head 1.3; access; symbols pkgsrc-2015Q3:1.2.0.38 pkgsrc-2015Q3-base:1.2 pkgsrc-2015Q2:1.2.0.36 pkgsrc-2015Q2-base:1.2 pkgsrc-2015Q1:1.2.0.34 pkgsrc-2015Q1-base:1.2 pkgsrc-2014Q4:1.2.0.32 pkgsrc-2014Q4-base:1.2 pkgsrc-2014Q3:1.2.0.30 pkgsrc-2014Q3-base:1.2 pkgsrc-2014Q2:1.2.0.28 pkgsrc-2014Q2-base:1.2 pkgsrc-2014Q1:1.2.0.26 pkgsrc-2014Q1-base:1.2 pkgsrc-2013Q4:1.2.0.24 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.22 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.2.0.20 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.2.0.18 pkgsrc-2013Q1-base:1.2 pkgsrc-2012Q4:1.2.0.16 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.14 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.12 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.10 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.2.0.8 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q3:1.2.0.6 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.4 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.2.0.2 pkgsrc-2011Q1-base:1.2 pkgsrc-2010Q4:1.1.0.10 pkgsrc-2010Q4-base:1.1 pkgsrc-2010Q3:1.1.0.8 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.6 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.4 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.2; locks; strict; comment @# @; 1.3 date 2015.10.24.19.14.16; author joerg; state dead; branches; next 1.2; commitid MGizk3NMP7tIyoGy; 1.2 date 2011.01.24.09.38.13; author wiz; state Exp; branches; next 1.1; 1.1 date 2010.02.16.17.33.39; author taca; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2010.02.16.17.33.39; author spz; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2010.02.28.13.15.02; author spz; state Exp; branches; next ; desc @@ 1.3 log @Retire wxGTK24. @ text @$NetBSD: patch-ao,v 1.2 2011/01/24 09:38:13 wiz Exp $ Fix build with png-1.5. deal with CVE-2009-2369. --- src/common/imagpng.cpp.orig 2003-09-21 11:31:39.000000000 +0000 +++ src/common/imagpng.cpp @@@@ -167,7 +167,7 @@@@ bool wxPNGHandler::LoadFile( wxImage *im image->Destroy(); png_structp png_ptr = png_create_read_struct( PNG_LIBPNG_VER_STRING, - (voidp) NULL, + NULL, (png_error_ptr) NULL, (png_error_ptr) NULL ); if (!png_ptr) @@@@ -186,7 +186,7 @@@@ bool wxPNGHandler::LoadFile( wxImage *im if (setjmp(wxinfo.jmpbuf)) goto error_nolines; - if (info_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA) + if (png_get_color_type( png_ptr, info_ptr ) == PNG_COLOR_TYPE_RGB_ALPHA) goto error_nolines; png_uint_32 width,height; @@@@ -213,18 +213,16 @@@@ bool wxPNGHandler::LoadFile( wxImage *im if (!image->Ok()) goto error_nolines; - lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char *)) ); + // initialize all line pointers to NULL to ensure that they can be safely + // free()d if an error occurs before all of them could be allocated + lines = (unsigned char **)calloc(height, sizeof(unsigned char *)); if (lines == NULL) goto error_nolines; for (i = 0; i < height; i++) { if ((lines[i] = (unsigned char *)malloc( (size_t)(width * (sizeof(unsigned char) * 4)))) == NULL) - { - for ( unsigned int n = 0; n < i; n++ ) - free( lines[n] ); goto error; - } } // loaded successfully! @ 1.2 log @Fix build with png-1.5. @ text @d1 1 a1 1 $NetBSD: patch-ao,v 1.1 2010/02/16 17:33:39 taca Exp $ @ 1.1 log @Add patches for CVE-2009-2625 and CVE-2009-2369. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ d3 1 d8 18 @ 1.1.2.1 log @file patch-ao was added on branch pkgsrc-2009Q4 on 2010-02-28 13:15:02 +0000 @ text @d1 28 @ 1.1.2.2 log @Pullup ticket 3027 - requested by taca security patch Revisions pulled up: - pkgsrc/x11/wxGTK24/Makefile 1.11 - pkgsrc/x11/wxGTK24/distinfo 1.10 Files added: pkgsrc/x11/wxGTK24/patches/patch-am pkgsrc/x11/wxGTK24/patches/patch-an pkgsrc/x11/wxGTK24/patches/patch-ao pkgsrc/x11/wxGTK24/patches/patch-ap -------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Tue Feb 16 17:33:39 UTC 2010 Modified Files: pkgsrc/x11/wxGTK24: Makefile distinfo Added Files: pkgsrc/x11/wxGTK24/patches: patch-am patch-an patch-ao patch-ap Log Message: Add patches for CVE-2009-2625 and CVE-2009-2369. Bump PKGREVISION. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/x11/wxGTK24/Makefile cvs rdiff -u -r1.9 -r1.10 pkgsrc/x11/wxGTK24/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK24/patches/patch-am \ pkgsrc/x11/wxGTK24/patches/patch-an pkgsrc/x11/wxGTK24/patches/patch-ao \ pkgsrc/x11/wxGTK24/patches/patch-ap @ text @a0 28 $NetBSD: patch-ao,v 1.1 2010/02/16 17:33:39 taca Exp $ deal with CVE-2009-2369. --- src/common/imagpng.cpp.orig 2003-09-21 11:31:39.000000000 +0000 +++ src/common/imagpng.cpp @@@@ -213,18 +213,16 @@@@ bool wxPNGHandler::LoadFile( wxImage *im if (!image->Ok()) goto error_nolines; - lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char *)) ); + // initialize all line pointers to NULL to ensure that they can be safely + // free()d if an error occurs before all of them could be allocated + lines = (unsigned char **)calloc(height, sizeof(unsigned char *)); if (lines == NULL) goto error_nolines; for (i = 0; i < height; i++) { if ((lines[i] = (unsigned char *)malloc( (size_t)(width * (sizeof(unsigned char) * 4)))) == NULL) - { - for ( unsigned int n = 0; n < i; n++ ) - free( lines[n] ); goto error; - } } // loaded successfully! @