head 1.2; access; symbols pkgsrc-2026Q1:1.2.0.114 pkgsrc-2026Q1-base:1.2 pkgsrc-2025Q4:1.2.0.112 pkgsrc-2025Q4-base:1.2 pkgsrc-2025Q3:1.2.0.110 pkgsrc-2025Q3-base:1.2 pkgsrc-2025Q2:1.2.0.108 pkgsrc-2025Q2-base:1.2 pkgsrc-2025Q1:1.2.0.106 pkgsrc-2025Q1-base:1.2 pkgsrc-2024Q4:1.2.0.104 pkgsrc-2024Q4-base:1.2 pkgsrc-2024Q3:1.2.0.102 pkgsrc-2024Q3-base:1.2 pkgsrc-2024Q2:1.2.0.100 pkgsrc-2024Q2-base:1.2 pkgsrc-2024Q1:1.2.0.98 pkgsrc-2024Q1-base:1.2 pkgsrc-2023Q4:1.2.0.96 pkgsrc-2023Q4-base:1.2 pkgsrc-2023Q3:1.2.0.94 pkgsrc-2023Q3-base:1.2 pkgsrc-2023Q2:1.2.0.92 pkgsrc-2023Q2-base:1.2 pkgsrc-2023Q1:1.2.0.90 pkgsrc-2023Q1-base:1.2 pkgsrc-2022Q4:1.2.0.88 pkgsrc-2022Q4-base:1.2 pkgsrc-2022Q3:1.2.0.86 pkgsrc-2022Q3-base:1.2 pkgsrc-2022Q2:1.2.0.84 pkgsrc-2022Q2-base:1.2 pkgsrc-2022Q1:1.2.0.82 pkgsrc-2022Q1-base:1.2 pkgsrc-2021Q4:1.2.0.80 pkgsrc-2021Q4-base:1.2 pkgsrc-2021Q3:1.2.0.78 pkgsrc-2021Q3-base:1.2 pkgsrc-2021Q2:1.2.0.76 pkgsrc-2021Q2-base:1.2 pkgsrc-2021Q1:1.2.0.74 pkgsrc-2021Q1-base:1.2 pkgsrc-2020Q4:1.2.0.72 pkgsrc-2020Q4-base:1.2 pkgsrc-2020Q3:1.2.0.70 pkgsrc-2020Q3-base:1.2 pkgsrc-2020Q2:1.2.0.66 pkgsrc-2020Q2-base:1.2 pkgsrc-2020Q1:1.2.0.46 pkgsrc-2020Q1-base:1.2 pkgsrc-2019Q4:1.2.0.68 pkgsrc-2019Q4-base:1.2 pkgsrc-2019Q3:1.2.0.64 pkgsrc-2019Q3-base:1.2 pkgsrc-2019Q2:1.2.0.62 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.60 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.2.0.58 pkgsrc-2018Q4-base:1.2 pkgsrc-2018Q3:1.2.0.56 pkgsrc-2018Q3-base:1.2 pkgsrc-2018Q2:1.2.0.54 pkgsrc-2018Q2-base:1.2 pkgsrc-2018Q1:1.2.0.52 pkgsrc-2018Q1-base:1.2 pkgsrc-2017Q4:1.2.0.50 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.48 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.2.0.44 pkgsrc-2017Q2-base:1.2 pkgsrc-2017Q1:1.2.0.42 pkgsrc-2017Q1-base:1.2 pkgsrc-2016Q4:1.2.0.40 pkgsrc-2016Q4-base:1.2 pkgsrc-2016Q3:1.2.0.38 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.2.0.36 pkgsrc-2016Q2-base:1.2 pkgsrc-2016Q1:1.2.0.34 pkgsrc-2016Q1-base:1.2 pkgsrc-2015Q4:1.2.0.32 pkgsrc-2015Q4-base:1.2 pkgsrc-2015Q3:1.2.0.30 pkgsrc-2015Q3-base:1.2 pkgsrc-2015Q2:1.2.0.28 pkgsrc-2015Q2-base:1.2 pkgsrc-2015Q1:1.2.0.26 pkgsrc-2015Q1-base:1.2 pkgsrc-2014Q4:1.2.0.24 pkgsrc-2014Q4-base:1.2 pkgsrc-2014Q3:1.2.0.22 pkgsrc-2014Q3-base:1.2 pkgsrc-2014Q2:1.2.0.20 pkgsrc-2014Q2-base:1.2 pkgsrc-2014Q1:1.2.0.18 pkgsrc-2014Q1-base:1.2 pkgsrc-2013Q4:1.2.0.16 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.14 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.2.0.12 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.2.0.10 pkgsrc-2013Q1-base:1.2 pkgsrc-2012Q4:1.2.0.8 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.6 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.4 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.2 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.1.0.2 pkgsrc-2011Q4-base:1.1; locks; strict; comment @# @; 1.2 date 2012.01.10.19.21.16; author drochner; state Exp; branches; next 1.1; 1.1 date 2012.01.04.16.59.16; author drochner; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2012.01.12.11.52.14; author tron; state Exp; branches; next ; desc @@ 1.2 log @update the patch from Redhat bug #692909 to the latest version, fixes garbled xdvi output, from Uwe Klaus per PR pkg/45813 bump PKGREV @ text @$NetBSD$ CVE-2011-0764 --- lib/type1/type1.c.orig 2007-12-23 15:49:42.000000000 +0000 +++ lib/type1/type1.c @@@@ -1012,6 +1012,7 @@@@ static void FindStems( double x, double double nextdtana = 0.0; /* tangent of post-delta against horizontal line */ double nextdtanb = 0.0; /* tangent of post-delta against vertical line */ + if (ppoints == NULL || numppoints < 1) Error0v("FindStems: No previous point!\n"); /* setup default hinted position */ ppoints[numppoints-1].ax = ppoints[numppoints-1].x; @@@@ -1289,7 +1290,7 @@@@ unsigned char cipher; static int DoRead(CodeP) int *CodeP; { - if (strindex >= CharStringP->len) return(FALSE); /* end of string */ + if (!CharStringP || strindex >= CharStringP->len) return(FALSE); /* end of string */ /* We handle the non-documented Adobe convention to use lenIV=-1 to suppress charstring encryption. */ if (blues->lenIV==-1) { @@@@ -1700,6 +1701,7 @@@@ static int RLineTo(dx, dy) long pindex = 0; /* compute hinting for previous segment! */ + if (ppoints == NULL || numppoints < 2 ) Error0i("RLineTo: No previous point!