diff --git a/srcpkgs/netpbm/files/netpbm-security-code.patch b/srcpkgs/netpbm/files/netpbm-security-code.patch index 19e1a44b552..09d4b8e0f91 100644 --- a/srcpkgs/netpbm/files/netpbm-security-code.patch +++ b/srcpkgs/netpbm/files/netpbm-security-code.patch @@ -1,32 +1,3 @@ -diff -up netpbm-10.58.01/analyzer/pgmtexture.c.security-code netpbm-10.58.01/analyzer/pgmtexture.c ---- netpbm-10.58.01/analyzer/pgmtexture.c.security-code 2012-04-09 15:31:32.000000000 +0200 -+++ netpbm-10.58.01/analyzer/pgmtexture.c 2012-04-09 15:40:03.183620040 +0200 -@@ -97,7 +97,7 @@ vector(unsigned int const nl, - float * v; - - assert(nh >= nl); -- -+ overflow_add(nh - nl, 1); - MALLOCARRAY(v, (unsigned) (nh - nl + 1)); - - if (v == NULL) -@@ -129,6 +129,7 @@ matrix (unsigned int const nrl, - assert(nrh >= nrl); - - /* allocate pointers to rows */ -+ overflow_add(nrh - nrl, 1); - MALLOCARRAY(m, (unsigned) (nrh - nrl + 1)); - if (m == NULL) - pm_error("Unable to allocate memory for a matrix."); -@@ -136,7 +137,7 @@ matrix (unsigned int const nrl, - m -= ncl; - - assert (nch >= ncl); -- -+ overflow_add(nch - ncl, 1); - /* allocate rows and set pointers to them */ - for (i = nrl; i <= nrh; ++i) { - MALLOCARRAY(m[i], (unsigned) (nch - ncl + 1)); diff -up netpbm-10.58.01/converter/other/jpegtopnm.c.security-code netpbm-10.58.01/converter/other/jpegtopnm.c --- netpbm-10.58.01/converter/other/jpegtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200 +++ netpbm-10.58.01/converter/other/jpegtopnm.c 2012-04-09 15:40:03.184620028 +0200 @@ -39,17 +10,6 @@ diff -up netpbm-10.58.01/converter/other/jpegtopnm.c.security-code netpbm-10.58. /* Start decompressor */ jpeg_start_decompress(cinfoP); -diff -up netpbm-10.58.01/converter/other/pbmtopgm.c.security-code netpbm-10.58.01/converter/other/pbmtopgm.c ---- netpbm-10.58.01/converter/other/pbmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 -+++ netpbm-10.58.01/converter/other/pbmtopgm.c 2012-04-09 15:40:03.184620028 +0200 -@@ -47,6 +47,7 @@ main(int argc, char *argv[]) { - "than the image height (%u rows)", height, rows); - - outrow = pgm_allocrow(cols) ; -+ overflow2(width, height); - maxval = MIN(PGM_OVERALLMAXVAL, width*height); - pgm_writepgminit(stdout, cols, rows, maxval, 0) ; - diff -up netpbm-10.58.01/converter/other/pnmtoddif.c.security-code netpbm-10.58.01/converter/other/pnmtoddif.c --- netpbm-10.58.01/converter/other/pnmtoddif.c.security-code 2012-04-09 15:31:42.000000000 +0200 +++ netpbm-10.58.01/converter/other/pnmtoddif.c 2012-04-09 15:40:03.185620015 +0200 @@ -93,71 +53,6 @@ diff -up netpbm-10.58.01/converter/other/rletopnm.c.security-code netpbm-10.58.0 */ /* * rletopnm - A conversion program to convert from Utah's "rle" image format -diff -up netpbm-10.58.01/converter/other/sirtopnm.c.security-code netpbm-10.58.01/converter/other/sirtopnm.c ---- netpbm-10.58.01/converter/other/sirtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 -+++ netpbm-10.58.01/converter/other/sirtopnm.c 2012-04-09 15:40:03.190619951 +0200 -@@ -69,6 +69,7 @@ char* argv[]; - } - break; - case PPM_TYPE: -+ overflow3(cols, rows, 3); - picsize = cols * rows * 3; - planesize = cols * rows; - if ( !