[CVS] OpenPKG: openpkg-src/qt/ qt.patch qt.spec

Fri, 02 Jul 2004 01:01:08 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Torsten Homeyer
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   02-Jul-2004 10:01:20
  Branch: HEAD                             Handle: -NONE-

  Modified files:
    openpkg-src/qt          qt.patch qt.spec

  Log:
    added Security Fix (CAN-2002-1363) for png

  Summary:
    Revision    Changes     Path
    1.6         +58 -25     openpkg-src/qt/qt.patch
    1.108       +1  -1      openpkg-src/qt/qt.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/qt/qt.patch
  ============================================================================
  $ cvs diff -u -r1.5 -r1.6 qt.patch
  --- openpkg-src/qt/qt.patch   29 Apr 2004 15:06:58 -0000      1.5
  +++ openpkg-src/qt/qt.patch   2 Jul 2004 08:01:19 -0000       1.6
  @@ -66,8 +66,64 @@
        fi
    fi
    
  ---- src/3rdparty/libpng/pngrtran.c.orig      Wed Oct  2 20:20:24 2002
  -+++ src/3rdparty/libpng/pngrtran.c   Wed Jan 15 11:30:23 2003
  +Index: src/3rdparty/libpng/pngconf.h
  +--- src/3rdparty/libpng/pngconf.h.orig       2003-05-27 17:19:23 +0200
  ++++ src/3rdparty/libpng/pngconf.h    2004-07-02 09:22:17 +0200
  +@@ -251,10 +251,6 @@
  + #      define PNG_SAVE_BSD_SOURCE
  + #      undef _BSD_SOURCE
  + #    endif
  +-#    ifdef _SETJMP_H
  +-      __png.h__ already includes setjmp.h;
  +-      __dont__ include it again.;
  +-#    endif
  + #  endif /* __linux__ */
  + 
  +    /* include setjmp.h for error handling */
  +Index: src/3rdparty/libpng/pngerror.c
  +--- src/3rdparty/libpng/pngerror.c.orig      2003-05-27 17:19:23 +0200
  ++++ src/3rdparty/libpng/pngerror.c   2004-07-02 09:22:17 +0200
  +@@ -135,10 +135,13 @@
  +       buffer[iout] = 0;
  +    else
  +    {
  ++      png_size_t len;
  ++      if ((len = png_strlen(error_message)) > 63)
  ++          len = 63;
  +       buffer[iout++] = ':';
  +       buffer[iout++] = ' ';
  +-      png_memcpy(buffer+iout, error_message, 64);
  +-      buffer[iout+63] = 0;
  ++      png_memcpy(buffer+iout, error_message, len);
  ++      buffer[iout+len] = 0;
  +    }
  + }
  + 
  +Index: src/3rdparty/libpng/pngrtran.c
  +--- src/3rdparty/libpng/pngrtran.c.orig      2003-05-27 17:19:23 +0200
  ++++ src/3rdparty/libpng/pngrtran.c   2004-07-02 09:22:17 +0200
  +@@ -1889,8 +1889,8 @@
  +          /* This changes the data from GG to GGXX */
  +          if (flags & PNG_FLAG_FILLER_AFTER)
  +          {
  +-            png_bytep sp = row + (png_size_t)row_width;
  +-            png_bytep dp = sp  + (png_size_t)row_width;
  ++            png_bytep sp = row + (png_size_t)row_width * 2;
  ++            png_bytep dp = sp  + (png_size_t)row_width * 2;
  +             for (i = 1; i < row_width; i++)
  +             {
  +                *(--dp) = hi_filler;
  +@@ -1907,8 +1907,8 @@
  +          /* This changes the data from GG to XXGG */
  +          else
  +          {
  +-            png_bytep sp = row + (png_size_t)row_width;
  +-            png_bytep dp = sp  + (png_size_t)row_width;
  ++            png_bytep sp = row + (png_size_t)row_width * 2;
  ++            png_bytep dp = sp  + (png_size_t)row_width * 2;
  +             for (i = 0; i < row_width; i++)
  +             {
  +                *(--dp) = *(--sp);
   @@ -1965,8 +1965,8 @@
             /* This changes the data from RRGGBB to RRGGBBXX */
             if (flags & PNG_FLAG_FILLER_AFTER)
  @@ -90,26 +146,3 @@
                for (i = 0; i < row_width; i++)
                {
                   *(--dp) = *(--sp);
  -
  -Steve G <[EMAIL PROTECTED]>
  -Libpng accesses memory that is out of bounds when creating an error message
  -
  -Index: pngerror.c
  ---- src/3rdparty/libpng/pngerror.c.orig      2002-10-03 13:32:27.000000000 +0200
  -+++ src/3rdparty/libpng/pngerror.c   2004-04-28 13:24:22.000000000 +0200
  -@@ -135,10 +135,13 @@
  -       buffer[iout] = 0;
  -    else
  -    {
  -+      png_size_t len;
  -+      if ((len = png_strlen(error_message)) > 63)
  -+          len = 63;
  -       buffer[iout++] = ':';
  -       buffer[iout++] = ' ';
  --      png_memcpy(buffer+iout, error_message, 64);
  --      buffer[iout+63] = 0;
  -+      png_memcpy(buffer+iout, error_message, len);
  -+      buffer[iout+len] = 0;
  -    }
  - }
  - 
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/qt/qt.spec
  ============================================================================
  $ cvs diff -u -r1.107 -r1.108 qt.spec
  --- openpkg-src/qt/qt.spec    15 Jun 2004 21:51:04 -0000      1.107
  +++ openpkg-src/qt/qt.spec    2 Jul 2004 08:01:19 -0000       1.108
  @@ -34,7 +34,7 @@
   Group:        XWindow
   License:      GPL
   Version:      3.3.2
  -Release:      20040615
  +Release:      20040702
   
   #   package library options (each 'yes' builds more libraries)
   %option       with_shared   no
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to