Hi ports@,
Here is a diff to update dpic to 2019.08.30. This fixes CVE-2019-13989.
The codebase is now fully in C, here is the relevant entry from CHANGES:
2019 06 20 This is a major clone of the previous distribution, which
contained compilable C code together with the original pascal
source. The pascal was translated to C code using p2c,
which was included, and parsing was automated by a custom
compiler-compiler which was also provided. The current
package includes C source only with parsing automated using
GNU bison. The original lexical analyser has been kept. To
avoid introducing bugs, the C code has been changed only to
accommodate bison; some p2c idiosyncrasies remain. The result
is functionally identical to the previous version for correct
input.
We can remove previous patches, they are not needed anymore as p2c is
gone, and upstream now has the sprintf -> snprintf changes in wfloat.
The remaining sprintf -> snprintf changes have been moved to a new patch,
as those functions are now in their own file (pdf.c).
Comments? OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/graphics/dpic/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- Makefile 12 Jul 2019 20:46:57 -0000 1.7
+++ Makefile 4 Oct 2019 10:08:33 -0000
@@ -2,7 +2,7 @@
COMMENT = pic-like interpreter for producing line graphics
-DISTNAME = dpic-2017.08.01
+DISTNAME = dpic-2019.08.30
CATEGORIES = graphics
Index: distinfo
===================================================================
RCS file: /cvs/ports/graphics/dpic/distinfo,v
retrieving revision 1.5
diff -u -p -r1.5 distinfo
--- distinfo 9 Sep 2017 22:56:49 -0000 1.5
+++ distinfo 4 Oct 2019 10:08:33 -0000
@@ -1,2 +1,2 @@
-SHA256 (dpic-2017.08.01.tar.gz) = 0GbWBx4BNqqJpYiiWAuMcFdKg29a7PbOFfRBbV923j0=
-SIZE (dpic-2017.08.01.tar.gz) = 1246842
+SHA256 (dpic-2019.08.30.tar.gz) = gkf0eZyjr79Dhw2vYXqjyq6uIhuAnvo8h8fwe9koNRU=
+SIZE (dpic-2019.08.30.tar.gz) = 877767
Index: patches/patch-Makefile_in
===================================================================
RCS file: patches/patch-Makefile_in
diff -N patches/patch-Makefile_in
--- patches/patch-Makefile_in 9 Sep 2017 22:56:49 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,27 +0,0 @@
-$OpenBSD: patch-Makefile_in,v 1.1 2017/09/09 22:56:49 nigel Exp $
-Index: Makefile.in
---- Makefile.in.orig
-+++ Makefile.in
-@@ -1,10 +1,9 @@
- # For Linux (expects "make DESTDIR=xxx PREFIX=yyy install"):
- DESTDIR = /usr
--PREFIX = .
--DEST = ${DESTDIR}/${PREFIX}/bin
-+DEST = ${PREFIX}/bin
-
--MANDIR = $(DESTDIR)/$(PREFIX)/share/man/man1
--DOCDIR = $(DESTDIR)/$(PREFIX)/share/doc/dpic
-+MANDIR = $(PREFIX)/share/man/man1
-+DOCDIR = $(PREFIX)/share/doc/dpic
-
- #-----------------------------------------------------------------------
-
-@@ -47,7 +46,7 @@ installdocs: doc/dpicdoc.pdf
- install -m 644 doc/dpicdoc.pdf $(DOCDIR)
- install -m 644 doc/dpictools.pic $(DOCDIR)
- # install -m 644 doc/dpic.1 $(SPECMANDIR)
-- cat doc/dpic.1 | gzip > $(MANDIR)/dpic.1.gz
-+ install -m 644 doc/dpic.1 $(MANDIR)
- #Ubuntu files:
- #/usr/bin/dpic
- #/usr/share/doc/dpic/CHANGES.gz
