summaryrefslogtreecommitdiff
path: root/graphics
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2012-11-05 12:41:48 +0000
committerdrochner <drochner@pkgsrc.org>2012-11-05 12:41:48 +0000
commit59b571ae70039ff87a81a41aa6841a81534891f7 (patch)
treeeb18400398639fba22e2f1df6b261bcd6f598c57 /graphics
parent26b8fcac293ff93618e875ecb0542ae9b90dad51 (diff)
downloadpkgsrc-59b571ae70039ff87a81a41aa6841a81534891f7.tar.gz
add patch from Redhat bug #871700 to fix a possible buffer overflow
due to integer overflow in the ppm2tiff cmd line tool (CVE-2012-4564) bump PKGREV
Diffstat (limited to 'graphics')
-rw-r--r--graphics/tiff/Makefile3
-rw-r--r--graphics/tiff/distinfo3
-rw-r--r--graphics/tiff/patches/patch-CVE-2012-456433
3 files changed, 37 insertions, 2 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile
index 3f7b7203f49..bc371543a68 100644
--- a/graphics/tiff/Makefile
+++ b/graphics/tiff/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.108 2012/10/06 14:11:23 asau Exp $
+# $NetBSD: Makefile,v 1.109 2012/11/05 12:41:48 drochner Exp $
DISTNAME= tiff-4.0.3
+PKGREVISION= 1
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \
http://libtiff.maptools.org/dl/
diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo
index 26ebe626b99..b74a06ffef1 100644
--- a/graphics/tiff/distinfo
+++ b/graphics/tiff/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.58 2012/10/01 18:11:30 adam Exp $
+$NetBSD: distinfo,v 1.59 2012/11/05 12:41:48 drochner Exp $
SHA1 (tiff-4.0.3.tar.gz) = 652e97b78f1444237a82cbcfe014310e776eb6f0
RMD160 (tiff-4.0.3.tar.gz) = eacd725fb3c299682c1c2e508049d98acd170f31
Size (tiff-4.0.3.tar.gz) = 2051630 bytes
+SHA1 (patch-CVE-2012-4564) = bda3b26e431e8234e5afd984a086c980a8eb6c41
SHA1 (patch-configure) = 1fb9ef790a59ac9c1396dd8e962c75946e2c998a
diff --git a/graphics/tiff/patches/patch-CVE-2012-4564 b/graphics/tiff/patches/patch-CVE-2012-4564
new file mode 100644
index 00000000000..fe5a551ac75
--- /dev/null
+++ b/graphics/tiff/patches/patch-CVE-2012-4564
@@ -0,0 +1,33 @@
+$NetBSD: patch-CVE-2012-4564,v 1.1 2012/11/05 12:41:48 drochner Exp $
+
+see https://bugzilla.redhat.com/show_bug.cgi?id=871700
+
+--- tools/ppm2tiff.c.orig 2010-04-10 19:22:34.000000000 +0000
++++ tools/ppm2tiff.c
+@@ -89,6 +89,7 @@ main(int argc, char* argv[])
+ int c;
+ extern int optind;
+ extern char* optarg;
++ tmsize_t scanline_size;
+
+ if (argc < 2) {
+ fprintf(stderr, "%s: Too few arguments\n", argv[0]);
+@@ -237,8 +238,16 @@ main(int argc, char* argv[])
+ }
+ if (TIFFScanlineSize(out) > linebytes)
+ buf = (unsigned char *)_TIFFmalloc(linebytes);
+- else
+- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++ else {
++ scanline_size = TIFFScanlineSize(out);
++ if (scanline_size != 0)
++ buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++ else {
++ fprintf(stderr, "%s: scanline size overflow\n",infile);
++ (void) TIFFClose(out);
++ exit(-2);
++ }
++ }
+ if (resolution > 0) {
+ TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
+ TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);