Here's an update that removes almost all our patches: - local patches for CVEs are included - patch-src_lib_font_load_c was for gcc-2.95, which we don't have anymore. IIRC gcc 3 (m88k) handles c99-style mixed code and decls fine. - patch-src_modules_*_Makefile_in forced building .a versions of modules. Since imlib2 doesn't use libltdl and we don't support vax anymore, there is no point in keeping them. Instead, also delete the .la files
No dynamic export change, no public header change (except for whitespace). Could someone double-check please? ok? Index: Makefile =================================================================== RCS file: /d/cvs/ports/graphics/imlib2/Makefile,v retrieving revision 1.39 diff -u -p -r1.39 Makefile --- Makefile 1 Jul 2016 13:04:32 -0000 1.39 +++ Makefile 8 Nov 2016 01:44:58 -0000 @@ -2,9 +2,8 @@ COMMENT= image manipulation library -DISTNAME= imlib2-1.4.7 -REVISION= 1 -SHARED_LIBS= Imlib2 6.0 # .5.7 +DISTNAME= imlib2-1.4.9 +SHARED_LIBS= Imlib2 6.0 # .5.9 CATEGORIES= graphics HOMEPAGE= http://www.enlightenment.org/p.php?p=about/libs/imlib2&l=en @@ -30,5 +29,8 @@ CONFIGURE_ARGS+= --disable-mmx .endif CONFIGURE_ENV= CPPFLAGS="-I${X11BASE}/include -I${LOCALBASE}/include" \ LDFLAGS="-L${X11BASE}/lib -L${LOCALBASE}/lib" + +post-install: + rm ${PREFIX}/lib/imlib2/filters/*.la ${PREFIX}/lib/imlib2/loaders/*.la .include <bsd.port.mk> Index: distinfo =================================================================== RCS file: /d/cvs/ports/graphics/imlib2/distinfo,v retrieving revision 1.9 diff -u -p -r1.9 distinfo --- distinfo 23 Apr 2015 17:31:21 -0000 1.9 +++ distinfo 8 Nov 2016 01:39:04 -0000 @@ -1,2 +1,2 @@ -SHA256 (imlib2-1.4.7.tar.gz) = SOmDN6Vg2JBPaFRH9BxDkU/sH4zTdFqf2Gy6n9JKZWM= -SIZE (imlib2-1.4.7.tar.gz) = 1027716 +SHA256 (imlib2-1.4.9.tar.gz) = K75NbrkFWejMu4W0QpYt0ZX9cTBBo2dhqM9FrUaGzXs= +SIZE (imlib2-1.4.9.tar.gz) = 1028872 Index: patches/patch-src_lib_ellipse_c =================================================================== RCS file: patches/patch-src_lib_ellipse_c diff -N patches/patch-src_lib_ellipse_c --- patches/patch-src_lib_ellipse_c 1 Jul 2016 13:04:32 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,87 +0,0 @@ -$OpenBSD: patch-src_lib_ellipse_c,v 1.1 2016/07/01 13:04:32 jasper Exp $ - -CVE-2011-5326 -https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15 - ---- src/lib/ellipse.c.orig Sun Dec 22 05:20:31 2013 -+++ src/lib/ellipse.c Fri Jul 1 14:58:32 2016 -@@ -71,6 +71,9 @@ __imlib_Ellipse_DrawToData(int xc, int yc, int a, int - if (IN_RANGE(rx, by, clw, clh)) - pfunc(color, bp + len); - -+ if (dx < 1) -+ dx = 1; -+ - dy += b2; - yy -= ((dy << 16) / dx); - lx--; -@@ -123,6 +126,9 @@ __imlib_Ellipse_DrawToData(int xc, int yc, int a, int - if (IN_RANGE(rx, by, clw, clh)) - pfunc(color, bp + len); - -+ if (dy < 1) -+ dy = 1; -+ - dx -= a2; - xx += ((dx << 16) / dy); - ty++; -@@ -222,6 +228,9 @@ __imlib_Ellipse_DrawToData_AA(int xc, int yc, int a, i - if (IN_RANGE(rx, by, clw, clh)) - pfunc(col1, bp + len); - -+ if (dx < 1) -+ dx = 1; -+ - dy += b2; - yy -= ((dy << 16) / dx); - lx--; -@@ -295,6 +304,9 @@ __imlib_Ellipse_DrawToData_AA(int xc, int yc, int a, i - if (IN_RANGE(rx, by, clw, clh)) - pfunc(col1, bp + len); - -+ if (dy < 1) -+ dy = 1; -+ - dx -= a2; - xx += ((dx << 16) / dy); - ty++; -@@ -395,6 +407,9 @@ __imlib_Ellipse_FillToData(int xc, int yc, int a, int - if (IN_RANGE(rx, by, clw, clh)) - pfunc(color, bp + len); - -+ if (dx < 1) -+ dx = 1; -+ - dy += b2; - yy -= ((dy << 16) / dx); - lx--; -@@ -453,6 +468,9 @@ __imlib_Ellipse_FillToData(int xc, int yc, int a, int - if (((unsigned)by < (unsigned)clh) && (len > 0)) - sfunc(color, bpp, len); - -+ if (dy < 1) -+ dy = 1; -+ - dx -= a2; - xx += ((dx << 16) / dy); - ty++; -@@ -556,6 +574,9 @@ __imlib_Ellipse_FillToData_AA(int xc, int yc, int a, i - if (IN_RANGE(rx, by, clw, clh)) - pfunc(col1, bp + len); - -+ if (dx < 1) -+ dx = 1; -+ - dy += b2; - yy -= ((dy << 16) / dx); - lx--; -@@ -628,6 +649,9 @@ __imlib_Ellipse_FillToData_AA(int xc, int yc, int a, i - pfunc(col1, bp); - if (IN_RANGE(rx, by, clw, clh)) - pfunc(col1, bp + len); -+ -+ if (dy < 1) -+ dy = 1; - - dx -= a2; - xx += ((dx << 16) / dy); Index: patches/patch-src_lib_font_load_c =================================================================== RCS file: patches/patch-src_lib_font_load_c diff -N patches/patch-src_lib_font_load_c --- patches/patch-src_lib_font_load_c 23 Apr 2015 17:31:21 -0000 1.2 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,21 +0,0 @@ -$OpenBSD: patch-src_lib_font_load_c,v 1.2 2015/04/23 17:31:21 dcoppa Exp $ ---- src/lib/font_load.c.orig Sat Dec 20 17:19:19 2014 -+++ src/lib/font_load.c Thu Apr 23 08:30:54 2015 -@@ -228,6 +228,8 @@ int - __imlib_font_insert_into_fallback_chain_imp(ImlibFont * fn, - ImlibFont * fallback) - { -+ ImlibFont *tmp; -+ - /* avoid infinite recursion */ - if (fn == fallback) - return 1; -@@ -236,7 +238,7 @@ __imlib_font_insert_into_fallback_chain_imp(ImlibFont - __imlib_font_remove_from_fallback_chain_imp(fallback); - - /* insert fallback into fn's font chain */ -- ImlibFont *tmp = fn->fallback_next; -+ tmp = fn->fallback_next; - - fn->fallback_next = fallback; - fallback->fallback_prev = fn; Index: patches/patch-src_lib_image_h =================================================================== RCS file: patches/patch-src_lib_image_h diff -N patches/patch-src_lib_image_h --- patches/patch-src_lib_image_h 1 Jul 2016 13:04:32 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,17 +0,0 @@ -$OpenBSD: patch-src_lib_image_h,v 1.1 2016/07/01 13:04:32 jasper Exp $ - -CVE-2016-4024 -https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227 - ---- src/lib/image.h.orig Fri Jul 1 14:59:56 2016 -+++ src/lib/image.h Fri Jul 1 15:00:21 2016 -@@ -188,7 +188,8 @@ void __imlib_SaveImage(ImlibImage * im, - - /* The maximum pixmap dimension is 65535. */ - /* However, for now, use 46340 (46340^2 < 2^31) to avoid buffer overflow issues. */ --#define X_MAX_DIM 46340 -+/* Reduced further to 32767, so that (w * h * sizeof(DATA32)) won't exceed ULONG_MAX */ -+#define X_MAX_DIM 32767 - - #define IMAGE_DIMENSIONS_OK(w, h) \ - ( ((w) > 0) && ((h) > 0) && ((w) < X_MAX_DIM) && ((h) < X_MAX_DIM) ) Index: patches/patch-src_lib_updates_c =================================================================== RCS file: patches/patch-src_lib_updates_c diff -N patches/patch-src_lib_updates_c --- patches/patch-src_lib_updates_c 1 Jul 2016 13:04:32 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,16 +0,0 @@ -$OpenBSD: patch-src_lib_updates_c,v 1.1 2016/07/01 13:04:32 jasper Exp $ - -CVE-2016-3993 -https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef - ---- src/lib/updates.c.orig Fri Jul 1 14:56:42 2016 -+++ src/lib/updates.c Fri Jul 1 14:57:03 2016 -@@ -112,7 +112,7 @@ __imlib_MergeUpdate(ImlibUpdate * u, int w, int h, int - int xx, yy, ww, hh, ok; - - for (xx = x + 1, ww = 1; -- (T(xx, y).used & T_USED) && (xx < tw); xx++, ww++); -+ (xx < tw) && (T(xx, y).used & T_USED); xx++, ww++); - for (yy = y + 1, hh = 1, ok = 1; - (yy < th) && (ok); yy++, hh++) - { Index: patches/patch-src_modules_filters_Makefile_in =================================================================== RCS file: patches/patch-src_modules_filters_Makefile_in diff -N patches/patch-src_modules_filters_Makefile_in --- patches/patch-src_modules_filters_Makefile_in 23 Apr 2015 17:31:21 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,23 +0,0 @@ -$OpenBSD: patch-src_modules_filters_Makefile_in,v 1.1 2015/04/23 17:31:21 dcoppa Exp $ - -Revert commit 5b60182d96fa136366e1f5ae6329edcbc886d47f (Don't build -static libs for modules) - ---- src/modules/filters/Makefile.in.orig Sat Apr 4 20:19:48 2015 -+++ src/modules/filters/Makefile.in Thu Apr 23 10:07:58 2015 -@@ -369,15 +369,12 @@ EXTRA_DIST = filter_common.h - testfilter_la_SOURCES = filter_test.c - testfilter_la_LDFLAGS = -module -avoid-version - testfilter_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --testfilter_la_LIBTOOLFLAGS = --tag=disable-static - bumpmap_la_SOURCES = filter_bumpmap.c - bumpmap_la_LDFLAGS = -module -avoid-version - bumpmap_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la -lm --bumpmap_la_LIBTOOLFLAGS = --tag=disable-static - colormod_la_SOURCES = filter_colormod.c - colormod_la_LDFLAGS = -module -avoid-version - colormod_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --colormod_la_LIBTOOLFLAGS = --tag=disable-static - all: all-am - - .SUFFIXES: Index: patches/patch-src_modules_loaders_Makefile_in =================================================================== RCS file: patches/patch-src_modules_loaders_Makefile_in diff -N patches/patch-src_modules_loaders_Makefile_in --- patches/patch-src_modules_loaders_Makefile_in 23 Apr 2015 17:31:21 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,64 +0,0 @@ -$OpenBSD: patch-src_modules_loaders_Makefile_in,v 1.1 2015/04/23 17:31:21 dcoppa Exp $ - -Revert commit 5b60182d96fa136366e1f5ae6329edcbc886d47f (Don't build -static libs for modules) - ---- src/modules/loaders/Makefile.in.orig Sat Apr 4 20:19:49 2015 -+++ src/modules/loaders/Makefile.in Thu Apr 23 10:08:13 2015 -@@ -461,56 +461,43 @@ EXTRA_DIST = loader_common.h - jpeg_la_SOURCES = loader_jpeg.c - jpeg_la_LDFLAGS = -module -avoid-version - jpeg_la_LIBADD = @JPEGLIBS@ $(top_builddir)/src/lib/libImlib2.la --jpeg_la_LIBTOOLFLAGS = --tag=disable-static - png_la_SOURCES = loader_png.c - png_la_CPPFLAGS = @PNG_CFLAGS@ $(AM_CPPFLAGS) - png_la_LDFLAGS = -module -avoid-version - png_la_LIBADD = @PNG_LIBS@ $(top_builddir)/src/lib/libImlib2.la --png_la_LIBTOOLFLAGS = --tag=disable-static - tiff_la_SOURCES = loader_tiff.c - tiff_la_LDFLAGS = -module -avoid-version - tiff_la_LIBADD = @TIFFLIBS@ $(top_builddir)/src/lib/libImlib2.la --tiff_la_LIBTOOLFLAGS = --tag=disable-static - gif_la_SOURCES = loader_gif.c - gif_la_LDFLAGS = -module -avoid-version - gif_la_LIBADD = @GIFLIBS@ $(top_builddir)/src/lib/libImlib2.la --gif_la_LIBTOOLFLAGS = --tag=disable-static - zlib_la_SOURCES = loader_zlib.c - zlib_la_LDFLAGS = -module -avoid-version - zlib_la_LIBADD = @ZLIBLIBS@ $(top_builddir)/src/lib/libImlib2.la --zlib_la_LIBTOOLFLAGS = --tag=disable-static - bz2_la_SOURCES = loader_bz2.c - bz2_la_LDFLAGS = -module -avoid-version - bz2_la_LIBADD = @BZ2LIBS@ $(top_builddir)/src/lib/libImlib2.la --bz2_la_LIBTOOLFLAGS = --tag=disable-static - id3_la_SOURCES = loader_id3.c - id3_la_LDFLAGS = -module -avoid-version - id3_la_LIBADD = @ID3LIBS@ $(top_builddir)/src/lib/libImlib2.la --id3_la_LIBTOOLFLAGS = --tag=disable-static - pnm_la_SOURCES = loader_pnm.c - pnm_la_LDFLAGS = -module -avoid-version - pnm_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --pnm_la_LIBTOOLFLAGS = --tag=disable-static - argb_la_SOURCES = loader_argb.c - argb_la_LDFLAGS = -module -avoid-version - argb_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --argb_la_LIBTOOLFLAGS = --tag=disable-static - bmp_la_SOURCES = loader_bmp.c - bmp_la_LDFLAGS = -module -avoid-version - bmp_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --bmp_la_LIBTOOLFLAGS = --tag=disable-static - xpm_la_SOURCES = loader_xpm.c - xpm_la_LDFLAGS = -module -avoid-version - xpm_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --xpm_la_LIBTOOLFLAGS = --tag=disable-static - tga_la_SOURCES = loader_tga.c - tga_la_LDFLAGS = -module -avoid-version - tga_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --tga_la_LIBTOOLFLAGS = --tag=disable-static - lbm_la_SOURCES = loader_lbm.c - lbm_la_LDFLAGS = -module -avoid-version - lbm_la_LIBADD = $(top_builddir)/src/lib/libImlib2.la --lbm_la_LIBTOOLFLAGS = --tag=disable-static - all: all-am - - .SUFFIXES: Index: patches/patch-src_modules_loaders_loader_gif_c =================================================================== RCS file: patches/patch-src_modules_loaders_loader_gif_c diff -N patches/patch-src_modules_loaders_loader_gif_c --- patches/patch-src_modules_loaders_loader_gif_c 1 Jul 2016 13:04:32 -0000 1.6 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,54 +0,0 @@ -$OpenBSD: patch-src_modules_loaders_loader_gif_c,v 1.6 2016/07/01 13:04:32 jasper Exp $ - -CVE-2016-3994 -https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8 - ---- src/modules/loaders/loader_gif.c.orig Sat Dec 20 17:39:11 2014 -+++ src/modules/loaders/loader_gif.c Fri Jul 1 14:57:48 2016 -@@ -141,8 +141,24 @@ load(ImlibImage * im, ImlibProgressFunction progress, - - if (im->loader || immediate_load || progress) - { -+ DATA32 colormap[256]; -+ - bg = gif->SBackGroundColor; - cmap = (gif->Image.ColorMap ? gif->Image.ColorMap : gif->SColorMap); -+ memset (colormap, 0, sizeof(colormap)); -+ if (cmap != NULL) -+ { -+ for (i = cmap->ColorCount > 256 ? 