security bump, markx86

6 files changed, 180 insertions, 1 deletions

diff --git a/media-libs/gdk-pixbuf/ChangeLog b/media-libs/gdk-pixbuf/ChangeLog
index a04c7e354c67..3db8cf8ac66f 100644
--- a/media-libs/gdk-pixbuf/ChangeLog
+++ b/media-libs/gdk-pixbuf/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for media-libs/gdk-pixbuf
 # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/gdk-pixbuf/ChangeLog,v 1.34 2004/08/19 02:39:17 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/gdk-pixbuf/ChangeLog,v 1.35 2004/09/19 23:01:25 foser Exp $
+
+*gdk-pixbuf-0.22.0-r3 (20 Sep 2004)
+
+  20 Sep 2004; foser <foser@gentoo.org> gdk-pixbuf-0.22.0.ebuild :
+  Add security fixes (#64230)
 
   18 Aug 2004; Aron Griffis <agriffis@gentoo.org> gdk-pixbuf-0.22.0-r2.ebuild:
   stable on alpha
diff --git a/media-libs/gdk-pixbuf/Manifest b/media-libs/gdk-pixbuf/Manifest
index 8a49180d3a1d..d6439b39c822 100644
--- a/media-libs/gdk-pixbuf/Manifest
+++ b/media-libs/gdk-pixbuf/Manifest
@@ -1,6 +1,10 @@
 MD5 0908d1ade8b50eb6da05dff71482b7ca gdk-pixbuf-0.22.0-r2.ebuild 1502
 MD5 18aa044e5155ebc7a6cd0e32c86c5de1 gdk-pixbuf-0.22.0.ebuild 1306
+MD5 b4e23ee0cefcab6c7380e86a27800aa7 gdk-pixbuf-0.22.0-r3.ebuild 1659
 MD5 5eeed946472b51a049c3c3f529d9acdd ChangeLog 5150
 MD5 03ad2e6c4ab41244af1015a8bbb0b39f metadata.xml 158
+MD5 5f59d5772b1482d885a180dbc581cf84 files/gdk-pixbuf-0.22.0-bmp_secure.patch 557
 MD5 7cb705de10c34e6b633af2ff2912e908 files/digest-gdk-pixbuf-0.22.0-r2 70
+MD5 7cb705de10c34e6b633af2ff2912e908 files/digest-gdk-pixbuf-0.22.0-r3 70
+MD5 6311cee2e3fa5106adf17758b5dab6c6 files/gdk-pixbuf-0.22.0-loaders.patch 2307
 MD5 7cb705de10c34e6b633af2ff2912e908 files/digest-gdk-pixbuf-0.22.0 70
diff --git a/media-libs/gdk-pixbuf/files/digest-gdk-pixbuf-0.22.0-r3 b/media-libs/gdk-pixbuf/files/digest-gdk-pixbuf-0.22.0-r3
new file mode 100644
index 000000000000..ce45f33770cf
--- /dev/null
+++ b/media-libs/gdk-pixbuf/files/digest-gdk-pixbuf-0.22.0-r3
@@ -0,0 +1 @@
+MD5 05fcb68ceaa338614ab650c775efc2f2 gdk-pixbuf-0.22.0.tar.bz2 398208
diff --git a/media-libs/gdk-pixbuf/files/gdk-pixbuf-0.22.0-bmp_secure.patch b/media-libs/gdk-pixbuf/files/gdk-pixbuf-0.22.0-bmp_secure.patch
new file mode 100644
index 000000000000..29471f1477ec
--- /dev/null
+++ b/media-libs/gdk-pixbuf/files/gdk-pixbuf-0.22.0-bmp_secure.patch
@@ -0,0 +1,19 @@
+Index: io-bmp.c
+===================================================================
+RCS file: /cvs/gnome/gtk+/gdk-pixbuf/io-bmp.c,v
+retrieving revision 1.41
+diff -u -p -r1.41 io-bmp.c
+--- gdk-pixbuf/io-bmp.c	13 Aug 2004 02:26:57 -0000	1.41
++++ gdk-pixbuf/io-bmp.c	20 Aug 2004 00:18:14 -0000
+@@ -876,8 +876,10 @@ DoCompressed(struct bmp_progressive_stat
+ 	guchar c;
+ 	gint idx;
+ 
+-	if (context->compr.y >= context->Header.height)
++	if (context->compr.y >= context->Header.height) {
++		context->BufferDone = 0;
+ 		return TRUE;
++	}
+ 
+ 	y = context->compr.y;
+ 
diff --git a/media-libs/gdk-pixbuf/files/gdk-pixbuf-0.22.0-loaders.patch b/media-libs/gdk-pixbuf/files/gdk-pixbuf-0.22.0-loaders.patch
new file mode 100644
index 000000000000..9fbe93f59bef
--- /dev/null
+++ b/media-libs/gdk-pixbuf/files/gdk-pixbuf-0.22.0-loaders.patch
@@ -0,0 +1,83 @@
+--- gdk-pixbuf-0.22.0/gdk-pixbuf/io-ico.c.loaders	2004-09-15 13:32:28.397302000 -0400
++++ gdk-pixbuf-0.22.0/gdk-pixbuf/io-ico.c	2004-09-15 13:32:28.441258000 -0400
+@@ -330,6 +330,9 @@
+ 
+ 	State->HeaderSize+=I;
+ 
++ 	if (State->HeaderSize < 0)
++ 		return FALSE;
++ 
+  	if (State->HeaderSize>State->BytesInHeaderBuf) {
+ 		guchar *tmp=realloc(State->HeaderBuf,State->HeaderSize);
+ 		if (!tmp)
+--- gdk-pixbuf-0.22.0/gdk-pixbuf/io-xpm.c.loaders	2001-03-01 15:16:28.000000000 -0500
++++ gdk-pixbuf-0.22.0/gdk-pixbuf/io-xpm.c	2004-09-15 13:41:09.804373000 -0400