Index: patches/patch-dpic_c
===================================================================
RCS file: patches/patch-dpic_c
diff -N patches/patch-dpic_c
--- patches/patch-dpic_c 9 Sep 2017 22:56:49 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,244 +0,0 @@
-$OpenBSD: patch-dpic_c,v 1.1 2017/09/09 22:56:49 nigel Exp $
-Index: dpic.c
---- dpic.c.orig
-+++ dpic.c
-@@ -1241,11 +1241,11 @@ void wfloat(FILE **iou, double y)
- { char buf[25];
- int i;
- if (fabs(y)==distmax)
-- sprintf(buf,"%24.6e", y);
-+ snprintf(buf,sizeof(buf), "%24.6e", y);
- else if (y >= 0.0)
-- sprintf(buf,"%24.6f", floor( 1000000*y+0.5)/1000000.0 );
-+ snprintf(buf,sizeof(buf), "%24.6f", floor( 1000000*y+0.5)/1000000.0 );
- else
-- sprintf(buf,"%24.6f",-floor(-1000000*y+0.5)/1000000.0 );
-+ snprintf(buf,sizeof(buf), "%24.6f",-floor(-1000000*y+0.5)/1000000.0 );
- for (i=23; buf[i]=='0'; ) i-- ;
- if (buf[i]=='.') buf[i] = (char)0;
- else buf[i+1] = (char)0;
-@@ -1897,7 +1897,7 @@ boolean drawn(primitive *node, int linesp, double fill
- return true;
- }
- else if (linesp == XLdotted || linesp == XLdashed || linesp == XLsolid ||
-- fill >= 0.0 && fill <= 1.0) {
-+ (fill >= 0.0 && fill <= 1.0)) {
- return true;
- }
- else {
-@@ -4793,7 +4793,7 @@ void mfpdraw(primitive *node)
- initnesw();
- nesw(node);
- if (node->ptype == XLbox) {
-- if (node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0 ||
-+ if ((node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0) ||
- node->shadedp != NULL) {
- mfpsetshade(node->Upr.Ubox.boxfill, node->shadedp);
- mfpbox(node->aat.xpos, node->aat.ypos, north, south, east, west,
-@@ -4812,7 +4812,7 @@ void mfpdraw(primitive *node)
- break;
-
- case XLellipse:
-- if (node->Upr.Uellipse.efill >= 0.0 && node->Upr.Uellipse.efill <= 1.0 ||
-+ if ((node->Upr.Uellipse.efill >= 0.0 && node->Upr.Uellipse.efill <= 1.0)
||
- node->shadedp != NULL) {
- mfpsetshade(node->Upr.Uellipse.efill, node->shadedp);
- mfpellipse(node->aat, node->Upr.Uellipse.elwidth,
node->Upr.Uellipse.elheight);
-@@ -4828,7 +4828,7 @@ void mfpdraw(primitive *node)
- break;
-
- case XLcircle:
-- if (node->Upr.Ucircle.cfill >= 0.0 && node->Upr.Ucircle.cfill <= 1.0 ||
-+ if ((node->Upr.Ucircle.cfill >= 0.0 && node->Upr.Ucircle.cfill <= 1.0) ||
- node->shadedp != NULL) {
- mfpsetshade(node->Upr.Ucircle.cfill, node->shadedp);
- mfpcircle(node->aat, node->Upr.Ucircle.radius);
-@@ -5423,7 +5423,7 @@ void mpodraw(primitive *node)
- case XBLOCK:
- if (node->ptype == XLbox) {
- if (node->shadedp != NULL ||
-- node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0) {
-+ (node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0)) {
- mpobox("fill ", node->aat, node->Upr.Ubox.boxwidth / 2,
- node->Upr.Ubox.boxheight / 2, node->Upr.Ubox.boxradius);
- addcolor(node->shadedp, node->Upr.Ubox.boxfill);
-@@ -5442,7 +5442,7 @@ void mpodraw(primitive *node)
-
- case XLellipse:
- if (node->shadedp != NULL ||
-- node->Upr.Uellipse.efill >= 0.0 && node->Upr.Uellipse.efill <= 1.0) {
-+ (node->Upr.Uellipse.efill >= 0.0 && node->Upr.Uellipse.efill <= 1.0)) {