( sirarray = (unsigned char*) malloc( picsize ) ) ) -diff -up netpbm-10.58.01/converter/other/tifftopnm.c.security-code netpbm-10.58.01/converter/other/tifftopnm.c ---- netpbm-10.58.01/converter/other/tifftopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 -+++ netpbm-10.58.01/converter/other/tifftopnm.c 2012-04-09 15:40:03.191619939 +0200 -@@ -1279,7 +1279,9 @@ convertRasterByRows(pnmOut * const - if (scanbuf == NULL) - pm_error("can't allocate memory for scanline buffer"); - -- MALLOCARRAY(samplebuf, cols * spp); -+ /* samplebuf is unsigned int * !!! */ -+ samplebuf = (unsigned int *) malloc3(cols , sizeof(unsigned int) , spp); -+ - if (samplebuf == NULL) - pm_error("can't allocate memory for row buffer"); - -diff -up netpbm-10.58.01/converter/other/xwdtopnm.c.security-code netpbm-10.58.01/converter/other/xwdtopnm.c ---- netpbm-10.58.01/converter/other/xwdtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200 -+++ netpbm-10.58.01/converter/other/xwdtopnm.c 2012-04-09 15:40:03.192619927 +0200 -@@ -209,6 +209,10 @@ processX10Header(X10WDFileHeader * cons - *colorsP = pnm_allocrow(2); - PNM_ASSIGN1((*colorsP)[0], 0); - PNM_ASSIGN1((*colorsP)[1], *maxvalP); -+ overflow_add(h10P->pixmap_width, 15); -+ if(h10P->pixmap_width < 0) -+ pm_error("assert: negative width"); -+ overflow2((((h10P->pixmap_width + 15) / 16) * 16 - h10P->pixmap_width), 8); - *padrightP = - (((h10P->pixmap_width + 15) / 16) * 16 - h10P->pixmap_width) * 8; - *bits_per_itemP = 16; -@@ -634,6 +638,7 @@ processX11Header(X11WDFileHeader * cons - - *colsP = h11FixedP->pixmap_width; - *rowsP = h11FixedP->pixmap_height; -+ overflow2(h11FixedP->bytes_per_line, 8); - *padrightP = - h11FixedP->bytes_per_line * 8 - - h11FixedP->pixmap_width * h11FixedP->bits_per_pixel; -diff -up netpbm-10.58.01/converter/pbm/mdatopbm.c.security-code netpbm-10.58.01/converter/pbm/mdatopbm.c ---- netpbm-10.58.01/converter/pbm/mdatopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 -+++ netpbm-10.58.01/converter/pbm/mdatopbm.c 2012-04-09 15:40:03.192619927 +0200 -@@ -245,10 +245,13 @@ main(int argc, char **argv) { - pm_readlittleshort(infile, &yy); nInCols = yy; - } - -+ overflow2(nOutCols, 8); - nOutCols = 8 * nInCols; - nOutRows = nInRows; -- if (bScale) -+ if (bScale) { -+ overflow2(nOutRows, 2); - nOutRows *= 2; -+ } - - data = pbm_allocarray(nOutCols, nOutRows); - diff -up netpbm-10.58.01/converter/pbm/pbmtogem.c.security-code netpbm-10.58.01/converter/pbm/pbmtogem.c --- netpbm-10.58.01/converter/pbm/pbmtogem.c.security-code 2012-04-09 15:31:45.000000000 +0200 +++ netpbm-10.58.01/converter/pbm/pbmtogem.c 2012-04-09 15:40:03.193619915 +0200 @@ -206,17 +101,6 @@ diff -up netpbm-10.58.01/converter/pbm/pbmtomda.c.security-code netpbm-10.58.01/ nOutRows = ((nOutRowsUnrounded + 3) / 4) * 4; /* MDA wants rows a multiple of 4 */ nOutCols = nInCols / 8; -diff -up netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c.security-code netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c ---- netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c.security-code 2012-04-09 15:31:45.000000000 +0200 -+++ netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c 2012-04-09 15:40:03.196619876 +0200 -@@ -441,6 +441,7 @@ main(int argc, char *argv[]) { - pm_error("main(): unrecognized parameter '%s'", argv[argn]); - } - -+ overflow_add(Width, 7); - Pwidth=(Width+7)/8; - printer.fptr=out; - diff -up netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoxbm.c --- netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 +++ netpbm-10.58.01/converter/pbm/pbmtoxbm.c 2012-04-09 15:40:03.196619876 +0200 @@ -229,164 +113,6 @@ diff -up netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code netpbm-10.58.01/ putinit(xbmVersion); -diff -up netpbm-10.58.01/converter/pbm/pbmto4425.c.security-code netpbm-10.58.01/converter/pbm/pbmto4425.c ---- netpbm-10.58.01/converter/pbm/pbmto4425.c.security-code 2012-04-09 15:31:45.000000000 +0200 -+++ netpbm-10.58.01/converter/pbm/pbmto4425.c 2012-04-09 15:40:03.198619851 +0200 -@@ -2,6 +2,7 @@ - - #include "nstring.h" - #include "pbm.h" -+#include - - static char bit_table[2][3] = { - {1, 4, 0x10}, -@@ -160,7 +161,7 @@ main(int argc, char * argv[]) { - xres = vmap_width * 2; - yres = vmap_height * 3; - -- vmap = malloc(vmap_width * vmap_height * sizeof(char)); -+ vmap = malloc3(vmap_width, vmap_height, sizeof(char)); - if(vmap == NULL) - { - pm_error( "Cannot allocate memory" ); -diff -up netpbm-10.58.01/converter/pbm/pktopbm.c.security-code netpbm-10.58.01/converter/pbm/pktopbm.c ---- netpbm-10.58.01/converter/pbm/pktopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 -+++ netpbm-10.58.01/converter/pbm/pktopbm.c 2012-04-09 15:40:03.198619851 +0200 -@@ -277,6 +277,7 @@ main(int argc, char *argv[]) { - if (flagbyte == 7) { /* long form preamble */ - integer packetlength = get32() ; /* character packet length */ - car = get32() ; /* character number */ -+ overflow_add(packetlength, pktopbm_pkloc); - endofpacket = packetlength + pktopbm_pkloc; - /* calculate end of packet */ - if ((car >= MAXPKCHAR) || !filename[car]) { -diff -up netpbm-10.58.01/converter/pbm/thinkjettopbm.l.security-code netpbm-10.58.01/converter/pbm/thinkjettopbm.l ---- netpbm-10.58.01/converter/pbm/thinkjettopbm.l.security-code 2012-04-09 15:31:45.000000000 +0200 -+++ netpbm-10.58.01/converter/pbm/thinkjettopbm.l 2012-04-09 15:40:03.199619839 +0200 -@@ -114,7 +114,9 @@ DIG [0-9] - \033\*b{DIG}+W { - int l; - if (rowCount >= rowCapacity) { -+ overflow_add(rowCapacity, 100); - rowCapacity += 100; -+ overflow2(rowCapacity, sizeof *rows); - rows = realloc (rows, rowCapacity * sizeof *rows); - if (rows == NULL) - pm_error ("Out of memory."); -@@ -226,6 +228,8 @@ yywrap (void) - /* - * Quite simple since ThinkJet bit arrangement matches PBM - */ -+ -+ overflow2(maxRowLength, 