[gentoo-commits] repo/gentoo:master commit in: media-libs/gd/files/, media-libs/gd/ - gentoo-commits

From:	Andreas Sturmlechner <asturm@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: media-libs/gd/files/, media-libs/gd/
Date:	Fri, 14 Sep 2018 19:16:07
Message-Id:	`1536952547.04cf9aa3bf7e0746e85461c3c56d9f9a95ce6fba.asturm@gentoo`

1

commit:     04cf9aa3bf7e0746e85461c3c56d9f9a95ce6fba

2

Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

3

AuthorDate: Fri Sep 14 19:11:20 2018 +0000

4

Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

5

CommitDate: Fri Sep 14 19:15:47 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=04cf9aa3

7

8

media-libs/gd: Fix CVE-2018-1000222

9

10

Thanks-to: Eddie Chapman <maracay <AT> ehuk.net>

11

Bug: https://bugs.gentoo.org/664732

12

Package-Manager: Portage-2.3.49, Repoman-2.3.10

13

14

 .../gd/files/gd-2.2.5-CVE-2018-1000222.patch       | 73 ++++++++++++++++++++++

15

 media-libs/gd/gd-2.2.5-r1.ebuild                   | 64 +++++++++++++++++++

16

 2 files changed, 137 insertions(+)

17

18

diff --git a/media-libs/gd/files/gd-2.2.5-CVE-2018-1000222.patch b/media-libs/gd/files/gd-2.2.5-CVE-2018-1000222.patch

19

new file mode 100644

20

index 00000000000..80f9712bf8e

21

--- /dev/null

22

+++ b/media-libs/gd/files/gd-2.2.5-CVE-2018-1000222.patch

23

@@ -0,0 +1,73 @@

24

+From ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 Mon Sep 17 00:00:00 2001

25

+From: Mike Frysinger <vapier@g.o>

26

+Date: Sat, 14 Jul 2018 13:54:08 -0400

27

+Subject: [PATCH] bmp: check return value in gdImageBmpPtr

28

+

29

+Closes #447.

30

+---

31

+ src/gd_bmp.c | 17 ++++++++++++++---

32

+ 1 file changed, 14 insertions(+), 3 deletions(-)

33

+

34

+diff --git a/src/gd_bmp.c b/src/gd_bmp.c

35

+index bde0b9d3..78f40d9a 100644

36

+--- a/src/gd_bmp.c

37

++++ b/src/gd_bmp.c

38

+@@ -47,6 +47,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp

39

+ static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header);

40

+ static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info);

41

+

42

++static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression);

43

++

44

+ #define BMP_DEBUG(s)

45

+

46

+ static int gdBMPPutWord(gdIOCtx *out, int w)

47

+@@ -87,8 +89,10 @@ BGD_DECLARE(void *) gdImageBmpPtr(gdImagePtr im, int *size, int compression)

48

+ 	void *rv;

49

+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);

50

+ 	if (out == NULL) return NULL;

51

+-	gdImageBmpCtx(im, out, compression);

52

+-	rv = gdDPExtractData(out, size);

53

++	if (!_gdImageBmpCtx(im, out, compression))

54

++		rv = gdDPExtractData(out, size);

55

++	else

56

++		rv = NULL;

57

+ 	out->gd_free(out);

58

+ 	return rv;

59

+ }

60

+@@ -141,6 +145,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression)

61

+ 		compression - whether to apply RLE or not.

62

+ */

63

+ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)

64

++{

65

++	_gdImageBmpCtx(im, out, compression);

66

++}

67

++

68

++static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)

69

+ {

70

+ 	int bitmap_size = 0, info_size, total_size, padding;

71

+ 	int i, row, xpos, pixel;

72

+@@ -148,6 +157,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)

73

+ 	unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL;

74

+ 	FILE *tmpfile_for_compression = NULL;

75

+ 	gdIOCtxPtr out_original = NULL;

76

++	int ret = 1;

77

+

78

+ 	/* No compression if its true colour or we don't support seek */

79

+ 	if (im->trueColor) {

80

+@@ -325,6 +335,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)

81

+ 		out_original = NULL;

82

+ 	}

83

+

84

++	ret = 0;

85

+ cleanup:

86

+ 	if (tmpfile_for_compression) {

87

+ #ifdef _WIN32

88

+@@ -338,7 +349,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)

89

+ 	if (out_original) {

90

+ 		out_original->gd_free(out_original);

91

+ 	}

92

+-	return;

93

++	return ret;

94

+ }

95

+

96

+ static int compress_row(unsigned char *row, int length)

97

98

diff --git a/media-libs/gd/gd-2.2.5-r1.ebuild b/media-libs/gd/gd-2.2.5-r1.ebuild

99

new file mode 100644

100

index 00000000000..79f1957b3f5

101

--- /dev/null

102

+++ b/media-libs/gd/gd-2.2.5-r1.ebuild

103

@@ -0,0 +1,64 @@

104

+# Copyright 1999-2018 Gentoo Foundation

105

+# Distributed under the terms of the GNU General Public License v2

106

+

107

+EAPI="6"

