diff options
Diffstat (limited to 'graphics/gd')
-rw-r--r-- | graphics/gd/Makefile | 9 | ||||
-rw-r--r-- | graphics/gd/distinfo | 10 | ||||
-rw-r--r-- | graphics/gd/patches/patch-src_gd__gif__in.c | 45 | ||||
-rw-r--r-- | graphics/gd/patches/patch-src_webpimg.c | 30 |
4 files changed, 40 insertions, 54 deletions
diff --git a/graphics/gd/Makefile b/graphics/gd/Makefile index c7d206d0c34..b5f8524aaf3 100644 --- a/graphics/gd/Makefile +++ b/graphics/gd/Makefile @@ -1,16 +1,17 @@ -# $NetBSD: Makefile,v 1.105 2015/06/30 09:57:36 ryoon Exp $ +# $NetBSD: Makefile,v 1.106 2015/06/30 10:20:10 ryoon Exp $ -DISTNAME= libgd-2.1.0 +DISTNAME= libgd-2.1.1 PKGNAME= ${DISTNAME:S/libgd/gd/} -PKGREVISION= 4 CATEGORIES= graphics -MASTER_SITES= http://cdn.bitbucket.org/libgd/gd-libgd/downloads/ +MASTER_SITES= https://bitbucket.org/libgd/gd-libgd/downloads/ EXTRACT_SUFX= .tar.xz MAINTAINER= adam@NetBSD.org HOMEPAGE= http://libgd.bitbucket.org/ COMMENT= Graphics library for the dynamic creation of images +#WRKSRC= ${WRKDIR}/${DISTNAME:S/libgd-/libgd-gd-/} + .include "options.mk" USE_LIBTOOL= yes diff --git a/graphics/gd/distinfo b/graphics/gd/distinfo index 78c3f4c6068..903211b8072 100644 --- a/graphics/gd/distinfo +++ b/graphics/gd/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.36 2015/04/12 15:09:32 tnn Exp $ +$NetBSD: distinfo,v 1.37 2015/06/30 10:20:10 ryoon Exp $ -SHA1 (libgd-2.1.0.tar.xz) = 66c56fc07246b66ba649c83e996fd2085ea2f9e2 -RMD160 (libgd-2.1.0.tar.xz) = 3fcdf88e1ca653ffd40ddba607dbc317ca87bf63 -Size (libgd-2.1.0.tar.xz) = 2004304 bytes +SHA1 (libgd-2.1.1.tar.xz) = 9038ed488b577d16aa8c32b6c10b4a70b10f7fa1 +RMD160 (libgd-2.1.1.tar.xz) = 8d564caf9a953d344fb9a5e169d241510a2c71f1 +Size (libgd-2.1.1.tar.xz) = 2039132 bytes SHA1 (patch-aa) = 00198349dd9cff60f1f5738524096a251057eb16 SHA1 (patch-ab) = 300ffacf47d7421fc9efb7b3fd9e93f011de1b4b SHA1 (patch-src_gd__bmp.c) = 4db300a26cebae6fb6f14564c5648608d7ed6cc5 -SHA1 (patch-src_gd__gif__in.c) = 4c18302fa45b482b28f5b618681354690eaa9b2d +SHA1 (patch-src_webpimg.c) = 2717cbcfdbbddfc8cd96de2d4f6a07a0485ba086 diff --git a/graphics/gd/patches/patch-src_gd__gif__in.c b/graphics/gd/patches/patch-src_gd__gif__in.c deleted file mode 100644 index b53c98d0303..00000000000 --- a/graphics/gd/patches/patch-src_gd__gif__in.c +++ /dev/null @@ -1,45 +0,0 @@ -$NetBSD: patch-src_gd__gif__in.c,v 1.1 2015/04/12 15:09:33 tnn Exp $ - -CVE-2014-9709 -https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43/raw/ - -From 47eb44b2e90ca88a08dca9f9a1aa9041e9587f43 Mon Sep 17 00:00:00 2001 -From: Remi Collet <fedora@famillecollet.com> -Date: Sat, 13 Dec 2014 08:48:18 +0100 -Subject: [PATCH] Fix possible buffer read overflow detected by - -fsanitize=address, thanks to Jan Bee - ---- - src/gd_gif_in.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/src/gd_gif_in.c b/src/gd_gif_in.c -index b3b4ca3..13a663c 100644 ---- src/gd_gif_in.c -+++ src/gd_gif_in.c -@@ -75,8 +75,10 @@ static struct { - - #define STACK_SIZE ((1<<(MAX_LWZ_BITS))*2) - -+#define CSD_BUF_SIZE 280 -+ - typedef struct { -- unsigned char buf[280]; -+ unsigned char buf[CSD_BUF_SIZE]; - int curbit; - int lastbit; - int done; -@@ -468,7 +470,12 @@ GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroD - - ret = 0; - for (i = scd->curbit, j = 0; j < code_size; ++i, ++j) { -- ret |= ((scd->buf[i / 8] & (1 << (i % 8))) != 0) << j; -+ if (i < CSD_BUF_SIZE * 8) { -+ ret |= ((scd->buf[i / 8] & (1 << (i % 8))) != 0) << j; -+ } else { -+ ret = -1; -+ break; -+ } - } - - scd->curbit += code_size; diff --git a/graphics/gd/patches/patch-src_webpimg.c b/graphics/gd/patches/patch-src_webpimg.c new file mode 100644 index 00000000000..2d0b00dec61 --- /dev/null +++ b/graphics/gd/patches/patch-src_webpimg.c @@ -0,0 +1,30 @@ +$NetBSD: patch-src_webpimg.c,v 1.1 2015/06/30 10:20:11 ryoon Exp $ + +Fix build with libvpx-1.4.0. + +https://github.com/libgd/libgd/commit/d41eb72cd4545c394578332e5c102dee69e02ee8#diff-6df10f67563acb6f093f2d9fe3549f08 + +--- src/webpimg.c.orig 2015-01-14 03:09:04.000000000 +0000 ++++ src/webpimg.c +@@ -711,14 +711,14 @@ static WebPResult VPXEncode(const uint8* + codec_ctl(&enc, VP8E_SET_STATIC_THRESHOLD, 0); + codec_ctl(&enc, VP8E_SET_TOKEN_PARTITIONS, 2); + +- vpx_img_wrap(&img, IMG_FMT_I420, ++ vpx_img_wrap(&img, VPX_IMG_FMT_I420, + y_width, y_height, 16, (uint8*)(Y)); +- img.planes[PLANE_Y] = (uint8*)(Y); +- img.planes[PLANE_U] = (uint8*)(U); +- img.planes[PLANE_V] = (uint8*)(V); +- img.stride[PLANE_Y] = y_stride; +- img.stride[PLANE_U] = uv_stride; +- img.stride[PLANE_V] = uv_stride; ++ img.planes[VPX_PLANE_Y] = (uint8*)(Y); ++ img.planes[VPX_PLANE_U] = (uint8*)(U); ++ img.planes[VPX_PLANE_V] = (uint8*)(V); ++ img.stride[VPX_PLANE_Y] = y_stride; ++ img.stride[VPX_PLANE_U] = uv_stride; ++ img.stride[VPX_PLANE_V] = uv_stride; + + res = vpx_codec_encode(&enc, &img, 0, 1, 0, VPX_DL_BEST_QUALITY); + |