8); - pbm_writepbminit(stdout, maxRowLength*8, rowCount, 0); - - packed_bitrow = malloc(maxRowLength); -diff -up netpbm-10.58.01/converter/pgm/lispmtopgm.c.security-code netpbm-10.58.01/converter/pgm/lispmtopgm.c ---- netpbm-10.58.01/converter/pgm/lispmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 -+++ netpbm-10.58.01/converter/pgm/lispmtopgm.c 2012-04-09 15:40:03.199619839 +0200 -@@ -58,6 +58,7 @@ main( argc, argv ) - pm_error( "depth (%d bits) is too large", depth); - - pgm_writepgminit( stdout, cols, rows, (gray) maxval, 0 ); -+ overflow_add(cols, 7); - grayrow = pgm_allocrow( ( cols + 7 ) / 8 * 8 ); - - for ( row = 0; row < rows; ++row ) -@@ -102,7 +103,9 @@ getinit( file, colsP, rowsP, depthP, pad - - if ( *depthP == 0 ) - *depthP = 1; /* very old file */ -- -+ -+ overflow_add((int)colsP, 31); -+ - *padrightP = ( ( *colsP + 31 ) / 32 ) * 32 - *colsP; - - if ( *colsP != (cols_32 - *padrightP) ) { -diff -up netpbm-10.58.01/converter/pgm/psidtopgm.c.security-code netpbm-10.58.01/converter/pgm/psidtopgm.c ---- netpbm-10.58.01/converter/pgm/psidtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 -+++ netpbm-10.58.01/converter/pgm/psidtopgm.c 2012-04-09 15:40:03.200619827 +0200 -@@ -78,6 +78,7 @@ main(int argc, - pm_error("bits/sample (%d) is too large.", bitspersample); - - pgm_writepgminit(stdout, cols, rows, maxval, 0); -+ overflow_add(cols, 7); - grayrow = pgm_allocrow((cols + 7) / 8 * 8); - for (row = 0; row < rows; ++row) { - unsigned int col; -diff -up netpbm-10.58.01/converter/ppm/ilbmtoppm.c.security-code netpbm-10.58.01/converter/ppm/ilbmtoppm.c ---- netpbm-10.58.01/converter/ppm/ilbmtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 -+++ netpbm-10.58.01/converter/ppm/ilbmtoppm.c 2012-04-09 15:40:03.201619815 +0200 -@@ -592,6 +592,7 @@ decode_row(FILE * const ifP, - rawtype *chp; - - cols = bmhdP->w; -+ overflow_add(cols, 15); - bytes = RowBytes(cols); - for( plane = 0; plane < nPlanes; plane++ ) { - int mask; -@@ -679,6 +680,23 @@ decode_mask(FILE * const ifP, - Multipalette handling - ****************************************************************************/ - -+static void * -+xmalloc2(x, y) -+ int x; -+ int y; -+{ -+ void *mem; -+ -+ overflow2(x,y); -+ if( x * y == 0 ) -+ return NULL; -+ -+ mem = malloc2(x,y); -+ if( mem == NULL ) -+ pm_error("out of memory allocating %d bytes", x * y); -+ return mem; -+} -+ - - static void - multi_adjust(cmap, row, palchange) -@@ -2028,6 +2051,9 @@ read_pchg(FILE * const ifp, - cmap->mp_change[i] = NULL; - if( PCHG.StartLine < 0 ) { - int nch; -+ if(PCHG.MaxReg < PCHG.MinReg) -+ pm_error("assert: MinReg > MaxReg"); -+ overflow_add(PCHG.MaxReg-PCHG.MinReg, 2); - nch = PCHG.MaxReg - PCHG.MinReg +1; - MALLOCARRAY_NOFAIL(cmap->mp_init, nch + 1); - for( i = 0; i < nch; i++ ) -@@ -2104,6 +2130,7 @@ process_body( FILE * const ifp, - if( typeid == ID_ILBM ) { - int isdeep; - -+ overflow_add(bmhdP->w, 15); - MALLOCARRAY_NOFAIL(ilbmrow, RowBytes(bmhdP->w)); - *viewportmodesP |= fakeviewport; /* -isham/-isehb */ - -diff -up netpbm-10.58.01/converter/ppm/imgtoppm.c.security-code netpbm-10.58.01/converter/ppm/imgtoppm.c ---- netpbm-10.58.01/converter/ppm/imgtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 -+++ netpbm-10.58.01/converter/ppm/imgtoppm.c 2012-04-09 15:40:03.202619802 +0200 -@@ -84,6 +84,7 @@ main(int argc, char ** argv) { - len = atoi((char*) buf ); - if ( fread( buf, len, 1, ifp ) != 1 ) - pm_error( "bad colormap buf" ); -+ overflow2(cmaplen, 3); - if ( cmaplen * 3 != len ) - { - pm_message( -@@ -105,6 +106,7 @@ main(int argc, char ** argv) { - pm_error( "bad pixel data header" ); - buf[8] = '\0'; - len = atoi((char*) buf ); -+ overflow2(cols, rows); - if ( len != cols * rows ) - pm_message( - "pixel data length (%d) does not match image size (%d)", diff -up netpbm-10.58.01/converter/ppm/Makefile.security-code netpbm-10.58.01/converter/ppm/Makefile --- netpbm-10.58.01/converter/ppm/Makefile.security-code 2012-04-09 15:31:44.000000000 +0200 +++ netpbm-10.58.01/converter/ppm/Makefile 2012-04-09 15:40:03.202619802 +0200 @@ -399,25 +125,6 @@ diff -up netpbm-10.58.01/converter/ppm/Makefile.security-code netpbm-10.58.01/co ppmtoacad ppmtoapplevol ppmtoarbtxt ppmtoascii \ ppmtobmp ppmtoeyuv ppmtogif ppmtoicr ppmtoilbm \ ppmtoleaf ppmtolj ppmtomitsu ppmtoneo \ -diff -up netpbm-10.58.01/converter/ppm/pcxtoppm.c.security-code netpbm-10.58.01/converter/ppm/pcxtoppm.c ---- netpbm-10.58.01/converter/ppm/pcxtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 -+++ netpbm-10.58.01/converter/ppm/pcxtoppm.c 2012-04-09 15:40:03.203619789 +0200 -@@ -409,6 +409,7 @@ pcx_planes_to_pixels(pixels, bitplanes, - /* - * clear the pixel buffer - */ -+ overflow2(bytesperline, 8); - npixels = (bytesperline * 8) / bitsperpixel; - p = pixels; - while (--npixels >= 0) -@@ -470,6 +471,7 @@ pcx_16col_to_ppm(FILE * const ifP, - } - - /* BytesPerLine should be >= BitsPerPixel * cols / 8 */ -+ overflow2(BytesPerLine, 8); - rawcols = BytesPerLine * 8 / BitsPerPixel; - if (headerCols > rawcols) { - pm_message("warning - BytesPerLine = %d, " diff -up netpbm-10.58.01/converter/ppm/picttoppm.c.security-code netpbm-10.58.01/converter/ppm/picttoppm.c --- netpbm-10.58.01/converter/ppm/picttoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 +++ netpbm-10.58.01/converter/ppm/picttoppm.c 2012-04-09 15:40:03.205619763 +0200 @@ -457,19 +164,6 @@ diff -up netpbm-10.58.01/converter/ppm/ppmtoilbm.c.security-code netpbm-10.58.01 MALLOCARRAY_NOFAIL(compr_row, cols * 2); if( maxval != 15 ) { -diff -up netpbm-10.58.01/converter/ppm/ppmtolj.c.security-code netpbm-10.58.01/converter/ppm/ppmtolj.c ---- netpbm-10.58.01/converter/ppm/ppmtolj.c.security-code 2012-04-09 15:31:42.000000000 +0200 -+++ netpbm-10.58.01/converter/ppm/ppmtolj.c 2012-04-09 15:40:03.210619701 +0200 -@@ -181,7 +181,8 @@ int main(int argc, char *argv[]) { - - ppm_readppminit( ifp, &cols, &rows, &maxval, &format ); - pixelrow = ppm_allocrow( cols ); -- -+ -+ overflow2(cols, 6); - obuf = (unsigned char *) pm_allocrow(cols * 3, sizeof(unsigned char)); - cbuf = (unsigned char *) pm_allocrow(cols * 6, sizeof(unsigned char)); - if (mode == C_TRANS_MODE_DELTA) diff -up netpbm-10.58.01/converter/ppm/ppmtomitsu.c.security-code netpbm-10.58.01/converter/ppm/ppmtomitsu.c --- netpbm-10.58.01/converter/ppm/ppmtomitsu.c.security-code 2012-04-09 15:31:44.000000000 +0200 +++ netpbm-10.58.01/converter/ppm/ppmtomitsu.c 2012-04-09 15:40:03.210619702 +0200 @@ -651,37 +345,6 @@ diff -up netpbm-10.58.01/editor/pnmpad.c.security-code netpbm-10.58.01/editor/pn newcols = cols + lpad + rpad; if (PNM_FORMAT_TYPE(format) == PBM_TYPE) -diff -up netpbm-10.58.01/editor/pnmscalefixed.c.security-code netpbm-10.58.01/editor/pnmscalefixed.c ---- netpbm-10.58.01/editor/pnmscalefixed.c.security-code 2012-04-09 15:31:34.000000000 +0200 -+++ netpbm-10.58.01/editor/pnmscalefixed.c 2012-04-09 15:40:03.223619538 +0200 -@@ -214,6 +214,8 @@ compute_output_dimensions(const struct c - const int rows, const int cols, - int * newrowsP, int * newcolsP) { - -+ overflow2(rows, cols); -+ - if (cmdline.pixels) { - if (rows * cols <= cmdline.pixels) { - *newrowsP = rows; -@@ -265,6 +267,8 @@ compute_output_dimensions(const struct c - - if (*newcolsP < 1) *newcolsP = 1; - if (*newrowsP < 1) *newrowsP = 1; -+ -+ overflow2(*newcolsP, *newrowsP); - } - - -@@ -446,6 +450,9 @@ main(int argc, char **argv ) { - unfilled. We can address that by stretching, whereas the other - case would require throwing away some of the input. - */ -+ -+ overflow2(newcols, SCALE); -+ overflow2(newrows, SCALE); - sxscale = SCALE * newcols / cols; - syscale = SCALE * newrows / rows; - diff -up netpbm-10.58.01/editor/specialty/pamoil.c.security-code netpbm-10.58.01/editor/specialty/pamoil.c --- netpbm-10.58.01/editor/specialty/pamoil.c.security-code 2012-04-09 15:31:33.000000000 +0200 +++ netpbm-10.58.01/editor/specialty/pamoil.c 2012-04-09 15:40:03.224619526 +0200 diff --git a/srcpkgs/netpbm/template b/srcpkgs/netpbm/template index e054c0d500d..a1de657e0b5 100644 --- a/srcpkgs/netpbm/template +++ b/srcpkgs/netpbm/template @@ -1,9 +1,9 @@ # Template file for 'netpbm' pkgname=netpbm # from http://svn.code.sf.net/p/netpbm/code/advanced/doc/HISTORY -version=11.03.06 +version=11.04.02 revision=1 -_githash=d484f36f7c690d0a88476127afd9bdf90233699d +_githash=61afac2c302a560b737234a31366b708a532094c _githash_guide=851f8a113827e42ae618423fdab09cb0a67dc4e4 create_wrksrc=yes build_wrksrc="netpbm-mirror-${_githash}" @@ -16,7 +16,7 @@ license="BSD-3-Clause,GPL-2.0-only,custom:netpbm" homepage="http://netpbm.sourceforge.net/" distfiles="https://github.com/leahneukirchen/netpbm-mirror/archive/${_githash}.tar.gz https://github.com/leahneukirchen/netpbm-mirror/archive/${_githash_guide}.tar.gz" -checksum="a327b86390f1a7c7326269c30d089b69b68b32780d9eecfd8190231400a90f8f +checksum="adf76f5e2860f5cef42b5e26ee95cfd39519043522dbf1cb9e32667c3f7224e8 9f3715085275961adf1c131363f6c77dc2b4d76d43da99659e4eaeff8dc1ddba" post_extract() {