OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Torsten Homeyer Root: /e/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 01-Jul-2004 16:10:13 Branch: HEAD Handle: -NONE- Modified files: openpkg-src/perl-tk perl-tk.patch perl-tk.spec Log: added Security Fix (CAN-2002-1363) for png Summary: Revision Changes Path 1.4 +102 -39 openpkg-src/perl-tk/perl-tk.patch 1.63 +1 -1 openpkg-src/perl-tk/perl-tk.spec ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/perl-tk/perl-tk.patch ============================================================================ $ cvs diff -u -r1.3 -r1.4 perl-tk.patch --- openpkg-src/perl-tk/perl-tk.patch 29 Apr 2004 15:06:57 -0000 1.3 +++ openpkg-src/perl-tk/perl-tk.patch 1 Jul 2004 14:10:12 -0000 1.4 @@ -1,6 +1,62 @@ ---- Tk-804.027/PNG/libpng/pngrtran.c.orig Wed Oct 2 20:20:24 2002 -+++ Tk-804.027/PNG/libpng/pngrtran.c Wed Jan 15 11:30:23 2003 -@@ -1965,8 +1965,8 @@ +Index: Tk-PNG-2.005/libpng/pngconf.h +--- Tk-PNG-2.005/libpng/pngconf.h.orig 2004-07-01 13:18:23 +0200 ++++ Tk-PNG-2.005/libpng/pngconf.h 2004-07-01 13:30:50 +0200 +@@ -119,10 +119,6 @@ + #define _PNG_SAVE_BSD_SOURCE + #undef _BSD_SOURCE + #endif +-#ifdef _SETJMP_H +-__png.h__ already includes setjmp.h +-__dont__ include it again +-#endif + #endif /* __linux__ */ + + /* include setjmp.h for error handling */ +Index: Tk-PNG-2.005/libpng/pngerror.c +--- Tk-PNG-2.005/libpng/pngerror.c.orig 2004-07-01 13:18:23 +0200 ++++ Tk-PNG-2.005/libpng/pngerror.c 2004-07-01 13:34:07 +0200 +@@ -82,10 +82,13 @@ + if (message == NULL) + buffer[iout] = 0; + else { ++ png_size_t len; ++ if ((len = png_strlen(error_message)) > 63) ++ len = 63; + buffer[iout++] = ':'; + buffer[iout++] = ' '; +- png_memcpy(buffer+iout, message, 64); +- buffer[iout+63] = 0; ++ png_memcpy(buffer+iout, error_message, len); ++ buffer[iout+len] = 0; + } + } + +Index: Tk-PNG-2.005/libpng/pngrtran.c +--- Tk-PNG-2.005/libpng/pngrtran.c.orig 2000-04-21 20:57:35 +0200 ++++ Tk-PNG-2.005/libpng/pngrtran.c 2004-07-01 13:18:23 +0200 +@@ -1783,8 +1783,8 @@ + /* This changes the data from GG to GGXX */ + if (flags & PNG_FLAG_FILLER_AFTER) + { +- png_bytep sp = row + (png_size_t)row_width; +- png_bytep dp = sp + (png_size_t)row_width; ++ png_bytep sp = row + (png_size_t)row_width * 2; ++ png_bytep dp = sp + (png_size_t)row_width * 2; + for (i = 1; i < row_width; i++) + { + *(--dp) = hi_filler; +@@ -1801,8 +1801,8 @@ + /* This changes the data from GG to XXGG */ + else + { +- png_bytep sp = row + (png_size_t)row_width; +- png_bytep dp = sp + (png_size_t)row_width; ++ png_bytep sp = row + (png_size_t)row_width * 2; ++ png_bytep dp = sp + (png_size_t)row_width * 2; + for (i = 0; i < row_width; i++) + { + *(--dp) = *(--sp); +@@ -1859,8 +1859,8 @@ /* This changes the data from RRGGBB to RRGGBBXX */ if (flags & PNG_FLAG_FILLER_AFTER) { @@ -11,7 +67,7 @@ for (i = 1; i < row_width; i++) { *(--dp) = hi_filler; -@@ -1987,8 +1987,8 @@ +@@ -1881,8 +1881,8 @@ /* This changes the data from RRGGBB to XXRRGGBB */ else { @@ -22,13 +78,23 @@ for (i = 0; i < row_width; i++) { *(--dp) = *(--sp); - -Steve G <[EMAIL PROTECTED]> -Libpng accesses memory that is out of bounds when creating an error message - -Index: pngerror.c ---- Tk-804.027/PNG/libpng/pngerror.c.orig 2002-10-03 13:32:27.000000000 +0200 -+++ Tk-804.027/PNG/libpng/pngerror.c 2004-04-28 13:24:22.000000000 +0200 +Index: Tk-804.027/PNG/libpng/pngconf.h +--- Tk-804.027/PNG/libpng/pngconf.h.orig 2003-11-29 12:39:30 +0100 ++++ Tk-804.027/PNG/libpng/pngconf.h 2004-07-01 13:36:23 +0200 +@@ -251,10 +251,6 @@ + # define PNG_SAVE_BSD_SOURCE + # undef _BSD_SOURCE + # endif +-# ifdef _SETJMP_H +- __png.h__ already includes setjmp.h; +- __dont__ include it again.; +-# endif + # endif /* __linux__ */ + + /* include setjmp.h for error handling */ +Index: Tk-804.027/PNG/libpng/pngerror.c +--- Tk-804.027/PNG/libpng/pngerror.c.orig 2003-11-29 12:39:30 +0100 ++++ Tk-804.027/PNG/libpng/pngerror.c 2004-07-01 13:36:23 +0200 @@ -135,10 +135,13 @@ buffer[iout] = 0; else @@ -45,8 +111,31 @@ } } ---- Tk-PNG-2.005/libpng/pngrtran.c.orig Wed Oct 2 20:20:24 2002 -+++ Tk-PNG-2.005/libpng/pngrtran.c Wed Jan 15 11:30:23 2003 +Index: Tk-804.027/PNG/libpng/pngrtran.c +--- Tk-804.027/PNG/libpng/pngrtran.c.orig 2003-11-29 12:39:31 +0100 ++++ Tk-804.027/PNG/libpng/pngrtran.c 2004-07-01 13:36:23 +0200 +@@ -1889,8 +1889,8 @@ + /* This changes the data from GG to GGXX */ + if (flags & PNG_FLAG_FILLER_AFTER) + { +- png_bytep sp = row + (png_size_t)row_width; +- png_bytep dp = sp + (png_size_t)row_width; ++ png_bytep sp = row + (png_size_t)row_width * 2; ++ png_bytep dp = sp + (png_size_t)row_width * 2; + for (i = 1; i < row_width; i++) + { + *(--dp) = hi_filler; +@@ -1907,8 +1907,8 @@ + /* This changes the data from GG to XXGG */ + else + { +- png_bytep sp = row + (png_size_t)row_width; +- png_bytep dp = sp + (png_size_t)row_width; ++ png_bytep sp = row + (png_size_t)row_width * 2; ++ png_bytep dp = sp + (png_size_t)row_width * 2; + for (i = 0; i < row_width; i++) + { + *(--dp) = *(--sp); @@ -1965,8 +1965,8 @@ /* This changes the data from RRGGBB to RRGGBBXX */ if (flags & PNG_FLAG_FILLER_AFTER) @@ -69,29 +158,3 @@ for (i = 0; i < row_width; i++) { *(--dp) = *(--sp); - -Steve G <[EMAIL PROTECTED]> -Libpng accesses memory that is out of bounds when creating an error message - -Index: pngerror.c ---- Tk-PNG-2.005/libpng/pngerror.c.orig 2004-04-29 15:33:33.000000000 +0200 -+++ Tk-PNG-2.005/libpng/pngerror.c 2004-04-29 15:35:46.000000000 +0200 -@@ -81,11 +81,15 @@ - - if (message == NULL) - buffer[iout] = 0; -- else { -+ else -+ { -+ png_size_t len; -+ if ((len = png_strlen(message)) > 63) -+ len = 63; - buffer[iout++] = ':'; - buffer[iout++] = ' '; -- png_memcpy(buffer+iout, message, 64); -- buffer[iout+63] = 0; -+ png_memcpy(buffer+iout, message, len); -+ buffer[iout+len] = 0; - } - } - @@ . patch -p0 <<'@@ .' Index: openpkg-src/perl-tk/perl-tk.spec ============================================================================ $ cvs diff -u -r1.62 -r1.63 perl-tk.spec --- openpkg-src/perl-tk/perl-tk.spec 22 Jun 2004 21:28:57 -0000 1.62 +++ openpkg-src/perl-tk/perl-tk.spec 1 Jul 2004 14:10:12 -0000 1.63 @@ -67,7 +67,7 @@ Group: Language License: GPL/Artistic Version: %{V_perl} -Release: 20040622 +Release: 20040701 # list of sources Source0: http://www.cpan.org/modules/by-module/Tk/Tk-%{V_tk}.tar.gz @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List [EMAIL PROTECTED]