head 1.5; access; symbols pkgsrc-2013Q2:1.5.0.32 pkgsrc-2013Q2-base:1.5 pkgsrc-2012Q4:1.5.0.30 pkgsrc-2012Q4-base:1.5 pkgsrc-2011Q4:1.5.0.28 pkgsrc-2011Q4-base:1.5 pkgsrc-2011Q2:1.5.0.26 pkgsrc-2011Q2-base:1.5 pkgsrc-2009Q4:1.5.0.24 pkgsrc-2009Q4-base:1.5 pkgsrc-2008Q4:1.5.0.22 pkgsrc-2008Q4-base:1.5 pkgsrc-2008Q3:1.5.0.20 pkgsrc-2008Q3-base:1.5 cube-native-xorg:1.5.0.18 cube-native-xorg-base:1.5 pkgsrc-2008Q2:1.5.0.16 pkgsrc-2008Q2-base:1.5 pkgsrc-2008Q1:1.5.0.14 pkgsrc-2008Q1-base:1.5 pkgsrc-2007Q4:1.5.0.12 pkgsrc-2007Q4-base:1.5 pkgsrc-2007Q3:1.5.0.10 pkgsrc-2007Q3-base:1.5 pkgsrc-2007Q2:1.5.0.8 pkgsrc-2007Q2-base:1.5 pkgsrc-2007Q1:1.5.0.6 pkgsrc-2007Q1-base:1.5 pkgsrc-2006Q4:1.5.0.4 pkgsrc-2006Q4-base:1.5 pkgsrc-2006Q3:1.5.0.2 pkgsrc-2006Q3-base:1.5 pkgsrc-2006Q2:1.3.0.18 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.3.0.16 pkgsrc-2006Q1-base:1.3 pkgsrc-2005Q4:1.3.0.14 pkgsrc-2005Q4-base:1.3 pkgsrc-2005Q3:1.3.0.12 pkgsrc-2005Q3-base:1.3 pkgsrc-2005Q2:1.3.0.10 pkgsrc-2005Q2-base:1.3 pkgsrc-2005Q1:1.3.0.8 pkgsrc-2005Q1-base:1.3 pkgsrc-2004Q4:1.3.0.6 pkgsrc-2004Q4-base:1.3 pkgsrc-2004Q3:1.3.0.4 pkgsrc-2004Q3-base:1.3 pkgsrc-2004Q2:1.3.0.2 pkgsrc-2004Q2-base:1.3 pkgsrc-2004Q1:1.2.0.2 pkgsrc-2004Q1-base:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.5 date 2006.09.27.15.18.17; author joerg; state dead; branches; next 1.4; 1.4 date 2006.09.04.20.48.04; author adrianp; state Exp; branches; next 1.3; 1.3 date 2004.03.28.22.06.16; author xtraeme; state dead; branches; next 1.2; 1.2 date 2004.01.31.15.06.24; author xtraeme; state Exp; branches; next 1.1; 1.1 date 2004.01.24.08.47.32; author xtraeme; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2004.01.24.08.47.32; author xtraeme; state Exp; branches; next ; desc @@ 1.5 log @Remove XFree86. @ text @$NetBSD: patch-au,v 1.4 2006/09/04 20:48:04 adrianp Exp $ Security fix for SA21446, adapted from X.org. --- lib/font/bitmap/pcfread.c.orig 2003-11-18 02:17:04.000000000 +0100 +++ lib/font/bitmap/pcfread.c 2006-08-22 16:31:30.000000000 +0200 @@@@ -32,6 +32,8 @@@@ from The Open Group. * Author: Keith Packard, MIT X Consortium */ +#include + #include "fntfilst.h" #include "bitmap.h" #include "pcf.h" @@@@ -129,6 +131,10 @@@@ pcfReadTOC(FontFilePtr file, int *countp return (PCFTablePtr) NULL; count = pcfGetLSB32(file); if (IS_EOF(file)) return (PCFTablePtr) NULL; + if (count < 0 || count > INT32_MAX / sizeof(PCFTableRec)) { + pcfError("pcfReadTOC(): invalid file format\n"); + return NULL; + } tables = (PCFTablePtr) xalloc(count * sizeof(PCFTableRec)); if (!tables) { pcfError("pcfReadTOC(): Couldn't allocate tables (%d*%d)\n", count, sizeof(PCFTableRec)); @@@@ -248,6 +254,10 @@@@ pcfGetProperties(FontInfoPtr pFontInfo, if (!PCF_FORMAT_MATCH(format, PCF_DEFAULT_FORMAT)) goto Bail; nprops = pcfGetINT32(file, format); + if (nprops <= 0 || nprops > INT32_MAX / sizeof(FontPropRec)) { + pcfError("pcfGetProperties(): invalid nprops value (%d)\n", nprops); + goto Bail; + } if (IS_EOF(file)) goto Bail; props = (FontPropPtr) xalloc(nprops * sizeof(FontPropRec)); if (!props) { @@@@ -263,6 +273,13 @@@@ pcfGetProperties(FontInfoPtr