\n"); FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); /* Allocate a new path point and pre-setup data */ @@@@ -1728,6 +1730,7 @@@@ static int RRCurveTo(dx1, dy1, dx2, dy2, long pindex = 0; /* compute hinting for previous point! */ + if (ppoints == NULL || numppoints < 2) Error0i("RRCurveTo: No previous point!\n"); FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); /* Allocate three new path points and pre-setup data */ @@@@ -1786,7 +1789,9 @@@@ static int DoClosePath() long tmpind; double deltax = 0.0; double deltay = 0.0; - + + if (ppoints == NULL || numppoints < 1) Error0i("DoClosePath: No previous point!"); + /* If this ClosePath command together with the starting point of this path completes to a segment aligned to a stem, we would miss hinting for this point. --> Check and explicitly care for this! */ @@@@ -1801,6 +1806,7 @@@@ static int DoClosePath() deltax = ppoints[i].x - ppoints[numppoints-1].x; deltay = ppoints[i].y - ppoints[numppoints-1].y; + if (ppoints == NULL || numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); /* save nummppoints and reset to move point */ tmpind = numppoints; numppoints = i + 1; @@@@ -1903,6 +1909,7 @@@@ static int RMoveTo(dx,dy) FindStems( currx, curry, 0, 0, dx, dy); } else { + if (ppoints == NULL || numppoints < 2) Error0i("RMoveTo: No previous point!\n"); FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); } @@@@ -2152,6 +2159,7 @@@@ static void FlxProc(c1x2, c1y2, c3x0, c3 DOUBLE cx, cy; DOUBLE ex, ey; + if (ppoints == NULL || numppoints < 8) Error0v("FlxProc: No previous point!"); /* Our PPOINT list now contains 7 moveto commands which are about to be consumed by the Flex mechanism. --> Remove these @@@@ -2321,6 +2329,7 @@@@ static void FlxProc1() /* Returns currentpoint on stack */ static void FlxProc2() { + if (ppoints == NULL || numppoints < 1) Error0v("FlxProc2: No previous point!"); /* Push CurrentPoint on fake PostScript stack */ PSFakePush( ppoints[numppoints-1].x); PSFakePush( ppoints[numppoints-1].y); @ 1.1 log @add patch from Redhat bug #692909 to fix Invalid pointer dereference (CVE-2011-0764; CVE-2011-1552..1554 are possibly related - no information available yet) bump PKGREV @ text @d11 1 a11 1 + if (numppoints < 1) Error0v("FindStems: No previous point!\n"); d46 1 a46 1 + if (numppoints < 1) Error0i("DoClosePath: No previous point!"); d55 1 a55 1 + if (numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); d71 1 a71 1 + if (numppoints < 8) Error0v("FlxProc: No previous point!"); d79 1 a79 1 + if (numppoints < 1) Error0v("FlxProc2: No previous point!"); @ 1.1.2.1 log @Pullup ticket #3642 - requested by drochner fonts/t1lib: bug fix patch Revisions pulled up: - fonts/t1lib/Makefile 1.46 - fonts/t1lib/distinfo 1.22 - fonts/t1lib/patches/patch-aj 1.2 - fonts/t1lib/patches/patch-ak 1.2 - fonts/t1lib/patches/patch-al 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Tue Jan 10 19:21:16 UTC 2012 Modified Files: pkgsrc/fonts/t1lib: Makefile distinfo pkgsrc/fonts/t1lib/patches: patch-aj patch-ak Added Files: pkgsrc/fonts/t1lib/patches: patch-al Log Message: update the patch from Redhat bug #692909 to the latest version, fixes garbled xdvi output, from Uwe Klaus per PR pkg/45813 bump PKGREV @ text @d11 1 a11 1 + if (ppoints == NULL || numppoints < 1) Error0v("FindStems: No previous point!\n"); d46 1 a46 1 + if (ppoints == NULL || numppoints < 1) Error0i("DoClosePath: No previous point!"); d55 1 a55 1 + if (ppoints == NULL || numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); d71 1 a71 1 + if (ppoints == NULL || numppoints < 8) Error0v("FlxProc: No previous point!"); d79 1 a79 1 + if (ppoints == NULL || numppoints < 1) Error0v("FlxProc2: No previous point!"); @