summaryrefslogtreecommitdiff
path: root/graphics/dia/patches/patch-ad
diff options
context:
space:
mode:
Diffstat (limited to 'graphics/dia/patches/patch-ad')
-rw-r--r--graphics/dia/patches/patch-ad196
1 files changed, 0 insertions, 196 deletions
diff --git a/graphics/dia/patches/patch-ad b/graphics/dia/patches/patch-ad
deleted file mode 100644
index 33c120ae66e..00000000000
--- a/graphics/dia/patches/patch-ad
+++ /dev/null
@@ -1,196 +0,0 @@
-$NetBSD: patch-ad,v 1.1 2006/04/04 14:52:15 salo Exp $
-
-Security fix for CVE-2006-1550, from Dia CVS.
-
---- plug-ins/xfig/xfig-import.c.orig 2004-08-16 09:56:21.000000000 +0200
-+++ plug-ins/xfig/xfig-import.c 2006-04-04 15:25:30.000000000 +0200
-@@ -441,11 +441,17 @@
- static Color
- fig_color(int color_index)
- {
-- if (color_index == -1)
-+ if (color_index <= -1)
- return color_black; /* Default color */
-- if (color_index < FIG_MAX_DEFAULT_COLORS)
-+ else if (color_index < FIG_MAX_DEFAULT_COLORS)
- return fig_default_colors[color_index];
-- else return fig_colors[color_index-FIG_MAX_DEFAULT_COLORS];
-+ else if (color_index < FIG_MAX_USER_COLORS)
-+ return fig_colors[color_index-FIG_MAX_DEFAULT_COLORS];
-+ else {
-+ message_error(_("Color index %d too high, only 512 colors allowed. Using black instead."),
-+ color_index);
-+ return color_black;
-+ }
- }
-
- static Color
-@@ -563,23 +569,25 @@
- static int
- fig_read_n_points(FILE *file, int n, Point **points) {
- int i;
-- Point *new_points;
--
-- new_points = (Point*)g_malloc(sizeof(Point)*n);
-+ GArray *points_list = g_array_sized_new(FALSE, FALSE, sizeof(Point), n);
-
- for (i = 0; i < n; i++) {
- int x,y;
-+ Point p;
- if (fscanf(file, " %d %d ", &x, &y) != 2) {
- message_error(_("Error while reading %dth of %d points: %s\n"),
- i, n, strerror(errno));
-- free(new_points);
-+ g_array_free(points_list, TRUE);
- return FALSE;
- }
-- new_points[i].x = x/FIG_UNIT;
-- new_points[i].y = y/FIG_UNIT;
-+ p.x = x/FIG_UNIT;
-+ p.y = y/FIG_UNIT;
-+ g_array_append_val(points_list, p);
- }
- fscanf(file, "\n");
-- *points = new_points;
-+
-+ *points = (Point *)points_list->data;
-+ g_array_free(points_list, FALSE);
- return TRUE;
- }
-
-@@ -683,7 +691,7 @@
- return text_buf;
- }
-
--static GList *depths[1000];
-+static GList *depths[FIG_MAX_DEPTHS];
-
- /* If there's something in the compound stack, we ignore the depth field,
- as it will be determined by the group anyway */
-@@ -693,6 +701,26 @@
- level. Best we can do now. */
- static int compound_depth;
-
-+/** Add an object at a given depth. This function checks for depth limits
-+ * and updates the compound depth if needed.
-+ *
-+ * @param newobj An object to add. If we're inside a compound, this
-+ * doesn't really add the object.
