diff options
author | Mike Frysinger <vapier@gentoo.org> | 2004-11-01 02:39:08 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2004-11-01 02:39:08 +0000 |
commit | fbe7d0bf3d2461ae2570cb6a47eef621abb6a274 (patch) | |
tree | c912704ff93114b36eb9867b37c36042c431413a | |
parent | Restore changelog entries from when it was xfree-drm. (Manifest recommit) (diff) | |
download | gentoo-2-fbe7d0bf3d2461ae2570cb6a47eef621abb6a274.tar.gz gentoo-2-fbe7d0bf3d2461ae2570cb6a47eef621abb6a274.tar.bz2 gentoo-2-fbe7d0bf3d2461ae2570cb6a47eef621abb6a274.zip |
Backwards port png overflow fix from gd-2.x #69070.
-rw-r--r-- | media-libs/gd/ChangeLog | 6 | ||||
-rw-r--r-- | media-libs/gd/files/1.8.4-png-overflows.patch | 65 | ||||
-rw-r--r-- | media-libs/gd/gd-1.8.4-r2.ebuild | 5 |
3 files changed, 73 insertions, 3 deletions
diff --git a/media-libs/gd/ChangeLog b/media-libs/gd/ChangeLog index 62752149c0b4..a6608fea3059 100644 --- a/media-libs/gd/ChangeLog +++ b/media-libs/gd/ChangeLog @@ -1,6 +1,10 @@ # ChangeLog for media-libs/gd # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/gd/ChangeLog,v 1.12 2004/11/01 01:53:32 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/gd/ChangeLog,v 1.13 2004/11/01 02:39:08 vapier Exp $ + + 31 Oct 2004; Mike Frysinger <vapier@gentoo.org> + +files/1.8.4-png-overflows.patch, gd-1.8.4-r2.ebuild: + Backwards port png overflow fix from gd-2.x #69070. *gd-2.0.31 (31 Oct 2004) diff --git a/media-libs/gd/files/1.8.4-png-overflows.patch b/media-libs/gd/files/1.8.4-png-overflows.patch new file mode 100644 index 000000000000..365d6a76a731 --- /dev/null +++ b/media-libs/gd/files/1.8.4-png-overflows.patch @@ -0,0 +1,65 @@ +--- gd-1.8.4/gd_png.c 2001-02-06 14:44:02.000000000 -0500 ++++ gd-1.8.4/gd_png.c.new 2004-10-31 21:36:03.939822448 -0500 +@@ -11,6 +11,23 @@ + + #ifdef HAVE_LIBPNG + ++#include <limits.h> ++ ++int overflow2(int a, int b) ++{ ++ if(a < 0 || b < 0) { ++ fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n"); ++ return 1; ++ } ++ if(b == 0) ++ return 0; ++ if(a > INT_MAX / b) { ++ fprintf(stderr, "gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n"); ++ return 1; ++ } ++ return 0; ++} ++ + /*--------------------------------------------------------------------------- + + gd_png.c Copyright 1999 Greg Roelofs and Thomas Boutell +@@ -342,11 +359,20 @@ + + /* allocate space for the PNG image data */ + rowbytes = png_get_rowbytes(png_ptr, info_ptr); ++ if (overflow2(rowbytes, height)) { ++ png_destroy_read_struct (&png_ptr, &info_ptr, NULL); ++ return NULL; ++ } + if ((image_data = (png_bytep)gdMalloc(rowbytes*height)) == NULL) { + fprintf(stderr, "gd-png error: cannot allocate image data\n"); + png_destroy_read_struct(&png_ptr, &info_ptr, NULL); + return NULL; + } ++ if (overflow2(height, sizeof (png_bytep))) { ++ png_destroy_read_struct (&png_ptr, &info_ptr, NULL); ++ gdFree (image_data); ++ return NULL; ++ } + if ((row_pointers = (png_bytepp)gdMalloc(height*sizeof(png_bytep))) == NULL) { + fprintf(stderr, "gd-png error: cannot allocate row pointers\n"); + png_destroy_read_struct(&png_ptr, &info_ptr, NULL); +@@ -577,10 +603,17 @@ + * interlaced images, but interlacing causes some serious complications. */ + if (remap) { + png_bytep *row_pointers; ++ if (overflow2(sizeof (png_bytep), height)) { ++ return; ++ } + row_pointers = gdMalloc(sizeof(png_bytep) * height); + if (row_pointers == NULL) { + fprintf(stderr, "gd-png error: unable to allocate row_pointers\n"); + } ++ if (overflow2(width, height)) { ++ fprintf(stderr, "gd-png error: unable to allocate rows\n"); ++ return; ++ } + for (j = 0; j < height; ++j) { + if ((row_pointers[j] = (png_bytep)gdMalloc(width)) == NULL) { + fprintf(stderr, "gd-png error: unable to allocate rows\n"); diff --git a/media-libs/gd/gd-1.8.4-r2.ebuild b/media-libs/gd/gd-1.8.4-r2.ebuild index 61f2628b9928..bcd63dcd6f7a 100644 --- a/media-libs/gd/gd-1.8.4-r2.ebuild +++ b/media-libs/gd/gd-1.8.4-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/gd/gd-1.8.4-r2.ebuild,v 1.3 2004/10/31 11:07:35 hansmi Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/gd/gd-1.8.4-r2.ebuild,v 1.4 2004/11/01 02:39:08 vapier Exp $ inherit eutils toolchain-funcs @@ -10,7 +10,7 @@ SRC_URI="http://www.boutell.com/gd/http/${P}.tar.gz" LICENSE="|| ( as-is BSD )" SLOT="0" -KEYWORDS="x86 ppc sparc hppa amd64 alpha ia64" +KEYWORDS="alpha amd64 hppa ia64 ppc sparc x86" IUSE="X truetype freetype-version-1 jpeg" DEPEND="media-libs/libpng @@ -24,6 +24,7 @@ DEPEND="media-libs/libpng src_unpack() { unpack ${A} cd ${S} + epatch ${FILESDIR}/${PV}-png-overflows.patch local compopts local libsopts |