256 : cmap->ColorCount; i-- > 0;) -+ { -+ r = cmap->Colors[i].Red; -+ g = cmap->Colors[i].Green; -+ b = cmap->Colors[i].Blue; -+ colormap[i] = (0xff << 24) | (r << 16) | (g << 8) | b; -+ } -+ /* if bg > cmap->ColorCount, it is transparent black already */ -+ if (transp >= 0 && transp < 256) -+ colormap[transp] = bg >= 0 && bg < 256 ? colormap[bg] & 0x00ffffff : 0x00000000; -+ } - im->data = (DATA32 *) malloc(sizeof(DATA32) * w * h); - if (!im->data) - goto quit; -@@ -161,20 +177,7 @@ load(ImlibImage * im, ImlibProgressFunction progress, - { - for (j = 0; j < w; j++) - { -- if (rows[i][j] == transp) -- { -- r = cmap->Colors[bg].Red; -- g = cmap->Colors[bg].Green; -- b = cmap->Colors[bg].Blue; -- *ptr++ = 0x00ffffff & ((r << 16) | (g << 8) | b); -- } -- else -- { -- r = cmap->Colors[rows[i][j]].Red; -- g = cmap->Colors[rows[i][j]].Green; -- b = cmap->Colors[rows[i][j]].Blue; -- *ptr++ = (0xff << 24) | (r << 16) | (g << 8) | b; -- } -+ *ptr++ = colormap[rows[i][j]]; - per += per_inc; - if (progress && (((int)per) != last_per) - && (((int)per) % progress_granularity == 0)) Index: pkg/PLIST =================================================================== RCS file: /d/cvs/ports/graphics/imlib2/pkg/PLIST,v retrieving revision 1.7 diff -u -p -r1.7 PLIST --- pkg/PLIST 27 Mar 2016 15:31:24 -0000 1.7 +++ pkg/PLIST 8 Nov 2016 01:46:05 -0000 @@ -11,54 +11,23 @@ bin/imlib2-config include/Imlib2.h lib/imlib2/ lib/imlib2/filters/ -lib/imlib2/filters/bumpmap.a -lib/imlib2/filters/bumpmap.la lib/imlib2/filters/bumpmap.so -lib/imlib2/filters/colormod.a -lib/imlib2/filters/colormod.la lib/imlib2/filters/colormod.so -lib/imlib2/filters/testfilter.a -lib/imlib2/filters/testfilter.la lib/imlib2/filters/testfilter.so lib/imlib2/loaders/ -lib/imlib2/loaders/argb.a -lib/imlib2/loaders/argb.la lib/imlib2/loaders/argb.so -lib/imlib2/loaders/bmp.a -lib/imlib2/loaders/bmp.la lib/imlib2/loaders/bmp.so -lib/imlib2/loaders/bz2.a -lib/imlib2/loaders/bz2.la lib/imlib2/loaders/bz2.so -lib/imlib2/loaders/gif.a -lib/imlib2/loaders/gif.la +lib/imlib2/loaders/ff.so lib/imlib2/loaders/gif.so -lib/imlib2/loaders/id3.a -lib/imlib2/loaders/id3.la lib/imlib2/loaders/id3.so -lib/imlib2/loaders/jpeg.a -lib/imlib2/loaders/jpeg.la lib/imlib2/loaders/jpeg.so -lib/imlib2/loaders/lbm.a -lib/imlib2/loaders/lbm.la lib/imlib2/loaders/lbm.so -lib/imlib2/loaders/png.a -lib/imlib2/loaders/png.la lib/imlib2/loaders/png.so -lib/imlib2/loaders/pnm.a -lib/imlib2/loaders/pnm.la lib/imlib2/loaders/pnm.so -lib/imlib2/loaders/tga.a -lib/imlib2/loaders/tga.la lib/imlib2/loaders/tga.so -lib/imlib2/loaders/tiff.a -lib/imlib2/loaders/tiff.la lib/imlib2/loaders/tiff.so -lib/imlib2/loaders/xpm.a -lib/imlib2/loaders/xpm.la lib/imlib2/loaders/xpm.so -lib/imlib2/loaders/zlib.a -lib/imlib2/loaders/zlib.la lib/imlib2/loaders/zlib.so lib/libImlib2.a lib/libImlib2.la -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
