head 1.2; access; symbols pkgsrc-2026Q1:1.2.0.122 pkgsrc-2026Q1-base:1.2 pkgsrc-2025Q4:1.2.0.120 pkgsrc-2025Q4-base:1.2 pkgsrc-2025Q3:1.2.0.118 pkgsrc-2025Q3-base:1.2 pkgsrc-2025Q2:1.2.0.116 pkgsrc-2025Q2-base:1.2 pkgsrc-2025Q1:1.2.0.114 pkgsrc-2025Q1-base:1.2 pkgsrc-2024Q4:1.2.0.112 pkgsrc-2024Q4-base:1.2 pkgsrc-2024Q3:1.2.0.110 pkgsrc-2024Q3-base:1.2 pkgsrc-2024Q2:1.2.0.108 pkgsrc-2024Q2-base:1.2 pkgsrc-2024Q1:1.2.0.106 pkgsrc-2024Q1-base:1.2 pkgsrc-2023Q4:1.2.0.104 pkgsrc-2023Q4-base:1.2 pkgsrc-2023Q3:1.2.0.102 pkgsrc-2023Q3-base:1.2 pkgsrc-2023Q2:1.2.0.100 pkgsrc-2023Q2-base:1.2 pkgsrc-2023Q1:1.2.0.98 pkgsrc-2023Q1-base:1.2 pkgsrc-2022Q4:1.2.0.96 pkgsrc-2022Q4-base:1.2 pkgsrc-2022Q3:1.2.0.94 pkgsrc-2022Q3-base:1.2 pkgsrc-2022Q2:1.2.0.92 pkgsrc-2022Q2-base:1.2 pkgsrc-2022Q1:1.2.0.90 pkgsrc-2022Q1-base:1.2 pkgsrc-2021Q4:1.2.0.88 pkgsrc-2021Q4-base:1.2 pkgsrc-2021Q3:1.2.0.86 pkgsrc-2021Q3-base:1.2 pkgsrc-2021Q2:1.2.0.84 pkgsrc-2021Q2-base:1.2 pkgsrc-2021Q1:1.2.0.82 pkgsrc-2021Q1-base:1.2 pkgsrc-2020Q4:1.2.0.80 pkgsrc-2020Q4-base:1.2 pkgsrc-2020Q3:1.2.0.78 pkgsrc-2020Q3-base:1.2 pkgsrc-2020Q2:1.2.0.74 pkgsrc-2020Q2-base:1.2 pkgsrc-2020Q1:1.2.0.54 pkgsrc-2020Q1-base:1.2 pkgsrc-2019Q4:1.2.0.76 pkgsrc-2019Q4-base:1.2 pkgsrc-2019Q3:1.2.0.72 pkgsrc-2019Q3-base:1.2 pkgsrc-2019Q2:1.2.0.70 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.68 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.2.0.66 pkgsrc-2018Q4-base:1.2 pkgsrc-2018Q3:1.2.0.64 pkgsrc-2018Q3-base:1.2 pkgsrc-2018Q2:1.2.0.62 pkgsrc-2018Q2-base:1.2 pkgsrc-2018Q1:1.2.0.60 pkgsrc-2018Q1-base:1.2 pkgsrc-2017Q4:1.2.0.58 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.56 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.2.0.52 pkgsrc-2017Q2-base:1.2 pkgsrc-2017Q1:1.2.0.50 pkgsrc-2017Q1-base:1.2 pkgsrc-2016Q4:1.2.0.48 pkgsrc-2016Q4-base:1.2 pkgsrc-2016Q3:1.2.0.46 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.2.0.44 pkgsrc-2016Q2-base:1.2 pkgsrc-2016Q1:1.2.0.42 pkgsrc-2016Q1-base:1.2 pkgsrc-2015Q4:1.2.0.40 pkgsrc-2015Q4-base:1.2 pkgsrc-2015Q3:1.2.0.38 pkgsrc-2015Q3-base:1.2 pkgsrc-2015Q2:1.2.0.36 pkgsrc-2015Q2-base:1.2 pkgsrc-2015Q1:1.2.0.34 pkgsrc-2015Q1-base:1.2 pkgsrc-2014Q4:1.2.0.32 pkgsrc-2014Q4-base:1.2 pkgsrc-2014Q3:1.2.0.30 pkgsrc-2014Q3-base:1.2 pkgsrc-2014Q2:1.2.0.28 pkgsrc-2014Q2-base:1.2 pkgsrc-2014Q1:1.2.0.26 pkgsrc-2014Q1-base:1.2 pkgsrc-2013Q4:1.2.0.24 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.22 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.2.0.20 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.2.0.18 pkgsrc-2013Q1-base:1.2 pkgsrc-2012Q4:1.2.0.16 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.14 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.12 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.10 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.2.0.8 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q3:1.2.0.6 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.4 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.2.0.2 pkgsrc-2011Q1-base:1.2 pkgsrc-2010Q4:1.1.0.56 pkgsrc-2010Q4-base:1.1 pkgsrc-2010Q3:1.1.0.54 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.52 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.50 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.48 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.46 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.44 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.42 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.40 