UPDATE: Imlib2 1.4.0

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

UPDATE: Imlib2 1.4.0

Brad Smith-14
Here is an update to Imlib2 1.4.0.

The new version integrates the security fixes and has
a few bug fixes.


Index: Makefile
===================================================================
RCS file: /cvs/ports/graphics/imlib2/Makefile,v
retrieving revision 1.16
diff -u -p -r1.16 Makefile
--- Makefile 8 Apr 2007 16:33:41 -0000 1.16
+++ Makefile 10 Jun 2007 19:47:08 -0000
@@ -2,12 +2,11 @@
 
 COMMENT= "image manipulation library"
 
-DISTNAME= imlib2-1.3.0
-PKGNAME= ${DISTNAME}p0
-SHARED_LIBS= Imlib2 4.0 # .4.0
+DISTNAME= imlib2-1.4.0
+SHARED_LIBS= Imlib2 5.0 # .5.0
 CATEGORIES= graphics
 
-HOMEPAGE= http://enlightenment.org/Libraries/Imlib2/
+HOMEPAGE= http://www.enlightenment.org/p.php?p=about/libs/imlib2&l=en
 
 # BSD
 PERMIT_PACKAGE_CDROM= Yes
Index: distinfo
===================================================================
RCS file: /cvs/ports/graphics/imlib2/distinfo,v
retrieving revision 1.5
diff -u -p -r1.5 distinfo
--- distinfo 5 Apr 2007 16:19:56 -0000 1.5
+++ distinfo 10 Jun 2007 19:36:56 -0000
@@ -1,5 +1,5 @@
-MD5 (imlib2-1.3.0.tar.gz) = ALck/G0tz6MEW7alVLssig==
-RMD160 (imlib2-1.3.0.tar.gz) = Jy/ApiaZ4PD2kPTMhBisXI4O5hU=
-SHA1 (imlib2-1.3.0.tar.gz) = rZxnOpTU5eYQcEzv0GhV+QAVHiU=
-SHA256 (imlib2-1.3.0.tar.gz) = Eof9ThI2ghH2CcAWBz3l1CpXvN3pPkbCavdXiBU8L9M=
-SIZE (imlib2-1.3.0.tar.gz) = 955862
+MD5 (imlib2-1.4.0.tar.gz) = affumWyUMUIzK0yYWXsJXA==
+RMD160 (imlib2-1.4.0.tar.gz) = W2Y6Qg4QCN3AR2ZZEsrUczI4A9o=
+SHA1 (imlib2-1.4.0.tar.gz) = K71luCppDSHasr/rM8w3D2u0k5M=
+SHA256 (imlib2-1.4.0.tar.gz) = TdjJlrtGbBDok26yg9ofkKggBCx09t6SB7UfTofiGYs=
+SIZE (imlib2-1.4.0.tar.gz) = 955897
Index: patches/patch-src_modules_loaders_loader_argb_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_argb_c
diff -N patches/patch-src_modules_loaders_loader_argb_c
--- patches/patch-src_modules_loaders_loader_argb_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,19 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_argb_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_argb.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_argb.c Mon Nov  6 10:41:32 2006
-@@ -47,6 +47,11 @@ load(ImlibImage * im, ImlibProgressFunct
-            fclose(f);
-            return 0;
-         }
-+      if ((w < 1) || (h < 1) || (w > 8192) || (h > 8192))
-+ {
-+           fclose(f);
-+           return 0;
-+ }
-       im->w = w;
-       im->h = h;
-       if (!im->format)
Index: patches/patch-src_modules_loaders_loader_gif_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_gif_c
diff -N patches/patch-src_modules_loaders_loader_gif_c
--- patches/patch-src_modules_loaders_loader_gif_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,19 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_gif_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_gif.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_gif.c Mon Nov  6 10:41:32 2006
-@@ -72,6 +72,11 @@ load(ImlibImage * im, ImlibProgressFunct
-                }
-              w = gif->Image.Width;
-              h = gif->Image.Height;
-+     if ((w < 1) || (h < 1) || (w > 8192) || (h > 8192))
-+       {
-+                  DGifCloseFile(gif);
-+                  return 0;
-+       }
-              rows = malloc(h * sizeof(GifRowType *));
-              if (!rows)
-                {
Index: patches/patch-src_modules_loaders_loader_jpeg_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_jpeg_c
diff -N patches/patch-src_modules_loaders_loader_jpeg_c
--- patches/patch-src_modules_loaders_loader_jpeg_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,20 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_jpeg_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_jpeg.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_jpeg.c Mon Nov  6 10:41:32 2006