-+ * @param depth A depth as in the Fig format, max 999
-+ */
-+static void
-+add_at_depth(DiaObject *newobj, int depth) {
-+ if (depth < 0 || depth >= FIG_MAX_DEPTHS) {
-+ message_error(_("Depth %d of of range, only 0-%d allowed.\n"),
-+ depth, FIG_MAX_DEPTHS-1);
-+ depth = FIG_MAX_DEPTHS - 1;
-+ }
-+ if (compound_stack == NULL)
-+ depths[depth] = g_list_append(depths[depth], newobj);
-+ else
-+ if (compound_depth > depth) compound_depth = depth;
-+}
-+
- static DiaObject *
- fig_read_ellipse(FILE *file, DiagramData *dia) {
- int sub_type;
-@@ -749,10 +777,7 @@
- /* Angle -- can't rotate yet */
-
- /* Depth field */
-- if (compound_stack == NULL)
-- depths[depth] = g_list_append(depths[depth], newobj);
-- else
-- if (compound_depth > depth) compound_depth = depth;
-+ add_at_depth(newobj, depth);
-
- return newobj;
- }
-@@ -885,10 +910,7 @@
- /* Cap style */
-
- /* Depth field */
-- if (compound_stack == NULL)
-- depths[depth] = g_list_append(depths[depth], newobj);
-- else
-- if (compound_depth > depth) compound_depth = depth;
-+ add_at_depth(newobj, depth);
- exit:
- prop_list_free(props);
- g_free(forward_arrow_info);
-@@ -1111,10 +1133,7 @@
- /* Cap style */
-
- /* Depth field */
-- if (compound_stack == NULL)
-- depths[depth] = g_list_append(depths[depth], newobj);
-- else
-- if (compound_depth > depth) compound_depth = depth;
-+ add_at_depth(newobj, depth);
- exit:
- prop_list_free(props);
- g_free(forward_arrow_info);
-@@ -1202,10 +1221,7 @@
- /* Cap style */
-
- /* Depth field */
-- if (compound_stack == NULL)
-- depths[depth] = g_list_append(depths[depth], newobj);
-- else
-- if (compound_depth > depth) compound_depth = depth;
-+ add_at_depth(newobj, depth);
-
- exit:
- g_free(forward_arrow_info);
-@@ -1298,10 +1314,7 @@
- newobj->ops->set_props(newobj, props);
-
- /* Depth field */
-- if (compound_stack == NULL)
-- depths[depth] = g_list_append(depths[depth], newobj);
-- else
-- if (compound_depth > depth) compound_depth = depth;
-+ add_at_depth(newobj, depth);
-
- exit:
- if (text_buf != NULL) free(text_buf);
-@@ -1347,6 +1360,12 @@
- return FALSE;
- }
-
-+ if (colornumber < 32 || colornumber > FIG_MAX_USER_COLORS) {
-+ message_error(_("Color number %d out of range 0..%d. Discarding color.\n"),
-+ colornumber, FIG_MAX_USER_COLORS);
-+ return FALSE;
-+ }
-+
- color.red = ((colorvalues & 0x00ff0000)>>16) / 255.0;
- color.green = ((colorvalues & 0x0000ff00)>>8) / 255.0;
- color.blue = (colorvalues & 0x000000ff) / 255.0;
-@@ -1393,7 +1412,7 @@
- }
- /* Group extends don't really matter */
- if (compound_stack == NULL)
-- compound_depth = 999;
-+ compound_depth = FIG_MAX_DEPTHS - 1;
- compound_stack = g_slist_append(compound_stack, NULL);
- return TRUE;
- break;
-@@ -1551,7 +1570,7 @@
- for (i = 0; i < FIG_MAX_USER_COLORS; i++) {
- fig_colors[i] = color_black;
- }
-- for (i = 0; i < 1000; i++) {
-+ for (i = 0; i < FIG_MAX_DEPTHS; i++) {
- depths[i] = NULL;
- }
-
-@@ -1606,7 +1625,7 @@
- } while (TRUE);
-
- /* Now we can reorder for the depth fields */
-- for (i = 0; i < 1000; i++) {
-+ for (i = 0; i < FIG_MAX_DEPTHS; i++) {
- if (depths[i] != NULL)
- layer_add_objects_first(dia->active_layer, depths[i]);
- }
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-12 07:29:49 +0000