diff options
| author | drochner <drochner> | 2009-06-22 14:54:44 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2009-06-22 14:54:44 +0000 |
| commit | 00ae9da586e0e1454b6c1d36c2411704ab8b79fa (patch) | |
| tree | a66951fd0359720702be1d4b3e159c9603b6ff9a /graphics | |
| parent | 00aa0a55c81a99249dc51a4bcf04fc2704ce0b10 (diff) | |
| download | pkgsrc-00ae9da586e0e1454b6c1d36c2411704ab8b79fa.tar.gz | |
add a patch from upstream
(http://bugzilla.maptools.org/show_bug.cgi?id=2065)
to fix a buffer underflow which can cause DOS or system access
(SA35515)
bump PKGREVISION
Diffstat (limited to 'graphics')
| -rw-r--r-- | graphics/tiff/Makefile | 4 | ||||
| -rw-r--r-- | graphics/tiff/distinfo | 4 | ||||
| -rw-r--r-- | graphics/tiff/patches/patch-ac | 29 |
3 files changed, 27 insertions, 10 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile index 3efccbe88c3..a27ae0d2c7a 100644 --- a/graphics/tiff/Makefile +++ b/graphics/tiff/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.86 2008/08/30 08:12:45 tron Exp $ +# $NetBSD: Makefile,v 1.87 2009/06/22 14:54:44 drochner Exp $ DISTNAME= tiff-3.8.2 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= graphics MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \ http://libtiff.maptools.org/dl/ diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo index 122c32ebbcf..9f2242ce614 100644 --- a/graphics/tiff/distinfo +++ b/graphics/tiff/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.41 2008/08/30 08:12:45 tron Exp $ +$NetBSD: distinfo,v 1.42 2009/06/22 14:54:44 drochner Exp $ SHA1 (tiff-3.8.2.tar.gz) = 549e67b6a15b42bfcd72fe17cda7c9a198a393eb RMD160 (tiff-3.8.2.tar.gz) = 1b4d825e3be08764e953fc58246d0c25ab4dd17d Size (tiff-3.8.2.tar.gz) = 1336295 bytes SHA1 (patch-aa) = edac79a6f3b61e9fc787fe14f750d88023a29bfa SHA1 (patch-ab) = b517cb8bc2212d3e6c5a70db1bdf45b85b78fc72 -SHA1 (patch-ac) = 14a6651b51c788a7e75666fbf9ead2415748a610 +SHA1 (patch-ac) = 24bb2d78d63df7f02d128c7dc6a4c8db50fac891 SHA1 (patch-at) = 4006ed90f6ab88aff30e2537d613a1b44b5c7347 SHA1 (patch-au) = c53ed7521c3918081526ad63cd0c1c45c9a0b9ff SHA1 (patch-av) = 38852ef5028f6c0ad7a3e5497248f264f0cb7366 diff --git a/graphics/tiff/patches/patch-ac b/graphics/tiff/patches/patch-ac index 56038e96193..cfaf3baa152 100644 --- a/graphics/tiff/patches/patch-ac +++ b/graphics/tiff/patches/patch-ac @@ -1,8 +1,8 @@ -$NetBSD: patch-ac,v 1.19 2008/08/30 08:12:45 tron Exp $ +$NetBSD: patch-ac,v 1.20 2009/06/22 14:54:44 drochner Exp $ ---- libtiff/tif_lzw.c.orig 2006-03-21 16:42:50.000000000 +0000 -+++ libtiff/tif_lzw.c 2008-08-30 09:03:37.000000000 +0100 -@@ -237,6 +237,13 @@ +--- libtiff/tif_lzw.c.orig 2006-03-21 17:42:50.000000000 +0100 ++++ libtiff/tif_lzw.c +@@ -237,6 +237,13 @@ LZWSetupDecode(TIFF* tif) sp->dec_codetab[code].length = 1; sp->dec_codetab[code].next = NULL; } while (code--); @@ -16,7 +16,7 @@ $NetBSD: patch-ac,v 1.19 2008/08/30 08:12:45 tron Exp $ } return (1); } -@@ -408,12 +415,20 @@ +@@ -408,12 +415,20 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize break; if (code == CODE_CLEAR) { free_entp = sp->dec_codetab + CODE_FIRST; @@ -37,7 +37,7 @@ $NetBSD: patch-ac,v 1.19 2008/08/30 08:12:45 tron Exp $ *op++ = (char)code, occ--; oldcodep = sp->dec_codetab + code; continue; -@@ -604,12 +619,20 @@ +@@ -604,12 +619,20 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0, break; if (code == CODE_CLEAR) { free_entp = sp->dec_codetab + CODE_FIRST; @@ -58,3 +58,20 @@ $NetBSD: patch-ac,v 1.19 2008/08/30 08:12:45 tron Exp $ *op++ = code, occ--; oldcodep = sp->dec_codetab + code; continue; +@@ -647,6 +670,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0, + } + oldcodep = codep; + if (code >= 256) { ++ char *op_orig = op; + /* + * Code maps to a string, copy string + * value to output (written in reverse). +@@ -681,7 +705,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0, + tp = op; + do { + *--tp = codep->value; +- } while( (codep = codep->next) != NULL); ++ } while( (codep = codep->next) != NULL && tp > op_orig); + } else + *op++ = code, occ--; + } |