-@@ -92,6 +92,12 @@ load(ImlibImage * im, ImlibProgressFunct
-      {
-         im->w = w = cinfo.output_width;
-         im->h = h = cinfo.output_height;
-+ if ((w < 1) || (h < 1) || (w > 8192) || (h > 8192))
-+  {
-+             jpeg_destroy_decompress(&cinfo);
-+             fclose(f);
-+             return 0;
-+  }
-         UNSET_FLAG(im->flags, F_HAS_ALPHA);
-         im->format = strdup("jpeg");
-      }
Index: patches/patch-src_modules_loaders_loader_lbm_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_lbm_c
diff -N patches/patch-src_modules_loaders_loader_lbm_c
--- patches/patch-src_modules_loaders_loader_lbm_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,19 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_lbm_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_lbm.c.orig Wed Sep  6 13:34:49 2006
-+++ src/modules/loaders/loader_lbm.c Mon Nov  6 10:41:32 2006
-@@ -421,7 +421,10 @@ ILBM    ilbm;
-
-         im->w = L2RWORD(ilbm.bmhd.data);
-         im->h = L2RWORD(ilbm.bmhd.data + 2);
--        if (im->w <= 0 || im->h <= 0) ok = 0;
-+ if ((im->w < 1) || (im->h < 1) || (im->w > 8192) || (im->h > 8192))
-+  {
-+     ok = 0;
-+  }
-
-         ilbm.depth = ilbm.bmhd.data[8];
-         if (ilbm.depth < 1 || (ilbm.depth > 8 && ilbm.depth != 24 && ilbm.depth != 32)) ok = 0; /* Only 1 to 8, 24, or 32 planes. */
Index: patches/patch-src_modules_loaders_loader_png_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_png_c
diff -N patches/patch-src_modules_loaders_loader_png_c
--- patches/patch-src_modules_loaders_loader_png_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,21 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_png_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_png.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_png.c Mon Nov  6 10:41:32 2006
-@@ -85,6 +85,13 @@ load(ImlibImage * im, ImlibProgressFunct
-                      &interlace_type, NULL, NULL);
-         im->w = (int)w32;
-         im->h = (int)h32;
-+ if ((w32 < 1) || (h32 < 1) || (w32 > 8192) || (h32 > 8192))
-+  {
-+             png_read_end(png_ptr, info_ptr);
-+             png_destroy_read_struct(&png_ptr, &info_ptr, (png_infopp) NULL);
-+             fclose(f);
-+             return 0;
-+  }
-         if (color_type == PNG_COLOR_TYPE_PALETTE)
-  {
-     png_set_expand(png_ptr);
Index: patches/patch-src_modules_loaders_loader_pnm_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_pnm_c
diff -N patches/patch-src_modules_loaders_loader_pnm_c
--- patches/patch-src_modules_loaders_loader_pnm_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,28 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_pnm_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_pnm.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_pnm.c Mon Nov  6 10:41:32 2006
-@@ -107,7 +107,7 @@ load(ImlibImage * im, ImlibProgressFunct
-                }
-           }
-      }
--   if ((w <= 0) || (w > 8192) || (h <= 0) || (h > 8192) || (v < 0) || (v > 255))
-+   if ((v < 0) || (v > 255))
-      {
-         fclose(f);
-         return 0;
-@@ -115,6 +115,11 @@ load(ImlibImage * im, ImlibProgressFunct
-
-    im->w = w;
-    im->h = h;
-+   if ((w < 1) || (h < 1) || (w > 8192) || (h > 8192))
-+     {
-+ fclose(f);
-+ return 0;
-+     }
-    if (!im->format)
-      {
-         if (p == '8')
Index: patches/patch-src_modules_loaders_loader_tga_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_tga_c
diff -N patches/patch-src_modules_loaders_loader_tga_c
--- patches/patch-src_modules_loaders_loader_tga_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,85 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_tga_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_tga.c.orig Wed Sep  6 13:34:49 2006
-+++ src/modules/loaders/loader_tga.c Mon Nov  6 10:41:32 2006
-@@ -297,9 +297,8 @@ load(ImlibImage * im, ImlibProgressFunct
