[arch-commits] Commit in freetype2/trunk (CVE-2009-0946.patch PKGBUILD)
Jan de Groot
jgc at archlinux.org
Wed Nov 4 11:54:43 UTC 2009
Date: Wednesday, November 4, 2009 @ 06:54:42
Author: jgc
Revision: 58137
Update to 2.3.11, remove upstream included patch
Modified:
freetype2/trunk/PKGBUILD
Deleted:
freetype2/trunk/CVE-2009-0946.patch
---------------------+
CVE-2009-0946.patch | 144 --------------------------------------------------
PKGBUILD | 22 +++----
2 files changed, 10 insertions(+), 156 deletions(-)
Deleted: CVE-2009-0946.patch
===================================================================
--- CVE-2009-0946.patch 2009-11-04 08:07:54 UTC (rev 58136)
+++ CVE-2009-0946.patch 2009-11-04 11:54:42 UTC (rev 58137)
@@ -1,144 +0,0 @@
-
-diff --git a/src/cff/cffload.c b/src/cff/cffload.c
-index 22163fb..24b899d 100644
---- a/src/cff/cffload.c
-+++ b/src/cff/cffload.c
-@@ -842,7 +842,20 @@
- goto Exit;
-
- for ( j = 1; j < num_glyphs; j++ )
-- charset->sids[j] = FT_GET_USHORT();
-+ {
-+ FT_UShort sid = FT_GET_USHORT();
-+
-+
-+ /* this constant is given in the CFF specification */
-+ if ( sid < 65000 )
-+ charset->sids[j] = sid;
-+ else
-+ {
-+ FT_ERROR(( "cff_charset_load:"
-+ " invalid SID value %d set to zero\n", sid ));
-+ charset->sids[j] = 0;
-+ }
-+ }
-
- FT_FRAME_EXIT();
- }
-@@ -875,6 +888,20 @@
- goto Exit;
- }
-
-+ /* check whether the range contains at least one valid glyph; */
-+ /* the constant is given in the CFF specification */
-+ if ( glyph_sid >= 65000 ) {
-+ FT_ERROR(( "cff_charset_load: invalid SID range\n" ));
-+ error = CFF_Err_Invalid_File_Format;
-+ goto Exit;
-+ }
-+
-+ /* try to rescue some of the SIDs if `nleft' is too large */
-+ if ( nleft > 65000 - 1 || glyph_sid >= 65000 - nleft ) {
-+ FT_ERROR(( "cff_charset_load: invalid SID range trimmed\n" ));
-+ nleft = 65000 - 1 - glyph_sid;
-+ }
-+
- /* Fill in the range of sids -- `nleft + 1' glyphs. */
- for ( i = 0; j < num_glyphs && i <= nleft; i++, j++, glyph_sid++ )
- charset->sids[j] = glyph_sid;
-diff --git a/src/lzw/ftzopen.c b/src/lzw/ftzopen.c
-index fc78315..c0483de 100644
---- a/src/lzw/ftzopen.c
-+++ b/src/lzw/ftzopen.c
-@@ -332,6 +332,9 @@
-
- while ( code >= 256U )
- {
-+ if ( !state->prefix )
-+ goto Eof;
-+
- FTLZW_STACK_PUSH( state->suffix[code - 256] );
- code = state->prefix[code - 256];
- }
-diff --git a/src/sfnt/ttcmap.c b/src/sfnt/ttcmap.c
-index 6830391..1bd2ce7 100644
---- a/src/sfnt/ttcmap.c
-+++ b/src/sfnt/ttcmap.c
-@@ -1635,7 +1635,7 @@
- FT_INVALID_TOO_SHORT;
-
- length = TT_NEXT_ULONG( p );
-- if ( table + length > valid->limit || length < 8208 )
-+ if ( length > (FT_UInt32)( valid->limit - table ) || length < 8192 + 16 )
- FT_INVALID_TOO_SHORT;
-
- is32 = table + 12;
-@@ -1863,7 +1863,8 @@
- p = table + 16;
- count = TT_NEXT_ULONG( p );
-
-- if ( table + length > valid->limit || length < 20 + count * 2 )
-+ if ( length > (FT_ULong)( valid->limit - table ) ||
-+ length < 20 + count * 2 )
- FT_INVALID_TOO_SHORT;
-
- /* check glyph indices */
-@@ -2048,7 +2049,8 @@
- p = table + 12;
