summaryrefslogtreecommitdiff
path: root/graphics
diff options
context:
space:
mode:
authoradrianp <adrianp@pkgsrc.org>2006-09-23 14:59:34 +0000
committeradrianp <adrianp@pkgsrc.org>2006-09-23 14:59:34 +0000
commitd7ad620d50dbcf14fb14fd029c037b6977e353ec (patch)
tree3e4354a61047f1846a0af05d069c0fd225fc1a02 /graphics
parenta8051c6c8e26c2a6af18494dfed1b4c1bac8c0d1 (diff)
downloadpkgsrc-d7ad620d50dbcf14fb14fd029c037b6977e353ec.tar.gz
Fix for CVE-2006-1060 via Gentoo
Bump to nb3
Diffstat (limited to 'graphics')
-rw-r--r--graphics/xzgv/Makefile4
-rw-r--r--graphics/xzgv/distinfo9
-rw-r--r--graphics/xzgv/patches/patch-ac82
3 files changed, 89 insertions, 6 deletions
diff --git a/graphics/xzgv/Makefile b/graphics/xzgv/Makefile
index 0c60c0f89f6..ac2796b98f7 100644
--- a/graphics/xzgv/Makefile
+++ b/graphics/xzgv/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.34 2006/04/17 13:46:37 wiz Exp $
+# $NetBSD: Makefile,v 1.35 2006/09/23 14:59:34 adrianp Exp $
DISTNAME= xzgv-0.8
PKGNAME= xzgv-0.8.0.1
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.ibiblio.org/pub/Linux/apps/graphics/viewers/X/
diff --git a/graphics/xzgv/distinfo b/graphics/xzgv/distinfo
index e35b000d6cf..fcd495366de 100644
--- a/graphics/xzgv/distinfo
+++ b/graphics/xzgv/distinfo
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.8 2005/02/24 08:45:15 agc Exp $
+$NetBSD: distinfo,v 1.9 2006/09/23 14:59:34 adrianp Exp $
-SHA1 (xzgv-0.8.tar.gz) = 1aa21336e2562849e6f5f984cbbfcb745489df3b
-RMD160 (xzgv-0.8.tar.gz) = e36466a73c27616610fd032b3a92898d95a55a17
-Size (xzgv-0.8.tar.gz) = 302801 bytes
SHA1 (xzgv-0.8-integer-overflow-fix.diff) = b18dfdaafe295e2c42764f59784b6b6201b489ea
RMD160 (xzgv-0.8-integer-overflow-fix.diff) = bd75c87cf6f20e4fa2757afe472111e2253cb640
Size (xzgv-0.8-integer-overflow-fix.diff) = 6374 bytes
+SHA1 (xzgv-0.8.tar.gz) = 1aa21336e2562849e6f5f984cbbfcb745489df3b
+RMD160 (xzgv-0.8.tar.gz) = e36466a73c27616610fd032b3a92898d95a55a17
+Size (xzgv-0.8.tar.gz) = 302801 bytes
SHA1 (patch-aa) = 7a0d6e6b24d788fb9cf45967e4c3b434c621def3
SHA1 (patch-ab) = cf4c746e3c4b9ac3a5968211a8f2c0b69d43bc99
+SHA1 (patch-ac) = 3a67b625b6eabd0c6e2399fb0a59fde4460d3893
diff --git a/graphics/xzgv/patches/patch-ac b/graphics/xzgv/patches/patch-ac
new file mode 100644
index 00000000000..c7e23180c08
--- /dev/null
+++ b/graphics/xzgv/patches/patch-ac
@@ -0,0 +1,82 @@
+$NetBSD: patch-ac,v 1.3 2006/09/23 14:59:34 adrianp Exp $
+
+--- src/readjpeg.c.orig 2006-09-23 15:52:41.000000000 +0100
++++ src/readjpeg.c
+@@ -179,11 +179,13 @@ static unsigned char **lineptrs;
+ static int have_image;
+ static int width,height;
+ static unsigned char *image;
++static int cmyk;
+ unsigned char *ptr,*ptr2;
+ int chkw,chkh;
+ int f,rec;
+ static int greyscale; /* static to satisfy gcc -Wall */
+
++cmyk=0;
+ greyscale=0;
+
+ lineptrs=NULL;
+@@ -225,6 +227,15 @@ if(cinfo.jpeg_color_space==JCS_GRAYSCALE
+ greyscale=1;
+ }
+
++if(cinfo.jpeg_color_space==JCS_CMYK)
++ cmyk=1;
++
++if(cinfo.jpeg_color_space==JCS_YCCK)
++ {
++ cmyk=1;
++ cinfo.out_color_space=JCS_CMYK;
++ }
++
+ *wp=width=cinfo.image_width;
+ *hp=height=cinfo.image_height;
+
+@@ -266,7 +277,7 @@ if(!careful_jpeg)
+ /* this one shouldn't hurt */
+ cinfo.do_block_smoothing=FALSE;
+
+-if(WH_BAD(width,height) || (*imagep=image=malloc(width*height*3))==NULL)
++if(WH_BAD(width,height) || (*imagep=image=malloc(width*(height+cmyk)*3))==NULL)
+ longjmp(jerr.setjmp_buffer,1);
+
+ jpeg_start_decompress(&cinfo);
+@@ -279,12 +290,33 @@ ptr=image+width*2*greyscale; /* put data
+ for(f=0;f<height;f++,ptr+=width*3)
+ lineptrs[f]=ptr;
+
+-rec=cinfo.rec_outbuf_height;
+-while(cinfo.output_scanline<height)
++if(!cmyk)
+ {
+- f=height-cinfo.output_scanline;
+- jpeg_read_scanlines(&cinfo,lineptrs+cinfo.output_scanline,
+- f>rec?rec:f);
++ rec=cinfo.rec_outbuf_height;
++ while(cinfo.output_scanline<height)
++ {
++ f=height-cinfo.output_scanline;
++ jpeg_read_scanlines(&cinfo,lineptrs+cinfo.output_scanline,
++ f>rec?rec:f);
++ }
++ }
++else /* cmyk output */
++ {
++ int tmp;
++
++ ptr=image;
++ while(cinfo.output_scanline<height)
++ {
++ jpeg_read_scanlines(&cinfo,&ptr,1);
++ ptr2=ptr;
++ for(f=0;f<width;f++,ptr+=3,ptr2+=4)
++ {
++ tmp=ptr2[3];
++ ptr[0]=(tmp*ptr2[0])/255;
++ ptr[1]=(tmp*ptr2[1])/255;
++ ptr[2]=(tmp*ptr2[2])/255;
++ }
++ }
+ }
+
+ free(lineptrs);