[Frugalware-git] frugalware-current: wxgtk-2.8.10-1-i686

Miklos Vajna Mon, 12 Oct 2009 13:21:58 -0700

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=af62f7ee7252f12af64c0f739c954cca57ee7ef8


commit af62f7ee7252f12af64c0f739c954cca57ee7ef8
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Mon Oct 12 22:21:33 2009 +0200

wxgtk-2.8.10-1-i686

- version bump

diff --git a/source/xlib-extra/wxgtk/FrugalBuild 
b/source/xlib-extra/wxgtk/FrugalBuild
index bb0c789..de7573e 100644
--- a/source/xlib-extra/wxgtk/FrugalBuild
+++ b/source/xlib-extra/wxgtk/FrugalBuild
@@ -3,8 +3,8 @@
# Contributor: Miklos Nemeth <de...@frugalware.org>

pkgname=wxgtk
-pkgver=2.8.9
-pkgrel=2
+pkgver=2.8.10
+pkgrel=1
pkgdesc="GTK+ implementation of wxWidgets API for GUI'"
_F_sourceforge_dirname="wxwindows"
_F_sourceforge_name="wxGTK"
@@ -19,7 +19,10 @@ options=('scriptlet')
replaces=('wxgtk-devel')
conflicts=('wxgtk-devel')
VER="2.8"
-sha1sums=('e13e40280cc83dda55aa50682cde3ca206a012dc')
+source=($source wxGTK-2.8.10-CVE-2009-2369.patch wxGTK-2.8.10-gsocket.patch)
+sha1sums=('1e4bee16a423efeef665ed70e82b6e7dc5468cf4' \
+          '36e74d5384e912f6bf1890c582d872b805e5bbfb' \
+          '885442567f2f80f78f9ed4f0ac2483c6fc932efe')

subpkgs=("$pkgname-locale" "$pkgname-u8")
subdescs=('Locale files for wxWidgets' "GTK+ implementation of wxWidgets API 
for GUI (unicode).")
diff --git a/source/xlib-extra/wxgtk/wxGTK-2.8.10-CVE-2009-2369.patch 
b/source/xlib-extra/wxgtk/wxGTK-2.8.10-CVE-2009-2369.patch
new file mode 100644
index 0000000..42392c8
--- /dev/null
+++ b/source/xlib-extra/wxgtk/wxGTK-2.8.10-CVE-2009-2369.patch
@@ -0,0 +1,59 @@
+diff -Naurp wxPython-src-2.8.10.1-orig/src/common/imagpng.cpp 
wxPython-src-2.8.10.1/src/common/imagpng.cpp
+--- wxPython-src-2.8.10.1-orig/src/common/imagpng.cpp  2008-05-11 
22:26:45.000000000 -0600
++++ wxPython-src-2.8.10.1/src/common/imagpng.cpp       2009-07-18 
19:54:13.128547627 -0600
+@@ -568,18 +568,16 @@ wxPNGHandler::LoadFile(wxImage *image,
+     if (!image->Ok())
+         goto error;
+
+-    lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char 
*)) );
++    // initialize all line pointers to NULL to ensure that they can be safely
++    // free()d if an error occurs before all of them could be allocated
++    lines = (unsigned char **)calloc(height, sizeof(unsigned char *));
+     if ( !lines )
+         goto error;
+
+     for (i = 0; i < height; i++)
+     {
+         if ((lines[i] = (unsigned char *)malloc( (size_t)(width * 
(sizeof(unsigned char) * 4)))) == NULL)
+-        {
+-            for ( unsigned int n = 0; n < i; n++ )
+-                free( lines[n] );
+             goto error;
+-        }
+     }
+
+     png_read_image( png_ptr, lines );
+diff -Naurp wxPython-src-2.8.10.1-orig/src/common/imagtiff.cpp 
wxPython-src-2.8.10.1/src/common/imagtiff.cpp
+--- wxPython-src-2.8.10.1-orig/src/common/imagtiff.cpp 2007-09-21 
14:27:05.000000000 -0600
++++ wxPython-src-2.8.10.1/src/common/imagtiff.cpp      2009-07-18 
19:54:35.801832862 -0600
+@@ -261,7 +261,6 @@ bool wxTIFFHandler::LoadFile( wxImage *i
+     }
+
+     uint32 w, h;
+-    uint32 npixels;
+     uint32 *raster;
+
+     TIFFGetField( tif, TIFFTAG_IMAGEWIDTH, &w );
+@@ -275,9 +274,20 @@ bool wxTIFFHandler::LoadFile( wxImage *i
+                            (samplesInfo[0] == EXTRASAMPLE_ASSOCALPHA ||
+                             samplesInfo[0] == EXTRASAMPLE_UNASSALPHA));
+
+-    npixels = w * h;
++    // guard against integer overflow during multiplication which could result
++    // in allocating a too small buffer and then overflowing it
++    const double bytesNeeded = (double)w * (double)h * sizeof(uint32);
++    if ( bytesNeeded >= 4294967295U /* UINT32_MAX */ )
++    {
++        if ( verbose )
++            wxLogError( _("TIFF: Image size is abnormally big.") );
++
++        TIFFClose(tif);
++
++        return false;
++    }
+
+-    raster = (uint32*) _TIFFmalloc( npixels * sizeof(uint32) );
++    raster = (uint32*) _TIFFmalloc( bytesNeeded );
+
+     if (!raster)
+     {
diff --git a/source/xlib-extra/wxgtk/wxGTK-2.8.10-gsocket.patch 
b/source/xlib-extra/wxgtk/wxGTK-2.8.10-gsocket.patch
new file mode 100644
index 0000000..b875cb8
--- /dev/null
+++ b/source/xlib-extra/wxgtk/wxGTK-2.8.10-gsocket.patch
@@ -0,0 +1,16 @@
+--- wxPython-src-2.8.10.1-orig/src/gtk/gsockgtk.cpp
++++ wxPython-src-2.8.10.1/src/gtk/gsockgtk.cpp
+@@ -15,8 +15,13 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+
++// newer versions of glib define its own GSocket but we unfortunately use this
++// name in our own (semi-)public header and so can't change it -- rename glib
++// one instead
++#define GSocket GlibGSocket
+ #include <gdk/gdk.h>
+ #include <glib.h>
++#undef GSocket
+
+ #include "wx/gsocket.h"
+ #include "wx/unix/gsockunx.h"
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

[Frugalware-git] frugalware-current: wxgtk-2.8.10-1-i686

Reply via email to