- mpoellipse("fill ", node->aat, node->Upr.Uellipse.elwidth / 2,
- node->Upr.Uellipse.elheight / 2);
- addcolor(node->shadedp, node->Upr.Uellipse.efill);
-@@ -5460,7 +5460,7 @@ void mpodraw(primitive *node)
-
- case XLcircle:
- if (node->shadedp != NULL ||
-- node->Upr.Ucircle.cfill >= 0.0 && node->Upr.Ucircle.cfill <= 1.0) {
-+ (node->Upr.Ucircle.cfill >= 0.0 && node->Upr.Ucircle.cfill <= 1.0)) {
- printf("fill fullcircle scaled ");
- wfloat(&output, node->Upr.Ucircle.radius * 2 / fsc);
- printf(" shifted ");
-@@ -6974,7 +6974,7 @@ void psdraw(primitive *node)
- switch (node->ptype) {
-
- case XLbox:
-- if (node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0 ||
-+ if ((node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0) ||
- node->shadedp != NULL) {
- psbox(node->aat, node->Upr.Ubox.boxwidth / 2,
- node->Upr.Ubox.boxheight / 2, node->Upr.Ubox.boxradius);
-@@ -7027,7 +7027,7 @@ void psdraw(primitive *node)
- else {
- fill = node->Upr.Ucircle.cfill;
- }
-- if (fill >= 0.0 && fill <= 1.0 || node->shadedp != NULL) {
-+ if ((fill >= 0.0 && fill <= 1.0) || node->shadedp != NULL) {
- pssetthick(lth);
- printf(" gsave ");
- pswpos(node->aat);
-@@ -7416,7 +7416,7 @@ void pdfwfloat(double y)
- ix = ixd;
- } while (ix != 0 || j <= 6);
- for (j = 1; j <= ln; j++) {
-- sprintf(STR1, "%c", ts[ln - j]);
-+ snprintf(STR1, sizeof(STR1), "%c", ts[ln - j]);
- pdfstream(STR1, 1, &cx);
- }
- }
-@@ -7580,10 +7580,10 @@ void pdfwstring(nametype *p)
- iswhite = (c == etxch || c == nlch || c == tabch || c == ' ');
- if (!iswhite || !waswhite) {
- if (c == bslch || c == ')' || c == '(') {
-- sprintf(STR1, "%c", bslch);
-+ snprintf(STR1, sizeof(STR1), "%c", bslch);
- pdfstream(STR1, 1, &cx);
- }
-- sprintf(STR1, "%c", c);
-+ snprintf(STR1, sizeof(STR1), "%c", c);
- pdfstream(STR1, 1, &cx);
- }
- waswhite = iswhite;
-@@ -8020,7 +8020,7 @@ void pdfdraw(primitive *node)
-
- case XLbox:
- if (drawn(node, lsp, node->Upr.Ubox.boxfill)) {
-- fll = (node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0 ||
-+ fll = ((node->Upr.Ubox.boxfill >= 0.0 && node->Upr.Ubox.boxfill <= 1.0)
||
- node->shadedp != NULL);
- pdflinearfill(node->Upr.Ubox.boxfill, node->shadedp);
- pdflineopts(lsp, node->lparam, lth, node->outlinep);
-@@ -8052,7 +8052,7 @@ void pdfdraw(primitive *node)
- fill = node->Upr.Ucircle.cfill;
- }
- if (drawn(node, lsp, fill)) {
-- fll = (fill >= 0.0 && fill <= 1.0 || node->shadedp != NULL);
-+ fll = ((fill >= 0.0 && fill <= 1.0) || node->shadedp != NULL);
- pdflinearfill(fill, node->shadedp);
- pdflineopts(lsp, node->lparam, lth, node->outlinep);
- pdfellipse(node->aat, x, y);
-@@ -8160,7 +8160,7 @@ void pdfdraw(primitive *node)
- pdfwpos(node->Upr.Uline.endpos);
- pdfstream(" l", 2, &cx);
- if (node->son != NULL) {
-- sprintf(STR1, "%c", nlch);
-+ snprintf(STR1, sizeof(STR1), "%c", nlch);
- pdfstream(STR1, 1, &cx);
- }
- else {
-@@ -8241,7 +8241,7 @@ void pdfdraw(primitive *node)
- case XLaTeX:
- if (node->textp != NULL) {
- pdfwstring(node->textp);
-- sprintf(STR1, "%c", nlch);
-+ snprintf(STR1, sizeof(STR1), "%c", nlch);
- pdfstream(STR1, 1, &cx);
- }
