Fixed denial of service (infinite loop) via a BMP image, bug #201887.

Fixed bug which prevented imlib to render images is MIT-SHM when the MIT-SHM extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for report Antti Mäkelä <zarhan AT cs.tut.fi>. Homepage changed. No website is available for this old library, so pointing to sources location. Package-Manager: portage-2.1.3.19
author: Peter Volkov <pva@gentoo.org> 2007-12-10 20:14:28 +0000
committer: Peter Volkov <pva@gentoo.org> 2007-12-10 20:14:28 +0000
commit: 3eb830523e7086c562a82244e82f23157e41173a (patch)
tree: ecb2fa5890f10717a291eb5009d30319edace5da /media-libs/imlib
parent: Add patch fixing news test. (diff)
download: historical-3eb830523e7086c562a82244e82f23157e41173a.tar.gz
historical-3eb830523e7086c562a82244e82f23157e41173a.tar.bz2
historical-3eb830523e7086c562a82244e82f23157e41173a.zip
6 files changed, 213 insertions, 5 deletions
diff --git a/media-libs/imlib/ChangeLog b/media-libs/imlib/ChangeLog
index 5da421f9d4f2..20ac825a3b50 100644
--- a/media-libs/imlib/ChangeLog
+++ b/media-libs/imlib/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for media-libs/imlib
 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/ChangeLog,v 1.57 2007/09/23 14:18:20 drac Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/ChangeLog,v 1.58 2007/12/10 20:14:24 pva Exp $
+
+*imlib-1.9.15-r2 (10 Dec 2007)
+
+  10 Dec 2007; <pva@gentoo.org>
+  +files/imlib-1.9.15-bpp16-CVE-2007-3568.patch,
+  +files/imlib-1.9.15-fix-rendering.patch, +imlib-1.9.15-r2.ebuild:
+  Fixed denial of service (infinite loop) via a BMP image, bug #201887. Fixed
+  bug which prevented imlib to render images is MIT-SHM when the MIT-SHM
+  extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for
+  report Antti Mäkelä <zarhan AT cs.tut.fi>. Homepage changed. No website is
+  available for this old library, so pointing to sources location.
 
   23 Sep 2007; Samuli Suominen <drac@gentoo.org> imlib-1.9.15-r1.ebuild:
   Fix modular X deps wrt #192733.
diff --git a/media-libs/imlib/Manifest b/media-libs/imlib/Manifest
index a3a87847c807..91861cc219f4 100644
--- a/media-libs/imlib/Manifest
+++ b/media-libs/imlib/Manifest
@@ -1,3 +1,11 @@
+AUX imlib-1.9.15-bpp16-CVE-2007-3568.patch 457 RMD160 7892bce6d9375befc0a322dd5870f10e5d41ceb5 SHA1 c3977dcb4d95ffab5cadb68bb3e3c7693c1e8be3 SHA256 f0097c1db200b19a3e8f06d85765dd8b8f757dd0bc6fd9bafa0c31cd9c14d8ec
+MD5 29267df943b838a0f556cce1557ca3c0 files/imlib-1.9.15-bpp16-CVE-2007-3568.patch 457
+RMD160 7892bce6d9375befc0a322dd5870f10e5d41ceb5 files/imlib-1.9.15-bpp16-CVE-2007-3568.patch 457
+SHA256 f0097c1db200b19a3e8f06d85765dd8b8f757dd0bc6fd9bafa0c31cd9c14d8ec files/imlib-1.9.15-bpp16-CVE-2007-3568.patch 457
+AUX imlib-1.9.15-fix-rendering.patch 3263 RMD160 2ec2c9bb864d64b588d3b786e9b256f4d3788436 SHA1 3b8cb97fd6918bddc70b78fc04e5a7b4a5395c0e SHA256 7f5f8967ec52658e776a0a60a3a3c93d367ccf877d92569a9313e78bbd510604
+MD5 5212233a3d01640fbf4feb57a6918e6e files/imlib-1.9.15-fix-rendering.patch 3263
+RMD160 2ec2c9bb864d64b588d3b786e9b256f4d3788436 files/imlib-1.9.15-fix-rendering.patch 3263
+SHA256 7f5f8967ec52658e776a0a60a3a3c93d367ccf877d92569a9313e78bbd510604 files/imlib-1.9.15-fix-rendering.patch 3263