- num_groups = TT_NEXT_ULONG( p );
-
-- if ( table + length > valid->limit || length < 16 + 12 * num_groups )
-+ if ( length > (FT_ULong)( valid->limit - table ) ||
-+ length < 16 + 12 * num_groups )
- FT_INVALID_TOO_SHORT;
-
- /* check groups, they must be in increasing order */
-@@ -2429,7 +2431,8 @@
- FT_ULong num_selectors = TT_NEXT_ULONG( p );
-
-
-- if ( table + length > valid->limit || length < 10 + 11 * num_selectors )
-+ if ( length > (FT_ULong)( valid->limit - table ) ||
-+ length < 10 + 11 * num_selectors )
- FT_INVALID_TOO_SHORT;
-
- /* check selectors, they must be in increasing order */
-@@ -2491,7 +2494,7 @@
- FT_ULong i, lastUni = 0;
-
-
-- if ( ndp + numMappings * 4 > valid->limit )
-+ if ( numMappings * 4 > (FT_ULong)( valid->limit - ndp ) )
- FT_INVALID_TOO_SHORT;
-
- for ( i = 0; i < numMappings; ++i )
-diff --git a/src/smooth/ftsmooth.c b/src/smooth/ftsmooth.c
-index a6db504..cacc490 100644
---- a/src/smooth/ftsmooth.c
-+++ b/src/smooth/ftsmooth.c
-@@ -153,7 +153,7 @@
- slot->internal->flags &= ~FT_GLYPH_OWN_BITMAP;
- }
-
-- /* allocate new one, depends on pixel format */
-+ /* allocate new one */
- pitch = width;
- if ( hmul )
- {
-@@ -194,6 +194,13 @@
-
- #endif
-
-+ if ( pitch > 0xFFFF || height > 0xFFFF )
-+ {
-+ FT_ERROR(( "ft_smooth_render_generic: glyph too large: %d x %d\n",
-+ width, height ));
-+ return Smooth_Err_Raster_Overflow;
-+ }
-+
- bitmap->pixel_mode = FT_PIXEL_MODE_GRAY;
- bitmap->num_grays = 256;
- bitmap->width = width;
---
-cgit v0.8.2.1
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2009-11-04 08:07:54 UTC (rev 58136)
+++ PKGBUILD 2009-11-04 11:54:42 UTC (rev 58137)
@@ -1,8 +1,9 @@
# $Id$
-# Maintainer: judd <jvinet at zeroflux.org>
+# Maintainer: Jan de Groot <jgc at archlinux.org>
+
pkgname=freetype2
-pkgver=2.3.9
-pkgrel=2
+pkgver=2.3.11
+pkgrel=1
pkgdesc="TrueType font rendering library"
arch=(i686 x86_64)
license=('GPL')
@@ -10,17 +11,15 @@
depends=('zlib')
options=('!libtool')
source=(http://downloads.sourceforge.net/sourceforge/freetype/freetype-${pkgver}.tar.bz2
- bytecode.patch
- freetype-2.3.0-enable-spr.patch
- freetype-2.2.1-enable-valid.patch
- freetype-2.2.1-memcpy-fix.patch
- CVE-2009-0946.patch)
-md5sums=('d76233108aca9c9606cdbd341562ad9a'
+ bytecode.patch
+ freetype-2.3.0-enable-spr.patch
+ freetype-2.2.1-enable-valid.patch
+ freetype-2.2.1-memcpy-fix.patch)
+md5sums=('519c7cbf5cbd72ffa822c66844d3114c'
'9ff19e742968c29e3ba52b08d6bf0a50'
'816dc8619a6904a7385769433c0a8653'
'214119610444c9b02766ccee5e220680'
- '6fb6606d28082ecb8e0c6d986b0b26aa'
- '3322c8f8266f7f3dcafb7205ad433c05')
+ '6fb6606d28082ecb8e0c6d986b0b26aa')
build() {
cd "${srcdir}/freetype-${pkgver}"
@@ -28,7 +27,6 @@
patch -Np1 -i "${srcdir}/freetype-2.3.0-enable-spr.patch" || return 1
patch -Np1 -i "${srcdir}/freetype-2.2.1-enable-valid.patch" || return 1
patch -Np1 -i "${srcdir}/freetype-2.2.1-memcpy-fix.patch" || return 1
- patch -Np1 -i "${srcdir}/CVE-2009-0946.patch" || return 1
./configure --prefix=/usr || return 1
make || return 1
More information about the arch-commits
mailing list