image layer D
++ would require more than maxmem bytes */
+ };
+
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-06 20:35:13 +0000