 AUX imlib-1.9.15.patch 2253 RMD160 beb86753cc2024a9eb671acdc3886b7a5692b526 SHA1 29fb949680e5b2d95392b4c5efd1fdfa21f2df3d SHA256 43dd12dae7913475f968f35a4fa4b1ef4670451e58c712cbd6e5460f20fc9197
 MD5 8328ba4002a30764a848de8b9b70f158 files/imlib-1.9.15.patch 2253
 RMD160 beb86753cc2024a9eb671acdc3886b7a5692b526 files/imlib-1.9.15.patch 2253
@@ -11,10 +19,14 @@ EBUILD imlib-1.9.15-r1.ebuild 1371 RMD160 3b5fe868af1ab3b2153b7446bf5a04db278376
 MD5 666d72fd3d2a7e17777e64237fa436a4 imlib-1.9.15-r1.ebuild 1371
 RMD160 3b5fe868af1ab3b2153b7446bf5a04db278376d7 imlib-1.9.15-r1.ebuild 1371
 SHA256 54eeffd491c99b53e6d4a75990ddbb75e4a3999e9db71c432a0821cb5e7f885b imlib-1.9.15-r1.ebuild 1371
-MISC ChangeLog 7584 RMD160 749763f7bc5db05a41b20b50daa253af58dab5bf SHA1 1eb67d67c129b9ac67fa5438fcde002b88ecd152 SHA256 5baf0f12ef8e19bab1d3ea3a2bcd55bead3c86ff4ed3fb8ba782ec48d1d6006c
-MD5 a0c2042b792d262b042082997ddd1856 ChangeLog 7584
-RMD160 749763f7bc5db05a41b20b50daa253af58dab5bf ChangeLog 7584
-SHA256 5baf0f12ef8e19bab1d3ea3a2bcd55bead3c86ff4ed3fb8ba782ec48d1d6006c ChangeLog 7584
+EBUILD imlib-1.9.15-r2.ebuild 1530 RMD160 d0e349f9877804dd492cd5b45a44adceee940be8 SHA1 98513d0f71e9d0ce304016f61b468493926ceee1 SHA256 0131bc547bae248e1bec3c54b611be508a7a1495feb92b1be1d328c987f52260
+MD5 1a1bae2531b86c7cb487d5ced293fa27 imlib-1.9.15-r2.ebuild 1530
+RMD160 d0e349f9877804dd492cd5b45a44adceee940be8 imlib-1.9.15-r2.ebuild 1530
+SHA256 0131bc547bae248e1bec3c54b611be508a7a1495feb92b1be1d328c987f52260 imlib-1.9.15-r2.ebuild 1530
+MISC ChangeLog 8141 RMD160 67a3d3df7c34c31cf7e8ac30900b549bd9a3d3b2 SHA1 8583aae288e89a43ed52160bea6276f6f0cd67d9 SHA256 48a1cb003f79b70c96f814e675698a08a433d791b0fbdd2f703973bd12275d56
+MD5 04c9692d70d4afdf6f717282150065bf ChangeLog 8141
+RMD160 67a3d3df7c34c31cf7e8ac30900b549bd9a3d3b2 ChangeLog 8141
+SHA256 48a1cb003f79b70c96f814e675698a08a433d791b0fbdd2f703973bd12275d56 ChangeLog 8141
 MISC metadata.xml 166 RMD160 7b80226659bf40e97050b1ffce1858d5f20b3c60 SHA1 e6c6436c304a65b4a012a5b7be7ee264b228a645 SHA256 8e7de0a7f7c15840474de373a3ce36adcc5dd658b2e4d18366fcb63b964a0826
 MD5 cdb11033a3fa6525334cecf938961c07 metadata.xml 166
 RMD160 7b80226659bf40e97050b1ffce1858d5f20b3c60 metadata.xml 166
@@ -22,3 +34,6 @@ SHA256 8e7de0a7f7c15840474de373a3ce36adcc5dd658b2e4d18366fcb63b964a0826 metadata
 MD5 3ca74ed1d09e760b3ba65e3ea3f0c88d files/digest-imlib-1.9.15-r1 241
 RMD160 039218e55a8fed0fb8c45920058885c1d84c22df files/digest-imlib-1.9.15-r1 241
 SHA256 79835fd763b99e818f64104e0bf5f475c9dc57a629506db65b9694b4eec1c997 files/digest-imlib-1.9.15-r1 241
+MD5 3ca74ed1d09e760b3ba65e3ea3f0c88d files/digest-imlib-1.9.15-r2 241
+RMD160 039218e55a8fed0fb8c45920058885c1d84c22df files/digest-imlib-1.9.15-r2 241
+SHA256 79835fd763b99e818f64104e0bf5f475c9dc57a629506db65b9694b4eec1c997 files/digest-imlib-1.9.15-r2 241
diff --git a/media-libs/imlib/files/digest-imlib-1.9.15-r2 b/media-libs/imlib/files/digest-imlib-1.9.15-r2
new file mode 100644
index 000000000000..52c816f8266d
--- /dev/null
+++ b/media-libs/imlib/files/digest-imlib-1.9.15-r2
@@ -0,0 +1,3 @@
+MD5 7db987e6c52e4daf70d7d0f471238eae imlib-1.9.15.tar.bz2 683242
+RMD160 195b80833167134ba2d9a9574d420279f9cf55f4 imlib-1.9.15.tar.bz2 683242
