diff options
| author | drochner <drochner@pkgsrc.org> | 2011-12-22 16:17:57 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2011-12-22 16:17:57 +0000 |
| commit | 60463f4bdd7e2577f6d4d45e821deb7e78466b53 (patch) | |
| tree | 1f7606f23278a35245d2588a74be95aa09728ad4 /graphics | |
| parent | 66dd74114ed5c7cf5d6b22b3643ef7ca0dc9da68 (diff) | |
| download | pkgsrc-60463f4bdd7e2577f6d4d45e821deb7e78466b53.tar.gz | |
add patches from Redhat to add some input validation and fix a
memory allocation error; both could lead to heap buffer overflows
(CVE-2011-4516, CVE-2011-4517)
bump PKGREV
Diffstat (limited to 'graphics')
| -rw-r--r-- | graphics/jasper/Makefile | 4 | ||||
| -rw-r--r-- | graphics/jasper/distinfo | 4 | ||||
| -rw-r--r-- | graphics/jasper/patches/patch-ai | 26 |
3 files changed, 27 insertions, 7 deletions
diff --git a/graphics/jasper/Makefile b/graphics/jasper/Makefile index ee5aafe5bd0..3a3d3e67b1a 100644 --- a/graphics/jasper/Makefile +++ b/graphics/jasper/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.33 2011/06/21 16:20:51 tez Exp $ +# $NetBSD: Makefile,v 1.34 2011/12/22 16:17:57 drochner Exp $ DISTNAME= jasper-1.900.1 -PKGREVISION= 5 +PKGREVISION= 6 CATEGORIES= graphics MASTER_SITES= http://www.ece.uvic.ca/~mdadams/jasper/software/ EXTRACT_SUFX= .zip diff --git a/graphics/jasper/distinfo b/graphics/jasper/distinfo index 3a070cf1ba3..198b33d582e 100644 --- a/graphics/jasper/distinfo +++ b/graphics/jasper/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.13 2009/11/23 11:53:20 drochner Exp $ +$NetBSD: distinfo,v 1.14 2011/12/22 16:17:57 drochner Exp $ SHA1 (jasper-1.900.1.zip) = 9c5735f773922e580bf98c7c7dfda9bbed4c5191 RMD160 (jasper-1.900.1.zip) = fb2c188abf5b8c297078ac1f913101734f72db5c @@ -7,5 +7,5 @@ SHA1 (patch-ad) = 85637e42cdb1245babd5736c2d039558025738a6 SHA1 (patch-ae) = bfe00f76582a44ad748706c3fc81c4d6b8aede35 SHA1 (patch-ag) = 0a3cf7ffff67001529198c23c3ca2499c71be7fa SHA1 (patch-ah) = 5455854277ad52adb4a22be08219facd796bbf1a -SHA1 (patch-ai) = 000e9e4fe04d7dd4b5982953c39dbbd311487348 +SHA1 (patch-ai) = 39a16368197d180d9d925bc12b9fc1c6985f06f0 SHA1 (patch-aj) = a2f5b3b31220767cd6f22ff236e3789ab6a5ba4f diff --git a/graphics/jasper/patches/patch-ai b/graphics/jasper/patches/patch-ai index faf20a02620..d6b7b451a09 100644 --- a/graphics/jasper/patches/patch-ai +++ b/graphics/jasper/patches/patch-ai @@ -1,8 +1,19 @@ -$NetBSD: patch-ai,v 1.1 2008/03/20 19:58:16 drochner Exp $ +$NetBSD: patch-ai,v 1.2 2011/12/22 16:17:57 drochner Exp $ ---- src/libjasper/jpc/jpc_cs.c.orig 2007-01-19 22:43:07.000000000 +0100 +--- src/libjasper/jpc/jpc_cs.c.orig 2007-01-19 21:43:07.000000000 +0000 +++ src/libjasper/jpc/jpc_cs.c -@@ -982,7 +982,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc +@@ -744,6 +744,10 @@ static int jpc_cox_getcompparms(jpc_ms_t + return -1; + } + compparms->numrlvls = compparms->numdlvls + 1; ++ if (compparms->numrlvls > JPC_MAXRLVLS) { ++ jpc_cox_destroycompparms(compparms); ++ return -1; ++ } + if (prtflag) { + for (i = 0; i < compparms->numrlvls; ++i) { + if (jpc_getuint8(in, &tmp)) { +@@ -982,7 +986,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc compparms->numstepsizes = (len - n) / 2; break; } @@ -14,3 +25,12 @@ $NetBSD: patch-ai,v 1.1 2008/03/20 19:58:16 drochner Exp $ compparms->stepsizes = jas_malloc(compparms->numstepsizes * sizeof(uint_fast16_t)); assert(compparms->stepsizes); +@@ -1328,7 +1335,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms + jpc_crgcomp_t *comp; + uint_fast16_t compno; + crg->numcomps = cstate->numcomps; +- if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(uint_fast16_t)))) { ++ if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(jpc_crgcomp_t)))) { + return -1; + } + for (compno = 0, comp = crg->comps; compno < cstate->numcomps; |