-    im->w = (header->widthHi << 8) | header->widthLo;
-    im->h = (header->heightHi << 8) | header->heightLo;
-
--   if ((im->w > 32767) || (im->w < 1) || (im->h > 32767) || (im->h < 1))
-+   if ((im->w < 1) || (im->h < 1) || (im->w > 8192) || (im->h > 8192))
-      {
--        im->w = 0;
- munmap(seg, ss.st_size);
-         close(fd);
-         return 0;
-@@ -318,7 +317,7 @@ load(ImlibImage * im, ImlibProgressFunct
-    if (((!im->data) && (im->loader)) || (immediate_load) || (progress))
-      {
-         unsigned long       datasize;
--        unsigned char      *bufptr;
-+        unsigned char      *bufptr, *bufend;
-         DATA32             *dataptr;
-
-         int                 y;
-@@ -346,6 +345,7 @@ load(ImlibImage * im, ImlibProgressFunct
-
-         /* bufptr is the next byte to be read from the buffer */
-         bufptr = filedata;
-+ bufend = filedata + datasize;
-
-         /* dataptr is the next 32-bit pixel to be filled in */
-         dataptr = im->data;
-@@ -418,9 +418,10 @@ load(ImlibImage * im, ImlibProgressFunct
-              unsigned char       curbyte, red, green, blue, alpha;
-              DATA32             *final_pixel = dataptr + im->w * im->h;
-
--             /* loop until we've got all the pixels */
--             while (dataptr < final_pixel)
--               {
-+             /* loop until we've got all the pixels or run out of input */
-+     while ((dataptr < final_pixel) &&
-+    ((bufptr + 1 + (bpp / 8)) < bufend))
-+       {
-                   int                 count;
-
-                   curbyte = *bufptr++;
-@@ -437,7 +438,7 @@ load(ImlibImage * im, ImlibProgressFunct
-                               green = *bufptr++;
-                               red = *bufptr++;
-                               alpha = *bufptr++;
--                              for (i = 0; i < count; i++)
-+    for (i = 0; (i < count) && (dataptr < final_pixel); i++)
-                                 {
-                                    WRITE_RGBA(dataptr, red, green, blue, alpha);
-                                    dataptr++;
-@@ -448,7 +449,7 @@ load(ImlibImage * im, ImlibProgressFunct
-                               blue = *bufptr++;
-                               green = *bufptr++;
-                               red = *bufptr++;
--                              for (i = 0; i < count; i++)
-+    for (i = 0; (i < count) && (dataptr < final_pixel); i++)
-                                 {
-                                    WRITE_RGBA(dataptr, red, green, blue,
-                                               (char)0xff);
-@@ -458,7 +459,7 @@ load(ImlibImage * im, ImlibProgressFunct
-
-                            case 8:
-                               alpha = *bufptr++;
--                              for (i = 0; i < count; i++)
-+    for (i = 0; (i < count) && (dataptr < final_pixel); i++)
-                                 {
-                                    WRITE_RGBA(dataptr, alpha, alpha, alpha,
-                                               (char)0xff);
-@@ -473,7 +474,7 @@ load(ImlibImage * im, ImlibProgressFunct
-                     {
-                        int                 i;
-
--                       for (i = 0; i < count; i++)
-+                       for (i = 0; (i < count) && (dataptr < final_pixel); i++)
-                          {
-                             switch (bpp)
-                               {
Index: patches/patch-src_modules_loaders_loader_tiff_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_tiff_c
diff -N patches/patch-src_modules_loaders_loader_tiff_c
--- patches/patch-src_modules_loaders_loader_tiff_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,54 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_tiff_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_tiff.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_tiff.c Mon Nov  6 10:41:32 2006