- break;
-@@ -8448,7 +8448,7 @@ void texdraw(primitive *node)
- lgth = linlen(node->Upr.Uline.endpos.xpos - node->aat.xpos,
- node->Upr.Uline.endpos.ypos - node->aat.ypos);
- if (drawmode == Pict2e ||
-- lsp == XLsolid && (lgth > 0.18 || drawmode == tTeX)) {
-+ (lsp == XLsolid && (lgth > 0.18 || drawmode == tTeX))) {
- if (lgth > 0) {
- printf("\\put");
- wpos(node->aat);
-@@ -8759,16 +8759,16 @@ void texdraw(primitive *node)
- node->direction = p->direction;
- }
- }
-- if (node->direction == XLleft && node->Upr.Uline.endpos.ypos < 0.0 ||
-- node->direction == XLdown && node->Upr.Uline.endpos.ypos > 0.0) {
-+ if ((node->direction == XLleft && node->Upr.Uline.endpos.ypos < 0.0) ||
-+ (node->direction == XLdown && node->Upr.Uline.endpos.ypos > 0.0)) {
- printf("[bl]}\n");
- }
-- else if (node->direction == XLleft && node->Upr.Uline.endpos.ypos > 0.0
||
-- node->direction == XLup && node->Upr.Uline.endpos.ypos < 0.0) {
-+ else if ((node->direction == XLleft && node->Upr.Uline.endpos.ypos >
0.0) ||
-+ (node->direction == XLup && node->Upr.Uline.endpos.ypos <
0.0)) {
- printf("[tl]}\n");
- }
-- else if (node->direction == XLright && node->Upr.Uline.endpos.ypos <
0.0 ||
-- node->direction == XLup && node->Upr.Uline.endpos.ypos > 0.0) {
-+ else if ((node->direction == XLright && node->Upr.Uline.endpos.ypos <
0.0) ||
-+ (node->direction == XLup && node->Upr.Uline.endpos.ypos >
0.0)) {
- printf("[tr]}\n");
- }
- else {
-@@ -12552,8 +12552,8 @@ void produce(stackinx newp, int p)
- }
- else {
- With1->xval += With1->yval;
-- if (With1->yval > 0 && With1->xval > With1->endchop ||
-- With1->yval < 0 && With1->xval < With1->endchop) {
-+ if ((With1->yval > 0 && With1->xval > With1->endchop) ||
-+ (With1->yval < 0 && With1->xval < With1->endchop)) {
- bswitch = true;
- }
- }
-@@ -13464,16 +13464,16 @@ void produce(stackinx newp, int p)
- s = sin(With2->Upr.Uline.endpos.xpos);
- With2->aat.xpos += With2->Upr.Uline.aradius * r;
- With2->aat.ypos += With2->Upr.Uline.aradius * s;
-- if (With2->direction == XLup && i == XLleft ||
-- With2->direction == XLdown && i == XLright ||
-- With2->direction == XLright && i == XLup ||
-- With2->direction == XLleft && i == XLdown) {
-+ if ((With2->direction == XLup && i == XLleft) ||
-+ (With2->direction == XLdown && i == XLright) ||
-+ (With2->direction == XLright && i == XLup) ||
-+ (With2->direction == XLleft && i == XLdown)) {
- With2->Upr.Uline.endpos.ypos = pi * 0.5;
- }
-- else if (With2->direction == XLup && i == XLright ||
-- With2->direction == XLdown && i == XLleft ||
-- With2->direction == XLright && i == XLdown ||
-- With2->direction == XLleft && i == XLup) {
-+ else if ((With2->direction == XLup && i == XLright) ||
-+ (With2->direction == XLdown && i == XLleft) ||
-+ (With2->direction == XLright && i == XLdown) ||
-+ (With2->direction == XLleft && i == XLup)) {
- With2->Upr.Uline.endpos.ypos = -pi * 0.5;
- }
- if (attstack[newp+2].lexval != XEMPTY) {
-@@ -17640,7 +17640,7 @@ void defineargbody(int *parenlevel, fbuffer **p2)
- }
- }
- /*D if debuglevel=2 then write(log,' instring=',instring,' '); D*/