108

+

109

+inherit libtool ltprune multilib-minimal

110

+

111

+DESCRIPTION="A graphics library for fast image creation"

112

+HOMEPAGE="http://libgd.org/ http://www.boutell.com/gd/"

113

+SRC_URI="https://github.com/libgd/libgd/releases/download/${P}/lib${P}.tar.xz"

114

+

115

+LICENSE="gd IJG HPND BSD"

116

+SLOT="2/3"

117

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"

118

+IUSE="fontconfig jpeg png static-libs tiff truetype webp xpm zlib"

119

+

120

+# fontconfig has prefixed font paths, details see bug #518970

121

+REQUIRED_USE="prefix? ( fontconfig )"

122

+

123

+RDEPEND="fontconfig? ( >=media-libs/fontconfig-2.10.92[${MULTILIB_USEDEP}] )

124

+	jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] )

125

+	png? ( >=media-libs/libpng-1.6.10:0=[${MULTILIB_USEDEP}] )

126

+	tiff? ( media-libs/tiff:0[${MULTILIB_USEDEP}] )

127

+	truetype? ( >=media-libs/freetype-2.5.0.1[${MULTILIB_USEDEP}] )

128

+	webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] )

129

+	xpm? ( >=x11-libs/libXpm-3.5.10-r1[${MULTILIB_USEDEP}] >=x11-libs/libXt-1.1.4[${MULTILIB_USEDEP}] )

130

+	zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"

131

+DEPEND="${RDEPEND}

132

+	>=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]"

133

+

134

+S="${WORKDIR}/lib${P}"

135

+

136

+PATCHES=( "${FILESDIR}/${P}-CVE-2018-1000222.patch" )

137

+

138

+src_prepare() {

139

+	default

140

+	elibtoolize  # for shared library on Solaris

141

+}

142

+

143

+multilib_src_configure() {

144

+	# we aren't actually {en,dis}abling X here ... the configure

145

+	# script uses it just to add explicit -I/-L paths which we

146

+	# don't care about on Gentoo systems.

147

+	local myeconfargs=(

148

+		--disable-werror

149

+		--without-x

150

+		--without-liq

151

+		$(use_enable static-libs static)

152

+		$(use_with fontconfig)

153

+		$(use_with png)

154

+		$(use_with tiff)

155

+		$(use_with truetype freetype)

156

+		$(use_with jpeg)

157

+		$(use_with webp)

158

+		$(use_with xpm)

159

+		$(use_with zlib)

160

+	)

161

+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"