+SHA256 4e6a270308a9ae16586bfc133c1a3dfb2e56f431edb66aaa3a80e36e5ed84ce0 imlib-1.9.15.tar.bz2 683242
diff --git a/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch b/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch
new file mode 100644
index 000000000000..94595ffdf55a
--- /dev/null
+++ b/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch
@@ -0,0 +1,11 @@
+--- Imlib/load.c.orig	2007-08-13 23:06:20.000000000 -0300
++++ Imlib/load.c	2007-08-13 23:06:51.000000000 -0300
+@@ -645,7 +645,7 @@
+   planes = (int)word;
+   fread(&word, 2, 1, file);
+   bpp = (int)word;
+-  if (bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32)
++  if (bpp != 1 && bpp != 4 && bpp != 8 && bpp != 16 && bpp != 24 && bpp != 32)
+     {
+       fprintf(stderr, "IMLIB ERROR: unknown bitdepth in file\n");
+       return NULL;
diff --git a/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch b/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch
new file mode 100644
index 000000000000..6212ed31428e
--- /dev/null
+++ b/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch
@@ -0,0 +1,105 @@
+Michel Dänzer <daenzer AT debian.org>
+
+* The boolean value returned via the last parameter to XShmQueryVersion()
+  isn't honoured everywhere.
+* The init functions that take parameters allow the caller to enable shared
+  pixmaps when they aren't supported (or disabled by configuration files).
+
+
+These result in incorrect rendering when the MIT-SHM extension doesn't support
+shared pixmaps, e.g. using EXA with current versions of Xorg.
+
+http://bugs.gentoo.org/show_bug.cgi?id=197489
+
+diff -up -ru imlib-1.9.15.orig/gdk_imlib/misc.c imlib-1.9.15/gdk_imlib/misc.c
+--- imlib-1.9.15.orig/gdk_imlib/misc.c	2002-03-04 18:06:32.000000000 +0100
++++ imlib-1.9.15/gdk_imlib/misc.c	2007-10-28 14:00:04.000000000 +0100
+@@ -674,6 +674,10 @@ gdk_imlib_init_params(GdkImlibInitParams
+   visual = gdk_rgb_get_visual();
+   id->x.visual = GDK_VISUAL_XVISUAL(visual);	/* the visual type */
+   id->x.depth = visual->depth;	/* the depth of the screen in bpp */
++
++  id->x.shm = 0;
++  id->x.shmp = 0;
++  id->max_shm = 0;
+ #ifdef HAVE_SHM
+   if (XShmQueryExtension(id->x.disp))
+     {
+@@ -689,17 +693,14 @@ gdk_imlib_init_params(GdkImlibInitParams
+ 	      id->x.last_xim = NULL;
+ 	      id->x.last_sxim = NULL;
+ 	      id->max_shm = 0x7fffffff;
+-	      if (XShmPixmapFormat(id->x.disp) == ZPixmap)
++	      if ((XShmPixmapFormat(id->x.disp) == ZPixmap) &&
++		  (pm == True))
+ 		id->x.shmp = 1;
+ 	    }
+ 	}
+     }
+-  else
+ #endif
+-    {
+-      id->x.shm = 0;
+-      id->x.shmp = 0;
+-    }
++
+   id->cache.on_image = 0;
+   id->cache.size_image = 0;
+   id->cache.num_image = 0;
+@@ -935,8 +936,8 @@ gdk_imlib_init_params(GdkImlibInitParams
+ 	}
+       if (p->flags & PARAMS_SHAREDPIXMAPS)
+ 	{
+-	  if (id->x.shm)
+-	    id->x.shmp = p->sharedpixmaps;
++	  if (!p->sharedpixmaps)
++	    id->x.shmp = 0;
+ 	}
+       if (p->flags & PARAMS_PALETTEOVERRIDE)
+ 	override = p->paletteoverride;
+diff -up -ru imlib-1.9.15.orig/Imlib/misc.c imlib-1.9.15/Imlib/misc.c
+--- imlib-1.9.15.orig/Imlib/misc.c	2004-09-21 02:22:59.000000000 +0200
++++ imlib-1.9.15/Imlib/misc.c	2007-10-28 14:00:23.000000000 +0100
+@@ -675,6 +675,10 @@ Imlib_init_with_params(Display * disp, I