-- if (!instring && (*parenlevel < 0 || *parenlevel == 0 && ch == ',')) {
-+ if (!instring && (*parenlevel < 0 || (*parenlevel == 0 && ch ==
','))) {
- j = With->savedlen;
- inarg = false;
- }
-@@ -18743,7 +18743,7 @@ void getoptions(void)
- } /* getoptions */
-
-
--void main(int argc, Char *argv[])
-+int main(int argc, Char *argv[])
- { P_argc = argc; P_argv = argv; __top_jb = NULL;
- redirect = NULL;
- copyin = NULL;
Index: patches/patch-p2c_h
===================================================================
RCS file: patches/patch-p2c_h
diff -N patches/patch-p2c_h
--- patches/patch-p2c_h 9 Sep 2017 22:56:49 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,18 +0,0 @@
-$OpenBSD: patch-p2c_h,v 1.1 2017/09/09 22:56:49 nigel Exp $
-Index: p2c.h
---- p2c.h.orig
-+++ p2c.h
-@@ -435,12 +435,7 @@ typedef struct {
- } _TEXT;
-
- /* Memory allocation */
--#ifdef __GCC__
--# define Malloc(n) (malloc(n) ?: (Anyptr)_OutMem())
--#else
--extern Anyptr __MallocTemp__;
--# define Malloc(n) ((__MallocTemp__ = malloc(n)) ? __MallocTemp__ :
(Anyptr)_OutMem())
--#endif
-+extern void *Malloc(size_t);
- #define FreeR(p) (free((Anyptr)(p))) /* used if arg is an rvalue */
- #define Free(p) (free((Anyptr)(p)), (p)=NULL)
-
Index: patches/patch-p2clib_c
===================================================================
RCS file: patches/patch-p2clib_c
diff -N patches/patch-p2clib_c
--- patches/patch-p2clib_c 9 Sep 2017 22:56:49 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,208 +0,0 @@
-$OpenBSD: patch-p2clib_c,v 1.1 2017/09/09 22:56:49 nigel Exp $
-Index: p2clib.c
---- p2clib.c.orig
-+++ p2clib.c
-@@ -30,8 +30,6 @@ int P_ioresult;
-
- long EXCP_LINE; /* Used by Pascal workstation system */
-
--Anyptr __MallocTemp__;
--
- __p2c_jmp_buf *__top_jb;
-
-
-@@ -417,9 +415,10 @@ register int pos, len;
-
- /* Insert string "src" at index "pos" of "dst". */
-
--void strinsert(src, dst, pos)
-+void strinsert(src, dst, pos, size)
- register char *src, *dst;
- register int pos;
-+size_t size;
- {
- register int slen, dlen;
-
-@@ -429,7 +428,7 @@ register int pos;
- dst += dlen;
- dlen -= pos;
- if (dlen <= 0) {
-- strcpy(dst, src);
-+ strlcpy(dst, src, size);
- return;
- }
- slen = strlen(src);
-@@ -890,7 +889,7 @@ int *Day, *Month, *Year, *Hour, *Min, *Sec;
- {
- #ifndef NO_TIME
- struct tm *tm;
-- long clock;
-+ time_t clock;
-
- time(&clock);
- tm = localtime(&clock);
-@@ -908,7 +907,7 @@ int *Day, *Month, *Year, *Hour, *Min, *Sec;
- Void VAXdate(s)
- char *s;
- {
-- long clock;
-+ time_t clock;
- char *c;
- int i;
- static int where[] = {8, 9, 0, 4, 5, 6, 0, 20, 21, 22, 23};
-@@ -924,7 +923,7 @@ char *s;
- Void VAXtime(s)
- char *s;
- {
-- long clock;
-+ time_t clock;
- char *c;
- int i;
-
-@@ -959,7 +958,14 @@ register int len, n;
- }
-
-
-+void *Malloc(size_t size) {
-+ void *p;
-
-+ if ( (p = malloc(size)) )
-+ return p;
-+ _OutMem();
-+ return p;
-+}
-
- /* if defined(__GNUC__) || defined(HAVE_INTTYPES_H) */
- #ifndef NO_INTTYPES_H
-@@ -985,85 +991,87 @@ int _NilCheck()
- /* The following is suitable for the HP Pascal operating system.
