kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Security fix:

Browse source 
"A vulnerability in libTIFF was found, it can be potentially exploited by
 malicious people to compromise a vulnerable system."

http://secunia.com/advisories/15320/
http://bugzilla.remotesensing.org/show_bug.cgi?id=843

Bump PKGREVISION, patch from libtiff cvs repository.
This commit is contained in:
salo 2005-05-12 12:53:21 +00:00
parent 52e308149c
commit 074a2c4935
4 changed files with 70 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
graphics/tiff/Makefile
View file

@ -1,6 +1,7 @@
# $NetBSD: Makefile,v 1.68 2005/04/11 21:46:09 tv Exp $
# $NetBSD: Makefile,v 1.69 2005/05/12 12:53:21 salo Exp $
DISTNAME= tiff-3.7.2
PKGREVISION= 1
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \
http://libtiff.maptools.org/dl/

4
graphics/tiff/buildlink3.mk
View file

@ -1,4 +1,4 @@
# $NetBSD: buildlink3.mk,v 1.11 2005/01/11 05:29:55 jlam Exp $
# $NetBSD: buildlink3.mk,v 1.12 2005/05/12 12:53:21 salo Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
TIFF_BUILDLINK3_MK:= ${TIFF_BUILDLINK3_MK}+
@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= tiff
.if !empty(TIFF_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.tiff+= tiff>=3.6.1
BUILDLINK_RECOMMENDED.tiff+= tiff>=3.7.1nb1
BUILDLINK_RECOMMENDED.tiff+= tiff>=3.7.2nb1
BUILDLINK_PKGSRCDIR.tiff?= ../../graphics/tiff
.endif # TIFF_BUILDLINK3_MK

3
graphics/tiff/distinfo
View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.28 2005/05/07 00:47:29 toshii Exp $
$NetBSD: distinfo,v 1.29 2005/05/12 12:53:21 salo Exp $
SHA1 (tiff-3.7.2.tar.gz) = 0eb69e88bf6c430160ad2897cd0ae637d507ed66
RMD160 (tiff-3.7.2.tar.gz) = fb156e17f55b1d565adbc5247f01d836d5f25824
@ -6,3 +6,4 @@ Size (tiff-3.7.2.tar.gz) = 1260598 bytes
SHA1 (patch-aa) = 06ecb34e5eeae5650020b456dddd40c8b9fe9647
SHA1 (patch-ab) = 0363e36d8c7575b4a55fee587aa4d92ee6c6db0b
SHA1 (patch-ac) = 80c0abc2e8111a9b7608514cce239c8195e44cee
SHA1 (patch-ad) = 2e448a0491c4137820ec81cf566cf1962fab6045

64
graphics/tiff/patches/patch-ad Normal file
View file

@ -0,0 +1,64 @@
$NetBSD: patch-ad,v 1.14 2005/05/12 12:53:21 salo Exp $
--- libtiff/tif_dirread.c.orig 2005-03-05 10:06:00.000000000 +0100
+++ libtiff/tif_dirread.c 2005-05-12 14:38:22.000000000 +0200
@@ -1310,12 +1310,16 @@
uint16 buf[10];
uint16* v = buf;
- if (samples > NITEMS(buf))
- v = (uint16*) CheckMalloc(tif, samples, sizeof(uint16),
+ if (dir->tdir_count > NITEMS(buf))
+ v = (uint16*) CheckMalloc(tif, dir->tdir_count, sizeof(uint16),
"to fetch per-sample values");
if (v && TIFFFetchShortArray(tif, dir, v)) {
uint16 i;
- for (i = 1; i < samples; i++)
+ int check_count = dir->tdir_count;
+ if( samples < check_count )
+ check_count = samples;
+
+ for (i = 1; i < check_count; i++)
if (v[i] != v[0]) {
TIFFError(tif->tif_name,
"Cannot handle different per-sample values for field \"%s\"",
@@ -1347,12 +1351,16 @@
uint32 buf[10];
uint32* v = buf;
- if (samples > NITEMS(buf))
- v = (uint32*) CheckMalloc(tif, samples, sizeof(uint32),
+ if (dir->tdir_count > NITEMS(buf))
+ v = (uint32*) CheckMalloc(tif, dir->tdir_count, sizeof(uint32),
"to fetch per-sample values");
if (v && TIFFFetchLongArray(tif, dir, v)) {
uint16 i;
- for (i = 1; i < samples; i++)
+ int check_count = dir->tdir_count;
+
+ if( samples < check_count )
+ check_count = samples;
+ for (i = 1; i < check_count; i++)
if (v[i] != v[0]) {
TIFFError(tif->tif_name,
"Cannot handle different per-sample values for field \"%s\"",
@@ -1384,12 +1392,16 @@
double buf[10];
double* v = buf;
- if (samples > NITEMS(buf))
- v = (double*) CheckMalloc(tif, samples, sizeof (double),
+ if (dir->tdir_count > NITEMS(buf))
+ v = (double*) CheckMalloc(tif, dir->tdir_count, sizeof (double),
"to fetch per-sample values");
if (v && TIFFFetchAnyArray(tif, dir, v)) {
uint16 i;
- for (i = 1; i < samples; i++)
+ int check_count = dir->tdir_count;
+ if( samples < check_count )
+ check_count = samples;
+
+ for (i = 1; i < check_count; i++)
if (v[i] != v[0]) {
TIFFError(tif->tif_name,
"Cannot handle different per-sample values for field \"%s\"",