graphics/imlib/patches/patch-ao


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

$NetBSD: patch-ao,v 1.1.2.2 2004/12/13 18:03:27 salo Exp $

--- gdk_imlib/utils.c.orig	2002-03-22 15:43:29.000000000 +0100
+++ gdk_imlib/utils.c	2004-12-10 10:15:22.000000000 +0100
@@ -1236,36 +1236,56 @@
   context = 0;
   ptr = NULL;
   end = NULL;
+  memset(lookup, 0, sizeof(lookup));
 
   while (!done)
     {
       line = data[count++];
+      if (!line)
+	break;
+      line = strdup(line);
+      if (!line)
+	break;
+      len = strlen(line);
+      for (i = 0; i < len; ++i)
+        {
+	  c = line[i];
+	  if (c < 32)
+	    line[i] = 32;
+	  else if (c > 127)
+	    line[i] = 127;
+	}
+
       if (context == 0)
 	{
 	  /* Header */
 	  sscanf(line, "%i %i %i %i", &w, &h, &ncolors, &cpp);
-	  if (ncolors > 32766)
+	  if (ncolors <= 0 || ncolors > 32766)
 	    {
 	      fprintf(stderr, "gdk_imlib ERROR: XPM data wth colors > 32766 not supported\n");
 	      free(im);
+	      free(line);
 	      return NULL;
 	    }
-	  if (cpp > 5)
+	  if (cpp <= 0 || cpp > 5)
 	    {
 	      fprintf(stderr, "gdk_imlib ERROR: XPM data with characters per pixel > 5 not supported\n");
 	      free(im);
+	      free(line);
 	      return NULL;
 	    }
-	  if (w > 32767)
+	  if (w <= 0 || w > 32767)
 	    {
 	      fprintf(stderr, "gdk_imlib ERROR: Image width > 32767 pixels for data\n");
 	      free(im);
+	      free(line);
 	      return NULL;
 	    }
-	  if (h > 32767)
+	  if (h <= 0 || h > 32767)
 	    {
 	      fprintf(stderr, "gdk_imlib ERROR: Image height > 32767 pixels for data\n");
 	      free(im);
+	      free(line);
 	      return NULL;
 	    }
 	  cmap = malloc(sizeof(struct _cmap) * ncolors);
@@ -1273,6 +1293,7 @@
 	  if (!cmap)
 	    {
 	      free(im);
+	      free(line);
 	      return NULL;
 	    }
 	  im->rgb_width = w;
@@ -1282,6 +1303,7 @@
 	    {
 	      free(cmap);
 	      free(im);
+	      free(line);
 	      return NULL;
 	    }
 	  im->alpha_data = NULL;
@@ -1355,7 +1377,7 @@
 				  strcpy(col + colptr, " ");
 				  colptr++;
 				}
-			      if (colptr + ls <= sizeof(col))
+			      if (colptr + ls < sizeof(col))
 				{
 				  strcpy(col + colptr, s);
 				  colptr += ls;
@@ -1558,6 +1580,7 @@
 	}
       if ((ptr) && ((ptr - im->rgb_data) >= w * h * 3))
 	done = 1;
+      free(line);
     }
   if (!transp)
     {