Re: UPDATE: graphics/gd

[Stuart Henderson]

I'll take care of this. There are also API additions so it needs
a SHARED_LIBS bump.


On 2015/11/14 14:20, Rafael Sadowski wrote:
> Hi @ports,
> 
> simple libgd update to 2.1.1. CVE-2014-9709 patch is not more necessary.
> Tested on amd64: "All 93 tests passed".
> 
> Cheers, Rafael
> 
> 
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/graphics/gd/Makefile,v
> retrieving revision 1.62
> diff -u -p -u -p -r1.62 Makefile
> --- Makefile  17 Aug 2015 19:52:39 -0000      1.62
> +++ Makefile  14 Nov 2015 12:19:52 -0000
> @@ -2,10 +2,9 @@
>  
>  COMMENT=     library for dynamic creation of images
>  
> -V=           2.1.0
> +V=           2.1.1
>  DISTNAME=    libgd-$V
>  PKGNAME=     gd-$V
> -REVISION=    2
>  
>  SHARED_LIBS= gd      21.0
>  
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/graphics/gd/distinfo,v
> retrieving revision 1.7
> diff -u -p -u -p -r1.7 distinfo
> --- distinfo  17 Mar 2014 23:20:57 -0000      1.7
> +++ distinfo  14 Nov 2015 12:19:52 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (libgd-2.1.0.tar.gz) = PO72nVRUo5LoeTrpC18NYy3T4gh5wShWqh0dPQY6Ucg=
> -SIZE (libgd-2.1.0.tar.gz) = 2330322
> +SHA256 (libgd-2.1.1.tar.gz) = z0e85aTExtx3uo0DSdHuyc7/d+2G8UskmgeAt/GFVMU=
> +SIZE (libgd-2.1.1.tar.gz) = 2390586
> Index: patches/patch-src_gd_gif_in_c
> ===================================================================
> RCS file: patches/patch-src_gd_gif_in_c
> diff -N patches/patch-src_gd_gif_in_c
> --- patches/patch-src_gd_gif_in_c     26 Mar 2015 09:16:31 -0000      1.1
> +++ /dev/null 1 Jan 1970 00:00:00 -0000
> @@ -1,32 +0,0 @@
> -$OpenBSD: patch-src_gd_gif_in_c,v 1.1 2015/03/26 09:16:31 jasper Exp $
> -
> -Security fix for CVE-2014-9709, gd: buffer read overflow in gd_gif_in.c
> -
> ---- src/gd_gif_in.c.orig     Thu Mar 26 10:07:17 2015
> -+++ src/gd_gif_in.c  Thu Mar 26 10:08:35 2015
> -@@ -75,8 +75,10 @@ static struct {
> - 
> - #define STACK_SIZE ((1<<(MAX_LWZ_BITS))*2)
> - 
> -+#define CSD_BUF_SIZE 280
> -+
> - typedef struct {
> --    unsigned char buf[280];
> -+    unsigned char buf[CSD_BUF_SIZE];
> -     int curbit;
> -     int lastbit;
> -     int done;
> -@@ -410,7 +412,12 @@ GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_
> - 
> -     ret = 0;
> -     for (i = scd->curbit, j = 0; j < code_size; ++i, ++j) {
> --            ret |= ((scd->buf[i / 8] & (1 << (i % 8))) != 0) << j;
> -+            if (i < CSD_BUF_SIZE * 8) {
> -+                    ret |= ((scd->buf[i / 8] & (1 << (i % 8))) != 0) << j;
> -+            } else {
> -+                    ret = -1;
> -+                    break;
> -+            }
> -     }
> - 
> -     scd->curbit += code_size;
>