- It might want to be revised when emulating another system. */
-
--char *_ShowEscape(buf, code, ior, prefix)
-+char *_ShowEscape(buf, code, ior, prefix, size)
- char *buf, *prefix;
--int code, ior;
-+int code, ior, size;
- {
- char *bufp;
-+ int sizep;
-
- if (prefix && *prefix) {
-- strcpy(buf, prefix);
-- strcat(buf, ": ");
-+ strlcpy(buf, prefix, size);
-+ strlcat(buf, ": ", size);
- bufp = buf + strlen(buf);
- } else {
- bufp = buf;
- }
-+ sizep = size - strlen(buf);
- if (code == -10) {
-- sprintf(bufp, "Pascal system I/O error %d", ior);
-+ snprintf(bufp, sizep, "Pascal system I/O error %d", ior);
- switch (ior) {
- case 3:
-- strcat(buf, " (illegal I/O request)");
-+ strlcat(buf, " (illegal I/O request)", size);
- break;
- case 7:
-- strcat(buf, " (bad file name)");
-+ strlcat(buf, " (bad file name)", size);
- break;
- case FileNotFound: /*10*/
-- strcat(buf, " (file not found)");
-+ strlcat(buf, " (file not found)", size);
- break;
- case FileNotOpen: /*13*/
-- strcat(buf, " (file not open)");
-+ strlcat(buf, " (file not open)", size);
- break;
- case BadInputFormat: /*14*/
-- strcat(buf, " (bad input format)");
-+ strlcat(buf, " (bad input format)", size);
- break;
- case 24:
-- strcat(buf, " (not open for reading)");
-+ strlcat(buf, " (not open for reading)", size);
- break;
- case 25:
-- strcat(buf, " (not open for writing)");
-+ strlcat(buf, " (not open for writing)", size);
- break;
- case 26:
-- strcat(buf, " (not open for direct access)");
-+ strlcat(buf, " (not open for direct access)", size);
- break;
- case 28:
-- strcat(buf, " (string subscript out of range)");
-+ strlcat(buf, " (string subscript out of range)", size);
- break;
- case EndOfFile: /*30*/
-- strcat(buf, " (end-of-file)");
-+ strlcat(buf, " (end-of-file)", size);
- break;
- case FileWriteError: /*38*/
-- strcat(buf, " (file write error)");
-+ strlcat(buf, " (file write error)", size);
- break;
- }
- } else {
-- sprintf(bufp, "Pascal system error %d", code);
-+ snprintf(bufp, sizep, "Pascal system error %d", code);
- switch (code) {
- case -2:
-- strcat(buf, " (out of memory)");
-+ strlcat(buf, " (out of memory)", size);
- break;
- case -3:
-- strcat(buf, " (reference to NIL pointer)");
-+ strlcat(buf, " (reference to NIL pointer)", size);
- break;
- case -4:
-- strcat(buf, " (integer overflow)");
-+ strlcat(buf, " (integer overflow)", size);
- break;
- case -5:
-- strcat(buf, " (divide by zero)");
-+ strlcat(buf, " (divide by zero)", size);
- break;
- case -6:
-- strcat(buf, " (real math overflow)");
-+ strlcat(buf, " (real math overflow)", size);
- break;
- case -8:
-- strcat(buf, " (value range error)");
-+ strlcat(buf, " (value range error)", size);
- break;
- case -9:
-- strcat(buf, " (CASE value range error)");
-+ strlcat(buf, " (CASE value range error)", size);
- break;
- case -12:
-- strcat(buf, " (bus error)");
