Update to Debian revision 15.

Contains a fix for buffer overflows in title handling of NIFF images.

Approved by:	jmz
Security:	CAN-2005-3178

x11/xloadimage/Makefile

@@ -6,7 +6,7 @@
 #
 
 VERSION=	4.1
-REVISION=	14.2
+REVISION=	15
 PORTREVISION=	0
 
 PORTNAME=	xloadimage
@@ -15,12 +15,15 @@ CATEGORIES=	x11 graphics
 MASTER_SITES=	ftp://ftp.x.org/R5contrib/
 DISTNAME=	${PORTNAME}.${VERSION}
 PATCH_SITES=	${MASTER_SITE_DEBIAN_POOL}
-PATCHFILES=	xloadimage_4.1-10.diff.gz
+PATCHFILES=	${PORTNAME}_${VERSION}-${REVISION}.diff.gz
 PATCH_DIST_STRIP= -p1
 
 MAINTAINER=	jmz@FreeBSD.org
 COMMENT=	X11 Image Loading Utility
 
+PATCH_STRIP=	-p1
+EXTRA_PATCHES=	${WRKSRC}/debian/patches/*.dpatch
+
 USE_XLIB=	yes
 LIB_DEPENDS=	jpeg.9:${PORTSDIR}/graphics/jpeg \
 		png.5:${PORTSDIR}/graphics/png \
@@ -35,7 +38,7 @@ MLINKS=		xloadimage.1 xsetbg.1 \
 		xloadimage.1 xview.1
 
 post-patch:
-	@chmod a+rx ${WRKSRC}/configure
+	@${CHMOD} a+rx ${WRKSRC}/configure
 	@cd ${WRKSRC}; ${MV} xloadimage.man xloadimage.man.old; \
 		${SED} -e s:/etc/X11/Xloadimage:${PREFIX}/etc/xloadimagerc: \
 		       -e s:/usr/lib/xloadimagerc:${PREFIX}/etc/xloadimagerc: \

x11/xloadimage/distinfo

@@ -1,4 +1,4 @@
 MD5 (xloadimage.4.1.tar.gz) = 7331850fc04056ab8ae6b5725d1fb3d2
 SIZE (xloadimage.4.1.tar.gz) = 596021
-MD5 (xloadimage_4.1-10.diff.gz) = deb1c1f1c93df1c86b24181ea2be5cbf
-SIZE (xloadimage_4.1-10.diff.gz) = 48968
+MD5 (xloadimage_4.1-15.diff.gz) = 546f446c617456d1a0187be57fe09ec6
+SIZE (xloadimage_4.1-15.diff.gz) = 67508