162

+}

163

+

164

+multilib_src_install_all() {

165

+	dodoc README.md

166

+	prune_libtool_files

167

+}

1	commit: 04cf9aa3bf7e0746e85461c3c56d9f9a95ce6fba
2	Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
3	AuthorDate: Fri Sep 14 19:11:20 2018 +0000
4	Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
5	CommitDate: Fri Sep 14 19:15:47 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=04cf9aa3
7
8	media-libs/gd: Fix CVE-2018-1000222
9
10	Thanks-to: Eddie Chapman <maracay <AT> ehuk.net>
11	Bug: https://bugs.gentoo.org/664732
12	Package-Manager: Portage-2.3.49, Repoman-2.3.10
13
14	.../gd/files/gd-2.2.5-CVE-2018-1000222.patch \| 73 ++++++++++++++++++++++
15	media-libs/gd/gd-2.2.5-r1.ebuild \| 64 +++++++++++++++++++
16	2 files changed, 137 insertions(+)
17
18	diff --git a/media-libs/gd/files/gd-2.2.5-CVE-2018-1000222.patch b/media-libs/gd/files/gd-2.2.5-CVE-2018-1000222.patch
19	new file mode 100644
20	index 00000000000..80f9712bf8e
21	--- /dev/null
22	+++ b/media-libs/gd/files/gd-2.2.5-CVE-2018-1000222.patch
23	@@ -0,0 +1,73 @@
24	+From ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 Mon Sep 17 00:00:00 2001
25	+From: Mike Frysinger <vapier@g.o>
26	+Date: Sat, 14 Jul 2018 13:54:08 -0400
27	+Subject: [PATCH] bmp: check return value in gdImageBmpPtr
28	+
29	+Closes #447.
30	+---
31	+ src/gd_bmp.c \| 17 ++++++++++++++---
32	+ 1 file changed, 14 insertions(+), 3 deletions(-)
33	+
34	+diff --git a/src/gd_bmp.c b/src/gd_bmp.c
35	+index bde0b9d3..78f40d9a 100644
36	+--- a/src/gd_bmp.c
37	++++ b/src/gd_bmp.c
38	+@@ -47,6 +47,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp
39	+ static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t info, bmp_hdr_t header);
40	+ static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info);
41	+
42	++static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression);
43	++
44	+ #define BMP_DEBUG(s)
45	+
46	+ static int gdBMPPutWord(gdIOCtx *out, int w)
47	+@@ -87,8 +89,10 @@ BGD_DECLARE(void ) gdImageBmpPtr(gdImagePtr im, int size, int compression)
48	+ void *rv;
49	+ gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
50	+ if (out == NULL) return NULL;
51	+- gdImageBmpCtx(im, out, compression);
52	+- rv = gdDPExtractData(out, size);
53	++ if (!_gdImageBmpCtx(im, out, compression))
54	++ rv = gdDPExtractData(out, size);
55	++ else
56	++ rv = NULL;
57	+ out->gd_free(out);
58	+ return rv;
59	+ }
60	+@@ -141,6 +145,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression)
61	+ compression - whether to apply RLE or not.
62	+ */
63	+ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
64	++{
65	++ _gdImageBmpCtx(im, out, compression);
66	++}
67	++
68	++static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
69	+ {
70	+ int bitmap_size = 0, info_size, total_size, padding;
71	+ int i, row, xpos, pixel;
72	+@@ -148,6 +157,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
73	+ unsigned char uncompressed_row = NULL, uncompressed_row_start = NULL;
74	+ FILE *tmpfile_for_compression = NULL;
75	+ gdIOCtxPtr out_original = NULL;
76	++ int ret = 1;
77	+
78	+ /* No compression if its true colour or we don't support seek */
79	+ if (im->trueColor) {
80	+@@ -325,6 +335,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
81	+ out_original = NULL;
82	+ }
83	+
84	++ ret = 0;
85	+ cleanup:
86	+ if (tmpfile_for_compression) {
87	+ #ifdef _WIN32
88	+@@ -338,7 +349,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
89	+ if (out_original) {
90	+ out_original->gd_free(out_original);
91	+ }
92	+- return;
93	++ return ret;
94	+ }
95	+
96	+ static int compress_row(unsigned char *row, int length)
97
98	diff --git a/media-libs/gd/gd-2.2.5-r1.ebuild b/media-libs/gd/gd-2.2.5-r1.ebuild
99	new file mode 100644
100	index 00000000000..79f1957b3f5
101	--- /dev/null
102	+++ b/media-libs/gd/gd-2.2.5-r1.ebuild
103	@@ -0,0 +1,64 @@
104	+# Copyright 1999-2018 Gentoo Foundation
105	+# Distributed under the terms of the GNU General Public License v2
106	+
107	+EAPI="6"
108	+
109	+inherit libtool ltprune multilib-minimal
110	+
111	+DESCRIPTION="A graphics library for fast image creation"
112	+HOMEPAGE="http://libgd.org/ http://www.boutell.com/gd/"
113	+SRC_URI="https://github.com/libgd/libgd/releases/download/${P}/lib${P}.tar.xz"
114	+
115	+LICENSE="gd IJG HPND BSD"
116	+SLOT="2/3"
117	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
118	+IUSE="fontconfig jpeg png static-libs tiff truetype webp xpm zlib"
119	+
120	+# fontconfig has prefixed font paths, details see bug #518970
121	+REQUIRED_USE="prefix? ( fontconfig )"
122	+
123	+RDEPEND="fontconfig? ( >=media-libs/fontconfig-2.10.92[${MULTILIB_USEDEP}] )
124	+ jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] )
125	+ png? ( >=media-libs/libpng-1.6.10:0=[${MULTILIB_USEDEP}] )
126	+ tiff? ( media-libs/tiff:0[${MULTILIB_USEDEP}] )
127	+ truetype? ( >=media-libs/freetype-2.5.0.1[${MULTILIB_USEDEP}] )
128	+ webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] )
129	+ xpm? ( >=x11-libs/libXpm-3.5.10-r1[${MULTILIB_USEDEP}] >=x11-libs/libXt-1.1.4[${MULTILIB_USEDEP}] )
130	+ zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
131	+DEPEND="${RDEPEND}
132	+ >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]"
133	+
134	+S="${WORKDIR}/lib${P}"
135	+
136	+PATCHES=( "${FILESDIR}/${P}-CVE-2018-1000222.patch" )
137	+
138	+src_prepare() {
139	+ default
140	+ elibtoolize # for shared library on Solaris
141	+}
142	+
143	+multilib_src_configure() {
144	+ # we aren't actually {en,dis}abling X here ... the configure
145	+ # script uses it just to add explicit -I/-L paths which we
146	+ # don't care about on Gentoo systems.
147	+ local myeconfargs=(
148	+ --disable-werror
149	+ --without-x
150	+ --without-liq
151	+ $(use_enable static-libs static)
152	+ $(use_with fontconfig)
153	+ $(use_with png)
154	+ $(use_with tiff)
155	+ $(use_with truetype freetype)
156	+ $(use_with jpeg)
157	+ $(use_with webp)
158	+ $(use_with xpm)
159	+ $(use_with zlib)
160	+ )
161	+ ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
162	+}
163	+
164	+multilib_src_install_all() {
165	+ dodoc README.md
166	+ prune_libtool_files
167	+}

Gentoo Archives: gentoo-commits