-+ strlcat(buf, " (bus error)", size);
- break;
- case -20:
-- strcat(buf, " (stopped by user)");
-+ strlcat(buf, " (stopped by user)", size);
- break;
- }
- }
-@@ -1086,7 +1094,7 @@ int code;
- exit(EXIT_SUCCESS);
- if (code == -1)
- exit(EXIT_FAILURE);
-- fprintf(stderr, "%s\n", _ShowEscape(buf, P_escapecode, P_ioresult, ""));
-+ fprintf(stderr, "%s\n", _ShowEscape(buf, P_escapecode, P_ioresult, "",
sizeof(buf)));
- exit(EXIT_FAILURE);
- }
-
-@@ -1105,7 +1113,7 @@ char *name;
- if (!__top_jb && name && *name) {
- char buf[100];
- fprintf(stderr, "%s: %s\n",
-- name, _ShowEscape(buf, P_escapecode, P_ioresult, ""));
-+ name, _ShowEscape(buf, P_escapecode, P_ioresult, "",
sizeof(buf)));
- exit(EXIT_FAILURE);
- }
- return _Escape(-10);
Index: patches/patch-pdf_c
===================================================================
RCS file: patches/patch-pdf_c
diff -N patches/patch-pdf_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-pdf_c 4 Oct 2019 10:08:33 -0000
@@ -0,0 +1,45 @@
+$OpenBSD$
+
+Index: pdf.c
+--- pdf.c.orig
++++ pdf.c
+@@ -154,7 +154,7 @@ pdfwfloat (double y) {
+ ix = ixd;
+ } while ((ix != 0) || (j <= 6));
+ for (j = 1; j <= ln; j++) {
+- sprintf (STR1, "%c", ts[ln - j]);
++ snprintf (STR1, sizeof(STR1), "%c", ts[ln - j]);
+ pdfstream (STR1, 1, &cx);
+ }
+ }
+@@ -311,10 +311,10 @@ pdfwstring (nametype * p) {
+ iswhite = ((c == etxch) || (c == nlch) || (c == tabch) || (c == ' '));
+ if ((!iswhite) || (!waswhite)) {
+ if ((c == bslch) || (c == ')') || (c == '(')) {
+- sprintf (STR1, "%c", bslch);
++ snprintf (STR1, sizeof(STR1), "%c", bslch);
+ pdfstream (STR1, 1, &cx);
+ }
+- sprintf (STR1, "%c", c);
++ snprintf (STR1, sizeof(STR1), "%c", c);
+ pdfstream (STR1, 1, &cx);
+ }
+ waswhite = iswhite;
+@@ -853,7 +853,7 @@ pdfdraw (primitive * node) {
+ pdfwpos (node->Upr.Uline.endpos);
+ pdfstream (" l", 2, &cx);
+ if (node->son != NULL) {
+- sprintf (STR1, "%c", nlch);
++ snprintf (STR1, sizeof(STR1), "%c", nlch);
+ pdfstream (STR1, 1, &cx);
+ } else {
+ pdfwln (" S", 2, &cx);
+@@ -932,7 +932,7 @@ pdfdraw (primitive * node) {
+ case XLaTeX:
+ if (node->textp != NULL) {
+ pdfwstring (node->textp);
+- sprintf (STR1, "%c", nlch);
++ snprintf (STR1, sizeof(STR1), "%c", nlch);
+ pdfstream (STR1, 1, &cx);
+ }
+ break;
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/graphics/dpic/pkg/PLIST,v
retrieving revision 1.2
diff -u -p -r1.2 PLIST
--- pkg/PLIST 9 Sep 2017 22:56:49 -0000 1.2
+++ pkg/PLIST 4 Oct 2019 10:08:33 -0000
@@ -58,6 +58,8 @@ share/examples/dpic/sources/man36.pic
share/examples/dpic/sources/man45.pic
share/examples/dpic/sources/man46.pic
share/examples/dpic/sources/man47.pic
+share/examples/dpic/sources/man48.pic
+share/examples/dpic/sources/man49.pic
share/examples/dpic/sources/mode.tex
share/examples/dpic/sources/test1.tex
share/examples/dpic/sources/test2.tex