+@@ -243,8 +243,8 @@
+ 			break;
+ 		else {
+ 			if (numnames > 0) {
+-				space -= 1;
+-				strcat (color, " ");
++				strncat (color, " ", space);
++				space -= MIN (space, 1);
+ 			}
+ 
+ 			strncat (color, temp, space);
+@@ -352,16 +352,31 @@
+ 		return NULL;
+ 	}
+ 	sscanf (buffer, "%d %d %d %d", &w, &h, &n_col, &cpp);
+-	if (cpp >= 32) {
+-		g_warning ("XPM has more than 31 chars per pixel.");
++	if (cpp <= 0 || cpp >= 32) {
++		g_warning ("XPM has invalid number of chars per pixel.");
+ 		return NULL;
+ 	}
++ 	if (n_col <= 0 || n_col >= G_MAXINT / (cpp + 1)) {
++		g_warning ("XPM file has invalid number of colors");
++  		return NULL;
++  	}
+ 
+ 	/* The hash is used for fast lookups of color from chars */
+ 	color_hash = g_hash_table_new (g_str_hash, g_str_equal);
+ 
+-	name_buf = g_new (gchar, n_col * (cpp + 1));
+-	colors = g_new (_XPMColor, n_col);
++ 	name_buf = malloc (n_col * (cpp + 1));
++ 	if (!name_buf) {
++		g_warning ("Cannot allocate memory for loading XPM image");
++ 		g_hash_table_destroy (color_hash);
++ 		return NULL;
++ 	}
++ 	colors = (_XPMColor *) malloc (sizeof (_XPMColor) * n_col);
++ 	if (!colors) {
++		g_warning ("Cannot allocate memory for loading XPM image");
++ 		g_hash_table_destroy (color_hash);
++ 		free (name_buf);
++ 		return NULL;
++ 	}
+ 
+ 	for (cnt = 0; cnt < n_col; cnt++) {
+ 		gchar *color_name;
+@@ -404,8 +419,8 @@
+ 
+ 	if (!pixels) {
+ 		g_hash_table_destroy (color_hash);
+-		g_free (colors);
+-		g_free (name_buf);
++		free (colors);
++		free (name_buf);
+ 		return NULL;
+ 	}
+ 
+@@ -440,8 +455,8 @@
+ 	}
+ 
+ 	g_hash_table_destroy (color_hash);
+-	g_free (colors);
+-	g_free (name_buf);
++	free (colors);
++	free (name_buf);
+ 
+ 	return gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, is_trans, 8,
+ 					 w, h, is_trans ? (w * 4) : (w * 3),
diff --git a/media-libs/gdk-pixbuf/gdk-pixbuf-0.22.0-r3.ebuild b/media-libs/gdk-pixbuf/gdk-pixbuf-0.22.0-r3.ebuild
new file mode 100644
index 000000000000..05aec2796aaa
--- /dev/null
+++ b/media-libs/gdk-pixbuf/gdk-pixbuf-0.22.0-r3.ebuild
@@ -0,0 +1,67 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/gdk-pixbuf/gdk-pixbuf-0.22.0-r3.ebuild,v 1.1 2004/09/19 23:01:26 foser Exp $
+
+inherit virtualx libtool gnome.org gnuconfig eutils
+
+IUSE="doc mmx"
+DESCRIPTION="GNOME Image Library"
+HOMEPAGE="http://www.gtk.org/"
+
+RDEPEND="media-libs/jpeg
+	media-libs/tiff
+	=x11-libs/gtk+-1.2*
+	>=media-libs/libpng-1.2.1
+	amd64? ( sys-libs/db )
+	!amd64? ( <sys-libs/db-2 )
+	>=gnome-base/gnome-libs-1.4.1.2-r1"
+# We need gnome-libs here, else gnome support do not get compiled into
+# gdk-pixbuf (the GnomeCanvasPixbuf library )
+
+DEPEND="${RDEPEND}
+	doc? ( dev-util/gtk-doc )"
+
+SLOT="0"
+LICENSE="GPL-2 LGPL-2"
+KEYWORDS="x86 ~ppc ~sparc ~alpha ~hppa ~amd64 ~ia64 ~mips ~ppc64"
+
+src_unpack() {
+
+	unpack ${A}
+
+	cd ${S}
+	# security fix (#64230)
+	epatch ${FILESDIR}/${P}-bmp_secure.patch
+	epatch ${FILESDIR}/${P}-loaders.patch
+
+}
+
+src_compile() {
+	#allow to build on mipslinux systems
+	gnuconfig_update
+
+	local myconf
+	#update libtool, else we get the "relink bug"
+	elibtoolize
+
+	use doc && myconf="--enable-gtk-doc" \
+		|| myconf="--disable-gtk-doc"
+	use mmx || myconf="${myconf} --disable-mmx"
+	econf --sysconfdir=/etc/X11/gdk-pixbuf ${myconf}  || die
+
+	#build needs to be able to
+	#connect to an X display.
+	Xemake || die
+}
+
+src_install() {
+	einstall \
+		sysconfdir=${D}/etc/X11/gdk-pixbuf || die
+
+	dosed -e "s:${D}::g" /usr/bin/gdk-pixbuf-config
+	#fix permissions on the loaders
+	chmod a+rx ${D}/usr/lib/gdk-pixbuf/loaders
+	chmod a+r ${D}/usr/lib/gdk-pixbuf/loaders/*
+
+	dodoc AUTHORS COPYING* ChangeLog INSTALL README NEWS TODO
+}