x11/xloadimage/files/patch-4.1.14.2

@@ -1,92 +0,0 @@
---- new.c.orig	Sun Aug 28 23:41:17 2005
-+++ new.c	Sun Aug 28 23:44:11 2005
-@@ -67,6 +67,18 @@
- }
- 
- 
-+static unsigned int ovmul(unsigned int a, unsigned int b)
-+{
-+  unsigned int r;
-+
-+  r = a * b;
-+  if (r / a != b) {
-+    memoryExhausted();
-+  }
-+
-+  return r;
-+}
-+
- void goodImage(image, func)
-      Image *image;
-      char  *func;
-@@ -132,7 +144,7 @@
-   image->height= height;
-   image->depth= 1;
-   linelen= (width / 8) + (width % 8 ? 1 : 0); /* thanx johnh@amcc.com */
--  image->data= (unsigned char *)lcalloc(linelen * height);
-+  image->data= (unsigned char *)lcalloc(ovmul(linelen, height));
-   return(image);
- }
- 
-@@ -153,7 +165,7 @@
-   image->height= height;
-   image->depth= depth;
-   image->pixlen= pixlen;
--  image->data= (unsigned char *)lmalloc(width * height * pixlen);
-+  image->data= (unsigned char *)lmalloc(ovmul(ovmul(width, height), pixlen));
-   return(image);
- }
- 
-@@ -169,6 +181,7 @@
-   image->height= height;
-   image->depth= 24;
-   image->pixlen= 3;
-+  image->data= (unsigned char *)lmalloc(ovmul(ovmul(width, height), 3));
-   image->data= (unsigned char *)lmalloc(width * height * 3);
-   return(image);
- }
---- ./zio.c~	Sun Aug 28 23:07:13 2005
-+++ ./zio.c	Sun Jun  5 22:59:23 2005
-@@ -143,7 +143,7 @@
-      char *name;
- { int    a;
-   ZFILE *zf;
--  char   buf[BUFSIZ];
-+  char *buf, *s, *t;
-   struct filter *filter;
- 
-   debug(("zopen(\"%s\") called\n", name));
-@@ -211,9 +211,30 @@
-     if ((strlen(name) > strlen(filter->extension)) &&
- 	!strcmp(filter->extension,
- 		name + (strlen(name) - strlen(filter->extension)))) {
--      debug(("Filtering image through '%s'\n", filter->filter));
--      zf->type= ZPIPE;
--      sprintf(buf, "%s %s", filter->filter, name);
-+            char *fname, *t, *s;
-+            
-+            /* meta-char protection from xli.
-+             *
-+             * protect in single quotes, replacing single quotes
-+             * with '"'"', so worst-case expansion is 5x
-+             */
-+            
-+            s = fname = (char *) lmalloc(1 + (5 * strlen(name)) + 1 + 1);
-+			*s++ = '\'';
-+            for (t = name; *t; ++t) {
-+                if ('\'' == *t) {
-+					/* 'foo'bar' -> 'foo'"'"'bar' */
-+                    strcpy(s, "'\"'\"'");
-+					s += strlen(s);
-+                } else {
-+                    *s++ = *t;
-+                }
-+            }
-+            strcpy (s, "'");
-+            debug(("Filtering image through '%s'\n", filter->filter));
-+            zf->type= ZPIPE;
-+            sprintf(buf, "%s %s", filter->filter, fname);
-+            lfree (fname);
-       if (! (zf->stream= popen(buf, "r"))) {
- 	lfree((byte *)zf->filename);
- 	zf->filename= NULL;

x11/xloadimage/files/patch-Makefile.in

@@ -1,5 +1,5 @@
---- Makefile.in.orig	Tue Jul 10 23:53:36 2001
-+++ Makefile.in	Wed Jul 11 12:28:36 2001
+--- ./Makefile.in.orig	Tue Jul 10 23:53:36 2001
++++ ./Makefile.in	Wed Jul 11 12:28:36 2001
 @@ -2,9 +2,10 @@
  # Makefile for autoconf tutorial
  #

x11/xloadimage/files/patch-rlelib.c

@@ -1,10 +0,0 @@
---- rlelib.c.base	Wed Oct 22 17:20:09 2003
-+++ rlelib.c	Wed Oct 22 17:18:30 2003
-@@ -12,7 +12,6 @@
- 
- #include <stdio.h>
- #include <math.h>
--#include <varargs.h>
- #include <ctype.h>
- 
- #include "image.h"		/* need ZFILE definition */

x11/xloadimage/files/patch-tile

@@ -1,31 +0,0 @@
---- merge.c~	Thu Oct 21 22:28:39 1993
-+++ merge.c	Mon Jun 18 02:23:58 2001
-@@ -244,6 +244,7 @@
-      int x, y;
-      unsigned int width, height, verbose;
- { Image *base, *tmp;
-+  int nx, ny;
- 
-   if (verbose) {
-     printf("  Tiling...");
-@@ -259,16 +260,14 @@
-   else
-     base = newTrueImage(width, height);
- 
--  while (x < base->width) {
--    while(y < base->height) {
--      tmp = merge(base, image, x, y, 0);
-+  for (nx = x; nx < base->width; nx += image->width) {
-+    for(ny = y; ny < base->height; ny += image->height) {
-+      tmp = merge(base, image, nx, ny, 0);
-       if (tmp != base) {
- 	freeImage(base);
- 	base = tmp;
-       }
--      y += image->width;
-     }
--    x += image->width;
-   }
-   printf("done.\n");
-   return(base);
-