diff options
author | adrianp <adrianp@pkgsrc.org> | 2006-09-23 14:59:34 +0000 |
---|---|---|
committer | adrianp <adrianp@pkgsrc.org> | 2006-09-23 14:59:34 +0000 |
commit | d7ad620d50dbcf14fb14fd029c037b6977e353ec (patch) | |
tree | 3e4354a61047f1846a0af05d069c0fd225fc1a02 /graphics | |
parent | a8051c6c8e26c2a6af18494dfed1b4c1bac8c0d1 (diff) | |
download | pkgsrc-d7ad620d50dbcf14fb14fd029c037b6977e353ec.tar.gz |
Fix for CVE-2006-1060 via Gentoo
Bump to nb3
Diffstat (limited to 'graphics')
-rw-r--r-- | graphics/xzgv/Makefile | 4 | ||||
-rw-r--r-- | graphics/xzgv/distinfo | 9 | ||||
-rw-r--r-- | graphics/xzgv/patches/patch-ac | 82 |
3 files changed, 89 insertions, 6 deletions
diff --git a/graphics/xzgv/Makefile b/graphics/xzgv/Makefile index 0c60c0f89f6..ac2796b98f7 100644 --- a/graphics/xzgv/Makefile +++ b/graphics/xzgv/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.34 2006/04/17 13:46:37 wiz Exp $ +# $NetBSD: Makefile,v 1.35 2006/09/23 14:59:34 adrianp Exp $ DISTNAME= xzgv-0.8 PKGNAME= xzgv-0.8.0.1 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= graphics MASTER_SITES= ftp://ftp.ibiblio.org/pub/Linux/apps/graphics/viewers/X/ diff --git a/graphics/xzgv/distinfo b/graphics/xzgv/distinfo index e35b000d6cf..fcd495366de 100644 --- a/graphics/xzgv/distinfo +++ b/graphics/xzgv/distinfo @@ -1,10 +1,11 @@ -$NetBSD: distinfo,v 1.8 2005/02/24 08:45:15 agc Exp $ +$NetBSD: distinfo,v 1.9 2006/09/23 14:59:34 adrianp Exp $ -SHA1 (xzgv-0.8.tar.gz) = 1aa21336e2562849e6f5f984cbbfcb745489df3b -RMD160 (xzgv-0.8.tar.gz) = e36466a73c27616610fd032b3a92898d95a55a17 -Size (xzgv-0.8.tar.gz) = 302801 bytes SHA1 (xzgv-0.8-integer-overflow-fix.diff) = b18dfdaafe295e2c42764f59784b6b6201b489ea RMD160 (xzgv-0.8-integer-overflow-fix.diff) = bd75c87cf6f20e4fa2757afe472111e2253cb640 Size (xzgv-0.8-integer-overflow-fix.diff) = 6374 bytes +SHA1 (xzgv-0.8.tar.gz) = 1aa21336e2562849e6f5f984cbbfcb745489df3b +RMD160 (xzgv-0.8.tar.gz) = e36466a73c27616610fd032b3a92898d95a55a17 +Size (xzgv-0.8.tar.gz) = 302801 bytes SHA1 (patch-aa) = 7a0d6e6b24d788fb9cf45967e4c3b434c621def3 SHA1 (patch-ab) = cf4c746e3c4b9ac3a5968211a8f2c0b69d43bc99 +SHA1 (patch-ac) = 3a67b625b6eabd0c6e2399fb0a59fde4460d3893 diff --git a/graphics/xzgv/patches/patch-ac b/graphics/xzgv/patches/patch-ac new file mode 100644 index 00000000000..c7e23180c08 --- /dev/null +++ b/graphics/xzgv/patches/patch-ac @@ -0,0 +1,82 @@ +$NetBSD: patch-ac,v 1.3 2006/09/23 14:59:34 adrianp Exp $ + +--- src/readjpeg.c.orig 2006-09-23 15:52:41.000000000 +0100 ++++ src/readjpeg.c +@@ -179,11 +179,13 @@ static unsigned char **lineptrs; + static int have_image; + static int width,height; + static unsigned char *image; ++static int cmyk; + unsigned char *ptr,*ptr2; + int chkw,chkh; + int f,rec; + static int greyscale; /* static to satisfy gcc -Wall */ + ++cmyk=0; + greyscale=0; + + lineptrs=NULL; +@@ -225,6 +227,15 @@ if(cinfo.jpeg_color_space==JCS_GRAYSCALE + greyscale=1; + } + ++if(cinfo.jpeg_color_space==JCS_CMYK) ++ cmyk=1; ++ ++if(cinfo.jpeg_color_space==JCS_YCCK) ++ { ++ cmyk=1; ++ cinfo.out_color_space=JCS_CMYK; ++ } ++ + *wp=width=cinfo.image_width; + *hp=height=cinfo.image_height; + +@@ -266,7 +277,7 @@ if(!careful_jpeg) + /* this one shouldn't hurt */ + cinfo.do_block_smoothing=FALSE; + +-if(WH_BAD(width,height) || (*imagep=image=malloc(width*height*3))==NULL) ++if(WH_BAD(width,height) || (*imagep=image=malloc(width*(height+cmyk)*3))==NULL) + longjmp(jerr.setjmp_buffer,1); + + jpeg_start_decompress(&cinfo); +@@ -279,12 +290,33 @@ ptr=image+width*2*greyscale; /* put data + for(f=0;f<height;f++,ptr+=width*3) + lineptrs[f]=ptr; + +-rec=cinfo.rec_outbuf_height; +-while(cinfo.output_scanline<height) ++if(!cmyk) + { +- f=height-cinfo.output_scanline; +- jpeg_read_scanlines(&cinfo,lineptrs+cinfo.output_scanline, +- f>rec?rec:f); ++ rec=cinfo.rec_outbuf_height; ++ while(cinfo.output_scanline<height) ++ { ++ f=height-cinfo.output_scanline; ++ jpeg_read_scanlines(&cinfo,lineptrs+cinfo.output_scanline, ++ f>rec?rec:f); ++ } ++ } ++else /* cmyk output */ ++ { ++ int tmp; ++ ++ ptr=image; ++ while(cinfo.output_scanline<height) ++ { ++ jpeg_read_scanlines(&cinfo,&ptr,1); ++ ptr2=ptr; ++ for(f=0;f<width;f++,ptr+=3,ptr2+=4) ++ { ++ tmp=ptr2[3]; ++ ptr[0]=(tmp*ptr2[0])/255; ++ ptr[1]=(tmp*ptr2[1])/255; ++ ptr[2]=(tmp*ptr2[2])/255; ++ } ++ } + } + + free(lineptrs); |