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.38 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.36 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.34 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.32 pkgsrc-2008Q1:1.1.0.30 pkgsrc-2008Q1-base:1.1 pkgsrc-2007Q4:1.1.0.28 pkgsrc-2007Q4-base:1.1 pkgsrc-2007Q3:1.1.0.26 pkgsrc-2007Q3-base:1.1 pkgsrc-2007Q2:1.1.0.24 pkgsrc-2007Q2-base:1.1 pkgsrc-2007Q1:1.1.0.22 pkgsrc-2007Q1-base:1.1 pkgsrc-2006Q4:1.1.0.20 pkgsrc-2006Q4-base:1.1 pkgsrc-2006Q3:1.1.0.18 pkgsrc-2006Q3-base:1.1 pkgsrc-2006Q2:1.1.0.16 pkgsrc-2006Q2-base:1.1 pkgsrc-2006Q1:1.1.0.14 pkgsrc-2006Q1-base:1.1 pkgsrc-2005Q4:1.1.0.12 pkgsrc-2005Q4-base:1.1 pkgsrc-2005Q3:1.1.0.10 pkgsrc-2005Q3-base:1.1 pkgsrc-2005Q2:1.1.0.8 pkgsrc-2005Q2-base:1.1 pkgsrc-2005Q1:1.1.0.6 pkgsrc-2005Q1-base:1.1 pkgsrc-2004Q4:1.1.0.4 pkgsrc-2004Q4-base:1.1 pkgsrc-2004Q3:1.1.0.2; locks; strict; comment @# @; 1.2 date 2011.01.23.16.16.39; author wiz; state Exp; branches; next 1.1; 1.1 date 2004.12.10.09.30.42; author salo; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2004.12.10.09.30.42; author salo; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2004.12.13.18.03.27; author salo; state Exp; branches; next ; desc @@ 1.2 log @Fix build with png-1.5. From Marko Schuetz Schmuck in PR 44419. @ text @$NetBSD: patch-aj,v 1.1 2004/12/10 09:30:42 salo Exp $ First chunks: ??? Last 2 chunks: Fix build with png-1.5. --- Imlib/utils.c.orig 2004-09-21 00:22:59.000000000 +0000 +++ Imlib/utils.c @@@@ -1496,36 +1496,56 @@@@ Imlib_create_image_from_xpm_data(ImlibDa context = 0; ptr = NULL; end = NULL; + memset(lookup, 0, sizeof(lookup)); while (!done) { line = data[count++]; + if (!line) + break; + line = strdup(line); + if (!line) + break; + len = strlen(line); + for (i = 0; i < len; ++i) + { + c = line[i]; + if (c < 32) + line[i] = 32; + else if (c > 127) + line[i] = 127; + } + if (context == 0) { /* Header */ sscanf(line, "%i %i %i %i", &w, &h, &ncolors, &cpp); - if (ncolors > 32766) + if (ncolors <= 0 || ncolors > 32766) { fprintf(stderr, "IMLIB ERROR: XPM data wth colors > 32766 not supported\n"); free(im); + free(line); return NULL; } - if (cpp > 5) + if (cpp <= 0 || cpp > 5) { fprintf(stderr, "IMLIB ERROR: XPM data with characters per pixel > 5 not supported\n"); free(im); + free(line); return NULL; } - if (w > 32767) + if (w <= 0 || w > 32767) { fprintf(stderr, "IMLIB ERROR: Image width > 32767 pixels for data\n"); free(im); + free(line); return NULL; } - if (h > 32767) + if (h <= 0 || h > 32767) { fprintf(stderr, "IMLIB ERROR: Image height > 32767 pixels for data\n"); free(im); + free(line); return NULL; } cmap = malloc(sizeof(struct _cmap) * ncolors); @@@@ -1533,6 +1553,7 @@@@ Imlib_create_image_from_xpm_data(ImlibDa if (!cmap) { free(im); + free(line); return NULL; } im->rgb_width = w; @@@@ -1542,6 +1563,7 @@@@ Imlib_create_image_from_xpm_data(ImlibDa { free(cmap); free(im); + free(line); return NULL; } im->alpha_data = NULL; @@@@ -1817,6 +1839,7 @@@@ Imlib_create_image_from_xpm_data(ImlibDa } if ((ptr) && ((ptr - im->rgb_data) >= w * h * 3)) done = 1; + free(line); } if (!transp) { @@@@ -1959,13 +1982,13 @@@@ Imlib_inlined_png_to_image(ImlibData *id return NULL; } - if (setjmp(png_ptr->jmpbuf)) + if (setjmp(png_jmpbuf(png_ptr))) { png_destroy_read_struct(&png_ptr, &info_ptr, NULL); return NULL; } - if (info_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA) + if (png_get_color_type(png_ptr, info_ptr) == PNG_COLOR_TYPE_RGB_ALPHA) { png_destroy_read_struct(&png_ptr, &info_ptr, NULL); return NULL; @ 1.1 log @Bump PKGREVISION, security fix: "Multiple buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to execute arbitrary code via certain image files." (1.9.15 is also affected) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 Patch from Pavel Kankovsky. @ text @d1 1 a1 1 $NetBSD$ d3 6 a8 3 --- Imlib/utils.c.orig 2004-09-21 02:22:59.000000000 +0200 +++ Imlib/utils.c 2004-12-10 09:58:18.000000000 +0100 @@@@ -1496,36 +1496,56 @@@@ d69 1 a69 1 @@@@ -1533,6 +1553,7 @@@@ d77 1 a77 1 @@@@ -1542,6 +1563,7 @@@@ d85 1 a85 1 @@@@ -1817,6 +1839,7 @@@@ d93 16 @ 1.1.2.1 log @file patch-aj was added on branch pkgsrc-2004Q3 on 2004-12-10 09:30:42 +0000 @ text @d1 89 @ 1.1.2.2 log @Pullup ticket 171 - requested by Havard Eidnes security fix for imlib Module Name: pkgsrc Committed By: tron Date: Sat Nov 27 08:09:38 UTC 2004 Modified Files: pkgsrc/graphics/imlib: Makefile Log Message: Remove me as maintainer of this package. --- Module Name: pkgsrc Committed By: adam Date: Fri Dec 3 13:42:47 UTC 2004 Modified Files: pkgsrc/graphics/imlib: Makefile distinfo pkgsrc/graphics/imlib/patches: patch-ag patch-ah Log Message: Changes 1.9.15: * Minor bug fixes --- Module Name: pkgsrc Committed By: salo Date: Fri Dec 10 09:30:42 UTC 2004 Modified Files: pkgsrc/graphics/imlib: Makefile buildlink3.mk distinfo pkgsrc/graphics/imlib/patches: patch-ab patch-ai Added Files: pkgsrc/graphics/imlib/patches: patch-aj patch-ak patch-al patch-am patch-an patch-ao Log Message: Bump PKGREVISION, security fix: "Multiple buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to execute arbitrary code via certain image files." (1.9.15 is also affected) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 Patch from Pavel Kankovsky. @ text @a0 89 $NetBSD: patch-aj,v 1.1.2.1 2004/12/13 18:03:27 salo Exp $ --- Imlib/utils.c.orig 2004-09-21 02:22:59.000000000 +0200 +++ Imlib/utils.c 2004-12-10 09:58:18.000000000 +0100 @@@@ -1496,36 +1496,56 @@@@ context = 0; ptr = NULL; end = NULL; + memset(lookup, 0, sizeof(lookup)); while (!done) { line = data[count++]; + if (!line) + break; + line = strdup(line); + if (!line) + break; + len = strlen(line); + for (i = 0; i < len; ++i) + { + c = line[i]; + if (c < 32) + line[i] = 32; + else if (c > 127) + line[i] = 127; + } + if (context == 0) { /* Header */ sscanf(line, "%i %i %i %i", &w, &h, &ncolors, &cpp); - if (ncolors > 32766) + if (ncolors <= 0 || ncolors > 32766) { fprintf(stderr, "IMLIB ERROR: XPM data wth colors > 32766 not supported\n"); free(im); + free(line); return NULL; } - if (cpp > 5) + if (cpp <= 0 || cpp > 5) { fprintf(stderr, "IMLIB ERROR: XPM data with characters per pixel > 5 not supported\n"); free(im); + free(line); return NULL; } - if (w > 32767) + if (w <= 0 || w > 32767) { fprintf(stderr, "IMLIB ERROR: Image width > 32767 pixels for data\n"); free(im); + free(line); return NULL; } - if (h > 32767) + if (h <= 0 || h > 32767) { fprintf(stderr, "IMLIB ERROR: Image height > 32767 pixels for data\n"); free(im); + free(line); return NULL; } cmap = malloc(sizeof(struct _cmap) * ncolors); @@@@ -1533,6 +1553,7 @@@@ if (!cmap) { free(im); + free(line); return NULL; } im->rgb_width = w; @@@@ -1542,6 +1563,7 @@@@ { free(cmap); free(im); + free(line); return NULL; } im->alpha_data = NULL; @@@@ -1817,6 +1839,7 @@@@ } if ((ptr) && ((ptr - im->rgb_data) >= w * h * 3)) done = 1; + free(line); } if (!transp) { @