pFontInfo, props[i].name = pcfGetINT32(file, format); isStringProp[i] = pcfGetINT8(file, format); props[i].value = pcfGetINT32(file, format); + if (props[i].name < 0 + || (isStringProp[i] != 0 && isStringProp[i] != 1) + || (isStringProp[i] && props[i].value < 0)) { + pcfError("pcfGetProperties(): invalid file format %d %d %d\n", + props[i].name, isStringProp[i], props[i].value); + goto Bail; + } if (IS_EOF(file)) goto Bail; } /* pad the property array */ @@@@ -278,6 +295,7 @@@@ pcfGetProperties(FontInfoPtr pFontInfo, } if (IS_EOF(file)) goto Bail; string_size = pcfGetINT32(file, format); + if (string_size < 0) goto Bail; if (IS_EOF(file)) goto Bail; strings = (char *) xalloc(string_size); if (!strings) { @@@@ -418,6 +436,10 @@@@ pcfReadFont(FontPtr pFont, FontFilePtr f else nmetrics = pcfGetINT16(file, format); if (IS_EOF(file)) goto Bail; + if (nmetrics < 0 || nmetrics > INT32_MAX / sizeof(CharInfoRec)) { + pcfError("pcfReadFont(): invalid file format\n"); + goto Bail; + } metrics = (CharInfoPtr) xalloc(nmetrics * sizeof(CharInfoRec)); if (!metrics) { pcfError("pcfReadFont(): Couldn't allocate metrics (%d*%d)\n", nmetrics, sizeof(CharInfoRec)); @@@@ -443,7 +465,7 @@@@ pcfReadFont(FontPtr pFont, FontFilePtr f nbitmaps = pcfGetINT32(file, format); if (nbitmaps != nmetrics || IS_EOF(file)) goto Bail; - + /* nmetrics is already ok, so nbitmap also is */ offsets = (CARD32 *) xalloc(nbitmaps * sizeof(CARD32)); if (!offsets) { pcfError("pcfReadFont(): Couldn't allocate offsets (%d*%d)\n", nbitmaps, sizeof(CARD32)); @@@@ -457,6 +479,7 @@@@ pcfReadFont(FontPtr pFont, FontFilePtr f for (i = 0; i < GLYPHPADOPTIONS; i++) { bitmapSizes[i] = pcfGetINT32(file, format); if (IS_EOF(file)) goto Bail; + if (bitmapSizes[i] < 0) goto Bail; } sizebitmaps = bitmapSizes[PCF_GLYPH_PAD_INDEX(format)]; @@@@ -532,6 +555,7 @@@@ pcfReadFont(FontPtr pFont, FontFilePtr f if (IS_EOF(file)) goto Bail; if (nink_metrics != nmetrics) goto Bail; + /* nmetrics already checked */ ink_metrics = (xCharInfo *) xalloc(nink_metrics * sizeof(xCharInfo)); if (!ink_metrics) { pcfError("pcfReadFont(): Couldn't allocate ink_metrics (%d*%d)\n", nink_metrics, sizeof(xCharInfo)); @@@@ -805,6 +829,10 @@@@ pmfReadFont(FontPtr pFont, FontFilePtr f else nmetrics = pcfGetINT16(file, format); if (IS_EOF(file)) goto Bail; + if (nmetrics < 0 || nmetrics > INT32_MAX / sizeof(CharInfoRec)) { + pcfError("pmfReadFont(): invalid file format\n"); + goto Bail; + } metrics = (CharInfoPtr) xalloc(nmetrics * sizeof(CharInfoRec)); if (!metrics) { pcfError("pmfReadFont(): Couldn't allocate metrics (%d*%d)\n", nmetrics, sizeof(CharInfoRec)); @ 1.4 log @Add a patch via X.Org to address SA21450 This package has massive PLIST* issues and does not install correctly. This update is just to address a known security issue. @ text @d1 1 a1 1 $NetBSD$ @ 1.3 log @Upgrade XFree86 packages to 4.4.0. To see a full list of changes, please review: http://xfree86.org/4.4.0/RELNOTES.html These packages has been tested under NetBSD 1.6/-current, FreeBSD 4.x/5.x, and GNU/Linux (i386) by Jeremy C. Reed, Michal Pasternak and myself. @ text @d1 1 a1 1 $NetBSD: patch-au,v 1.2 2004/01/31 15:06:24 xtraeme Exp $ d3 6 a8 53 --- config/cf/FreeBSD.cf.in.orig Sat Jan 31 15:05:04 2004 +++ config/cf/FreeBSD.cf.in Sat Jan 31 15:07:28 2004 @@@@ -161,15 +161,10 @@@@ * * ld: warning: libXThrStub.so.6, needed by libX11.so, not found */ -#if BuildThreadStubLibrary && (!defined(UseInstalledX11) || !UseInstalledX11) -# define CcCmd $(CLIENTENVSETUP) cc -# define CplusplusCmd $(CLIENTENVSETUP) c++ -#else -# define CcCmd cc -# define CplusplusCmd c++ -#endif +#define CcCmd @@@@PKGSRC_CC@@@@ +#define CplusplusCmd @@@@PKGSRC_CXX@@@@ -#define CppCmd /usr/bin/cpp +#define CppCmd @@@@PKGSRC_CPP@@@@ #define PreProcessCmd CppCmd #define StandardCppOptions -traditional #define StandardCppDefines /**/ @@@@ -177,7 +172,7 @@@@ #if defined(UseInstalled) #define DefaultCCOptions /**/ #else -#define DefaultCCOptions -ansi -pedantic -Dasm=__asm GccWarningOptions +#define DefaultCCOptions -ansi -Dasm=__asm #endif #endif #ifndef ExtraLibraries @@@@ -482,18 +477,9 @@@@ #define XawI18nDefines -DUSE_XWCHAR_STRING -DUSE_XMBTOWC #endif -/* The GCC strength-reduce bug is fixed for FreeBSD 2.1.5 and later */ -#ifndef DefaultGcc2i386Opt -#if OSMajorVersion > 2 || (OSMajorVersion == 2 && OSMinorVersion > 1) || (OSMajorVersion == 2 && OSMinorVersion == 1 && OSTeenyVersion >= 5) -#define DefaultGcc2i386Opt -O2 -#endif -#endif -#ifdef i386Architecture -# define OptimizedCDebugFlags DefaultGcc2i386Opt -#else -# define OptimizedCDebugFlags -O -#endif +#define DefaultGcc2i386Opt +#define OptimizedCDebugFlags @@@@PKGSRC_CFLAGS@@@@ #ifndef PreIncDir # define PreIncDir /usr/include @@@@ -519,7 +505,7 @@@@ * Compress manual pages a9 4 #ifndef CompressManPages -# define CompressManPages YES +# define CompressManPages NO #endif d11 96 a106 1 #if OSMajorVersion > 2 || (OSMajorVersion == 2 && OSMinorVersion >= 1) @ 1.2 log @Simplify XFree86-libs doing the following changes: o Move manual pages from PLIST.${OPSYS} to PLIST.common o Disable compression of manual pages in FreeBSD. o Use IMAKE_* vars for the manual pages. @ text @d1 1 a1 1 $NetBSD$ @ 1.1 log @Initial revision @ text @d3 4 a6 3 --- config/cf/FreeBSD.cf.in.orig Tue Jul 22 05:38:50 2003 +++ config/cf/FreeBSD.cf.in Tue Jul 22 05:42:22 2003 @@@@ -162,14 +162,14 @@@@ d9 1 a9 1 #if BuildThreadStubLibrary && (!defined(UseInstalledX11) || !UseInstalledX11) d12 1 a12 3 +# define CcCmd $(CLIENTENVSETUP) @@@@PKGSRC_CC@@@@ +# define CplusplusCmd $(CLIENTENVSETUP) @@@@PKGSRC_CXX@@@@ #else d15 3 a17 3 +# define CcCmd @@@@PKGSRC_CC@@@@ +# define CplusplusCmd @@@@PKGSRC_CXX@@@@ #endif d24 1 a24 1 @@@@ -177,7 +177,7 @@@@ d29 1 a29 1 +#define DefaultCCOptions -ansi @@@@PKGSRC_CFLAGS@@@@ -Dasm=__asm d33 1 a33 1 @@@@ -482,17 +482,12 @@@@ d43 6 d50 1 d52 8 a59 5 #ifdef i386Architecture # define OptimizedCDebugFlags DefaultGcc2i386Opt #else -# define OptimizedCDebugFlags -O +# define OptimizedCDebugFlags @@@@PKGSRC_CFLAGS@@@@ d62 1 a62 1 #ifndef PreIncDir @ 1.1.1.1 log @Initial import of XFree86-libs-4.3.0 from pkgsrc-wip. This package contains the XFree86 include header files and shared library files. @ text @@