+   id->x.root = DefaultRootWindow(disp);		/* the root window id */
+   id->x.visual = DefaultVisual(disp, id->x.screen);	/* the visual type */
+   id->x.depth = DefaultDepth(disp, id->x.screen);	/* the depth of the screen in bpp */
++
++  id->x.shm = 0;
++  id->x.shmp = 0;
++  id->max_shm = 0;
+ #ifdef HAVE_SHM
+   if (XShmQueryExtension(id->x.disp))
+     {
+@@ -690,17 +694,14 @@ Imlib_init_with_params(Display * disp, I
+ 	      id->x.last_xim = NULL;
+ 	      id->x.last_sxim = NULL;
+ 	      id->max_shm = 0x7fffffff;
+-	      if (XShmPixmapFormat(id->x.disp) == ZPixmap)
++	      if ((XShmPixmapFormat(id->x.disp) == ZPixmap &&
++		   (pm == True)))
+ 		id->x.shmp = 1;
+ 	    }
+ 	}
+     }
+-  else
+ #endif
+-    {
+-      id->x.shm = 0;
+-      id->x.shmp = 0;
+-    }
++
+   id->cache.on_image = 0;
+   id->cache.size_image = 0;
+   id->cache.num_image = 0;
+@@ -952,8 +953,8 @@ Imlib_init_with_params(Display * disp, I
+ 	}
+       if (p->flags & PARAMS_SHAREDPIXMAPS)
+ 	{
+-	  if (id->x.shm)
+-	    id->x.shmp = p->sharedpixmaps;
++	  if (!p->sharedpixmaps)
++	    id->x.shmp = 0;
+ 	}
+       if (p->flags & PARAMS_PALETTEOVERRIDE)
+ 	override = p->paletteoverride;
diff --git a/media-libs/imlib/imlib-1.9.15-r2.ebuild b/media-libs/imlib/imlib-1.9.15-r2.ebuild
new file mode 100644
index 000000000000..91d40a11760e
--- /dev/null
+++ b/media-libs/imlib/imlib-1.9.15-r2.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/imlib-1.9.15-r2.ebuild,v 1.1 2007/12/10 20:14:24 pva Exp $
+
+inherit autotools eutils gnome.org
+
+DESCRIPTION="Image loading and rendering library"
+HOMEPAGE="http://ftp.acc.umu.se/pub/GNOME/sources/imlib/1.9/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="doc gtk"
+
+RDEPEND="gtk? ( =x11-libs/gtk+-1.2* )
+	>=media-libs/tiff-3.5.5
+	>=media-libs/giflib-4.1.0
+	>=media-libs/libpng-1.2.1
+	>=media-libs/jpeg-6b
+	x11-libs/libICE
+	x11-libs/libSM
+	x11-libs/libXext"
+DEPEND="${RDEPEND}"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	# Fix aclocal underquoted definition warnings.
+	# Conditionalize gdk functions for bug 40453.
+	# Fix imlib-config for bug 3425.
+	epatch "${FILESDIR}"/${P}.patch
+
+	# Fix security bug 72681.
+	epatch "${FILESDIR}"/${PN}-security.patch
+
+	# Fixes security bug #201887
+	epatch "${FILESDIR}"/${P}-bpp16-CVE-2007-3568.patch
+
+	# Fixes #197489
+	epatch "${FILESDIR}"/${P}-fix-rendering.patch
+
+	eautoconf
+	_elibtoolize
+}
+
+src_compile() {
+	econf --sysconfdir=/etc/imlib \
+		$(use_enable gtk gdk) \
+		$(use_enable gtk gtktest)
+
+	emake || die "emake failed."
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed."
+
+	dodoc AUTHORS ChangeLog README
+	use doc && dohtml doc/*
+
+	# Hack to avoid installing pkgconfig file.
+	use gtk || rm "${D}"/usr/lib*/pkgconfig/imlibgdk.pc
+}
author	Peter Volkov <pva@gentoo.org>	2007-12-10 20:14:28 +0000
committer	Peter Volkov <pva@gentoo.org>	2007-12-10 20:14:28 +0000
commit	3eb830523e7086c562a82244e82f23157e41173a (patch)
tree	ecb2fa5890f10717a291eb5009d30319edace5da /media-libs/imlib
parent	Add patch fixing news test. (diff)
download	historical-3eb830523e7086c562a82244e82f23157e41173a.tar.gz historical-3eb830523e7086c562a82244e82f23157e41173a.tar.bz2 historical-3eb830523e7086c562a82244e82f23157e41173a.zip