-@@ -75,11 +75,11 @@ static void
- raster(TIFFRGBAImage_Extra * img, uint32 * rast,
-        uint32 x, uint32 y, uint32 w, uint32 h)
- {
--   uint32              image_width, image_height;
-+   int                 image_width, image_height;
-    uint32             *pixel, pixel_value;
-    int                 i, j, dy, rast_offset;
-    DATA32             *buffer_pixel, *buffer = img->image->data;
--   int                 alpha_premult = (EXTRASAMPLE_UNASSALPHA==img->rgba.alpha);
-+   int                 alpha_premult;
-
-    image_width = img->image->w;
-    image_height = img->image->h;
-@@ -91,6 +91,8 @@ raster(TIFFRGBAImage_Extra * img, uint32
-    /* I don't understand why, but that seems to be what's going on. */
-    /* libtiff needs better docs! */
-
-+   if (img->rgba.alpha == EXTRASAMPLE_UNASSALPHA)
-+     alpha_premult = 1;
-    for (i = y, rast_offset = 0; i > dy; i--, rast_offset--)
-      {
-         pixel = rast + (rast_offset * image_width);
-@@ -204,6 +206,12 @@ load(ImlibImage * im, ImlibProgressFunct
-    rgba_image.image = im;
-    im->w = width = rgba_image.rgba.width;
-    im->h = height = rgba_image.rgba.height;
-+   if ((width < 1) || (height < 1) || (width > 8192) || (height > 8192))
-+     {
-+ TIFFRGBAImageEnd((TIFFRGBAImage *) & rgba_image);
-+        TIFFClose(tif);
-+        return 0;
-+     }
-    rgba_image.num_pixels = num_pixels = width * height;
-    if (rgba_image.rgba.alpha != EXTRASAMPLE_UNSPECIFIED)
-       SET_FLAG(im->flags, F_HAS_ALPHA);
-@@ -397,8 +405,9 @@ save(ImlibImage * im, ImlibProgressFunct
-
-    if (has_alpha)
-      {
-+ uint16 extras[] = { EXTRASAMPLE_ASSOCALPHA };
-         TIFFSetField(tif, TIFFTAG_SAMPLESPERPIXEL, 4);
--        TIFFSetField(tif, TIFFTAG_EXTRASAMPLES, EXTRASAMPLE_ASSOCALPHA);
-+ TIFFSetField(tif, TIFFTAG_EXTRASAMPLES, 1, extras);
-      }
-    else
-      {
Index: patches/patch-src_modules_loaders_loader_xpm_c
===================================================================
RCS file: patches/patch-src_modules_loaders_loader_xpm_c
diff -N patches/patch-src_modules_loaders_loader_xpm_c
--- patches/patch-src_modules_loaders_loader_xpm_c 20 Nov 2006 09:21:09 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,31 +0,0 @@
-$OpenBSD: patch-src_modules_loaders_loader_xpm_c,v 1.1 2006/11/20 09:21:09 bernd Exp $
-
-Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
-Should be fixed in >1.3.0.
-
---- src/modules/loaders/loader_xpm.c.orig Tue Sep  5 02:37:07 2006
-+++ src/modules/loaders/loader_xpm.c Mon Nov  6 10:41:32 2006
-@@ -211,19 +211,19 @@ load(ImlibImage * im, ImlibProgressFunct
-                             xpm_parse_done();
-                             return 0;
-                          }
--                       if ((w > 32767) || (w < 1))
-+                       if ((w > 8192) || (w < 1))
-                          {
-                             fprintf(stderr,
--                                    "IMLIB ERROR: Image width > 32767 or < 1 pixels for file\n");
-+                                    "IMLIB ERROR: Image width > 8192 or < 1 pixels for file\n");
-                             free(line);
-                             fclose(f);
-                             xpm_parse_done();
-                             return 0;
-                          }
--                       if ((h > 32767) || (h < 1))
-+                       if ((h > 8192) || (h < 1))
-                          {
-                             fprintf(stderr,
--                                    "IMLIB ERROR: Image height > 32767 or < 1 pixels for file\n");
-+                                    "IMLIB ERROR: Image height > 8192 or < 1 pixels for file\n");
-                             free(line);
-                             fclose(f);
-                             xpm_parse_done();