diff options
Diffstat (limited to 'devel/pango')
-rw-r--r-- | devel/pango/Makefile | 7 | ||||
-rw-r--r-- | devel/pango/distinfo | 13 | ||||
-rw-r--r-- | devel/pango/patches/patch-CVE-2011-0064-1 | 14 | ||||
-rw-r--r-- | devel/pango/patches/patch-CVE-2011-0064-2 | 148 | ||||
-rw-r--r-- | devel/pango/patches/patch-CVE-2011-0064-3 | 15 | ||||
-rw-r--r-- | devel/pango/patches/patch-ac | 15 | ||||
-rw-r--r-- | devel/pango/patches/patch-ad | 44 |
7 files changed, 7 insertions, 249 deletions
diff --git a/devel/pango/Makefile b/devel/pango/Makefile index 4fa5ecd57ce..62633cf18d7 100644 --- a/devel/pango/Makefile +++ b/devel/pango/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.152 2011/03/05 13:37:19 tron Exp $ +# $NetBSD: Makefile,v 1.153 2011/04/11 15:35:52 drochner Exp $ -DISTNAME= pango-1.28.3 -PKGREVISION= 3 +DISTNAME= pango-1.28.4 CATEGORIES= devel fonts MASTER_SITES= ${MASTER_SITE_GNOME:=sources/pango/1.28/} EXTRACT_SUFX= .tar.bz2 @@ -43,7 +42,7 @@ PLIST_VARS+= carbon .include "options.mk" -BUILDLINK_API_DEPENDS.glib2+= glib2>=2.17.3 +BUILDLINK_API_DEPENDS.glib2+= glib2>=2.24.0 .include "../../devel/glib2/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" BUILDLINK_API_DEPENDS.cairo+= cairo>=1.8.0 diff --git a/devel/pango/distinfo b/devel/pango/distinfo index 91663d90abf..570cc9e2fa8 100644 --- a/devel/pango/distinfo +++ b/devel/pango/distinfo @@ -1,12 +1,7 @@ -$NetBSD: distinfo,v 1.88 2011/03/05 13:37:19 tron Exp $ +$NetBSD: distinfo,v 1.89 2011/04/11 15:35:53 drochner Exp $ -SHA1 (pango-1.28.3.tar.bz2) = e72887d6e147b9abf54628c003836e61d97767a1 -RMD160 (pango-1.28.3.tar.bz2) = cdfd6d695b169e15801956fbfd54438c109f7a61 -Size (pango-1.28.3.tar.bz2) = 1509501 bytes -SHA1 (patch-CVE-2011-0064-1) = 4bee6af464fa849b21e693239a7c0497c8bd2ae0 -SHA1 (patch-CVE-2011-0064-2) = 37e974738af890e2e665290abcfef8f65ebb6dd2 -SHA1 (patch-CVE-2011-0064-3) = 854d3835ad559a10fb4c4323983f8be68d2f46eb +SHA1 (pango-1.28.4.tar.bz2) = e715954a5a3b358889d15b6235e1965303dbb622 +RMD160 (pango-1.28.4.tar.bz2) = e9dc19b62263fdbd5b58c00092220af87ed929df +Size (pango-1.28.4.tar.bz2) = 1503441 bytes SHA1 (patch-aa) = 1a87d055dc722eff28517a11d0832ae19df5eb59 SHA1 (patch-ab) = 12c09b12ba31be19fa0d602f89909811e6221bd8 -SHA1 (patch-ac) = 349eaf578f26e9d55df01c736951f27cd70a89fc -SHA1 (patch-ad) = 135fda8c8ff2e37f048374b1840291f7d2f6369f diff --git a/devel/pango/patches/patch-CVE-2011-0064-1 b/devel/pango/patches/patch-CVE-2011-0064-1 deleted file mode 100644 index 4e7a73d27ca..00000000000 --- a/devel/pango/patches/patch-CVE-2011-0064-1 +++ /dev/null @@ -1,14 +0,0 @@ -$NetBSD: patch-CVE-2011-0064-1,v 1.1 2011/03/05 13:37:19 tron Exp $ - -Fix for the DoS vulnerability reported in CVE-2011-0064 taken from openSUSE. - ---- pango/opentype/hb-buffer-private.h.orig 2010-02-09 12:06:28.000000000 +0000 -+++ pango/opentype/hb-buffer-private.h 2011-03-05 13:30:22.000000000 +0000 -@@ -72,6 +72,7 @@ - unsigned int allocated; - - hb_bool_t have_output; /* weather we have an output buffer going on */ -+ hb_bool_t in_error; /* Allocation failed */ - unsigned int in_length; - unsigned int out_length; - unsigned int in_pos; diff --git a/devel/pango/patches/patch-CVE-2011-0064-2 b/devel/pango/patches/patch-CVE-2011-0064-2 deleted file mode 100644 index 0bd19e46de2..00000000000 --- a/devel/pango/patches/patch-CVE-2011-0064-2 +++ /dev/null @@ -1,148 +0,0 @@ -$NetBSD: patch-CVE-2011-0064-2,v 1.1 2011/03/05 13:37:19 tron Exp $ - -Fix for the DoS vulnerability reported in CVE-2011-0064 taken from openSUSE. - ---- pango/opentype/hb-buffer.c.orig 2010-02-09 12:06:28.000000000 +0000 -+++ pango/opentype/hb-buffer.c 2011-03-05 13:30:22.000000000 +0000 -@@ -52,23 +52,21 @@ - * in_string and out_string. - */ - --/* XXX err handling */ -- - /* Internal API */ - --static void -+static hb_bool_t - hb_buffer_ensure_separate (hb_buffer_t *buffer, unsigned int size) - { -- hb_buffer_ensure (buffer, size); -+ if (HB_UNLIKELY (!hb_buffer_ensure (buffer, size))) return FALSE; - if (buffer->out_string == buffer->in_string) - { - assert (buffer->have_output); -- if (!buffer->positions) -- buffer->positions = calloc (buffer->allocated, sizeof (buffer->positions[0])); - - buffer->out_string = (hb_internal_glyph_info_t *) buffer->positions; - memcpy (buffer->out_string, buffer->in_string, buffer->out_length * sizeof (buffer->out_string[0])); - } -+ -+ return TRUE; - } - - /* Public API */ -@@ -114,6 +112,7 @@ - hb_buffer_clear (hb_buffer_t *buffer) - { - buffer->have_output = FALSE; -+ buffer->in_error = FALSE; - buffer->in_length = 0; - buffer->out_length = 0; - buffer->in_pos = 0; -@@ -122,32 +121,42 @@ - buffer->max_lig_id = 0; - } - --void -+hb_bool_t - hb_buffer_ensure (hb_buffer_t *buffer, unsigned int size) - { -- unsigned int new_allocated = buffer->allocated; -- -- if (size > new_allocated) -+ if (HB_UNLIKELY (size > buffer->allocated)) - { -+ unsigned int new_allocated = buffer->allocated; -+ hb_internal_glyph_position_t *new_pos; -+ hb_internal_glyph_info_t *new_info; -+ hb_bool_t separate_out; -+ -+ if (HB_UNLIKELY (buffer->in_error)) -+ return FALSE; -+ -+ separate_out = buffer->out_string != buffer->in_string; -+ - while (size > new_allocated) - new_allocated += (new_allocated >> 1) + 8; - -- if (buffer->positions) -- buffer->positions = realloc (buffer->positions, new_allocated * sizeof (buffer->positions[0])); -+ new_pos = (hb_internal_glyph_position_t *) realloc (buffer->positions, new_allocated * sizeof (buffer->positions[0])); -+ new_info = (hb_internal_glyph_info_t *) realloc (buffer->in_string, new_allocated * sizeof (buffer->in_string[0])); - -- if (buffer->out_string != buffer->in_string) -- { -- buffer->in_string = realloc (buffer->in_string, new_allocated * sizeof (buffer->in_string[0])); -- buffer->out_string = (hb_internal_glyph_info_t *) buffer->positions; -- } -- else -- { -- buffer->in_string = realloc (buffer->in_string, new_allocated * sizeof (buffer->in_string[0])); -- buffer->out_string = buffer->in_string; -- } -+ if (HB_UNLIKELY (!new_pos || !new_info)) -+ buffer->in_error = TRUE; -+ -+ if (HB_LIKELY (new_pos)) -+ buffer->positions = new_pos; - -- buffer->allocated = new_allocated; -+ if (HB_LIKELY (new_info)) -+ buffer->in_string = new_info; -+ -+ buffer->out_string = separate_out ? (hb_internal_glyph_info_t *) buffer->positions : buffer->in_string; -+ if (HB_LIKELY (!buffer->in_error)) -+ buffer->allocated = new_allocated; - } -+ -+ return HB_LIKELY (!buffer->in_error); - } - - void -@@ -158,7 +167,7 @@ - { - hb_internal_glyph_info_t *glyph; - -- hb_buffer_ensure (buffer, buffer->in_length + 1); -+ if (HB_UNLIKELY (!hb_buffer_ensure (buffer, buffer->in_length + 1))) return; - - glyph = &buffer->in_string[buffer->in_length]; - glyph->codepoint = codepoint; -@@ -213,6 +222,8 @@ - - assert (buffer->have_output); - -+ if (HB_UNLIKELY (buffer->in_error)) return; -+ - if (buffer->out_string != buffer->in_string) - { - hb_internal_glyph_info_t *tmp_string; -@@ -265,7 +276,8 @@ - if (buffer->out_string != buffer->in_string || - buffer->out_pos + num_out > buffer->in_pos + num_in) - { -- hb_buffer_ensure_separate (buffer, buffer->out_pos + num_out); -+ if (HB_UNLIKELY (!hb_buffer_ensure_separate (buffer, buffer->out_pos + num_out))) -+ return; - } - - mask = buffer->in_string[buffer->in_pos].mask; -@@ -302,7 +314,7 @@ - - if (buffer->out_string != buffer->in_string) - { -- hb_buffer_ensure (buffer, buffer->out_pos + 1); -+ if (HB_UNLIKELY (!hb_buffer_ensure (buffer, buffer->out_pos + 1))) return; - buffer->out_string[buffer->out_pos] = buffer->in_string[buffer->in_pos]; - } - else if (buffer->out_pos != buffer->in_pos) -@@ -332,7 +344,7 @@ - - if (buffer->out_string != buffer->in_string) - { -- hb_buffer_ensure (buffer, buffer->out_pos + 1); -+ if (HB_UNLIKELY (!hb_buffer_ensure (buffer, buffer->out_pos + 1))) return; - buffer->out_string[buffer->out_pos] = buffer->in_string[buffer->in_pos]; - } - else if (buffer->out_pos != buffer->in_pos) diff --git a/devel/pango/patches/patch-CVE-2011-0064-3 b/devel/pango/patches/patch-CVE-2011-0064-3 deleted file mode 100644 index bae31b6931b..00000000000 --- a/devel/pango/patches/patch-CVE-2011-0064-3 +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-CVE-2011-0064-3,v 1.1 2011/03/05 13:37:20 tron Exp $ - -Fix for the DoS vulnerability reported in CVE-2011-0064 taken from openSUSE. - ---- pango/opentype/hb-buffer.h.orig 2010-02-09 12:06:28.000000000 +0000 -+++ pango/opentype/hb-buffer.h 2011-03-05 13:30:22.000000000 +0000 -@@ -94,7 +94,7 @@ - void - hb_buffer_clear_positions (hb_buffer_t *buffer); - --void -+hb_bool_t - hb_buffer_ensure (hb_buffer_t *buffer, - unsigned int size); - diff --git a/devel/pango/patches/patch-ac b/devel/pango/patches/patch-ac deleted file mode 100644 index bbd2ebc37e6..00000000000 --- a/devel/pango/patches/patch-ac +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-ac,v 1.15 2011/01/27 14:04:51 drochner Exp $ - -https://bugzilla.gnome.org/show_bug.cgi?id=636348 - ---- pango/pangocairo-font.c.orig 2010-07-01 14:00:29.000000000 +0000 -+++ pango/pangocairo-font.c -@@ -433,6 +433,8 @@ _pango_cairo_font_private_get_hex_box_in - pango_ctm.x0 = cairo_ctm.x0; - pango_ctm.y0 = cairo_ctm.y0; - -+ size /= pango_matrix_get_font_scale_factor (&pango_ctm); -+ - if (is_hinted) - { - /* prepare for some hinting */ diff --git a/devel/pango/patches/patch-ad b/devel/pango/patches/patch-ad deleted file mode 100644 index 1f71fcdd828..00000000000 --- a/devel/pango/patches/patch-ad +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-ad,v 1.12 2011/01/27 14:04:51 drochner Exp $ - -https://bugzilla.gnome.org/show_bug.cgi?id=639882 - ---- pango/pangoft2-render.c.orig 2010-02-09 12:06:28.000000000 +0000 -+++ pango/pangoft2-render.c -@@ -121,9 +121,14 @@ pango_ft2_font_render_box_glyph (int - - box->bitmap.width = width; - box->bitmap.rows = height; -- box->bitmap.pitch = height; -+ box->bitmap.pitch = width; - -- box->bitmap.buffer = g_malloc0 (box->bitmap.rows * box->bitmap.pitch); -+ box->bitmap.buffer = g_malloc0_n (box->bitmap.rows, box->bitmap.pitch); -+ -+ if (G_UNLIKELY (!box->bitmap.buffer)) { -+ g_slice_free (PangoFT2RenderedGlyph, box); -+ return NULL; -+ } - - /* draw the box */ - for (j = 0; j < line_width; j++) -@@ -226,6 +231,11 @@ pango_ft2_font_render_glyph (PangoFont * - rendered->bitmap_left = face->glyph->bitmap_left; - rendered->bitmap_top = face->glyph->bitmap_top; - -+ if (G_UNLIKELY (!rendered->bitmap.buffer)) { -+ g_slice_free (PangoFT2RenderedGlyph, rendered); -+ return NULL; -+ } -+ - return rendered; - } - else -@@ -276,6 +286,8 @@ pango_ft2_renderer_draw_glyph (PangoRend - if (rendered_glyph == NULL) - { - rendered_glyph = pango_ft2_font_render_glyph (font, glyph); -+ if (rendered_glyph == NULL) -+ return; - add_glyph_to_cache = TRUE; - } - |