[arch-commits] Commit in gd/trunk (PKGBUILD color_c_null_pointer.patch)

Pierre Schmitz pierre at archlinux.org
Sat Sep 13 06:35:32 UTC 2014


    Date: Saturday, September 13, 2014 @ 08:35:32
  Author: pierre
Revision: 221455

* Add missing dependencies
* Fix CVE-2014-2497
* disable rpath

Added:
  gd/trunk/color_c_null_pointer.patch
Modified:
  gd/trunk/PKGBUILD

----------------------------+
 PKGBUILD                   |   23 +++++++++++++++++------
 color_c_null_pointer.patch |   18 ++++++++++++++++++
 2 files changed, 35 insertions(+), 6 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-09-12 23:52:12 UTC (rev 221454)
+++ PKGBUILD	2014-09-13 06:35:32 UTC (rev 221455)
@@ -1,21 +1,32 @@
 # $Id$
-# Maintainer: Eric Belanger <eric at archlinux.org>
 
 pkgname=gd
 pkgver=2.1.0
-pkgrel=2
+pkgrel=3
 pkgdesc="Library for the dynamic creation of images by programmers"
 arch=('i686' 'x86_64')
 url="http://www.libgd.org/"
 license=('custom')
-depends=('libpng' 'fontconfig' 'libjpeg')
+depends=('fontconfig' 'libvpx' 'libxpm' 'libtiff')
 optdepends=('perl: bdftogd script')
-source=(https://bitbucket.org/libgd/gd-libgd/downloads/libgd-${pkgver}.tar.xz)
-md5sums=('03588159bf4faab9079849c8d709acc6')
+source=("https://bitbucket.org/libgd/gd-libgd/downloads/libgd-${pkgver}.tar.xz"
+        'color_c_null_pointer.patch')
+md5sums=('03588159bf4faab9079849c8d709acc6'
+         '51f5ff073eabbd7809e0ce438d5bb1c2')
 
+prepare() {
+  cd libgd-${pkgver}
+  # CVE-2014-2497
+  patch -p1 -i ${srcdir}/color_c_null_pointer.patch
+}
+
 build() {
   cd libgd-${pkgver}
-  ./configure --prefix=/usr --without-xpm
+  ./configure \
+    --prefix=/usr \
+    --disable-rpath \
+    --with-vpx=/usr \
+    --with-tiff=/usr
   make
 }
 

Added: color_c_null_pointer.patch
===================================================================
--- color_c_null_pointer.patch	                        (rev 0)
+++ color_c_null_pointer.patch	2014-09-13 06:35:32 UTC (rev 221455)
@@ -0,0 +1,18 @@
+diff -up ./src/gdxpm.c.color_c_null_pointer ./src/gdxpm.c
+--- ./src/gdxpm.c.color_c_null_pointer	2013-06-25 11:58:23.000000000 +0200
++++ ./src/gdxpm.c	2014-07-16 16:43:44.000000000 +0200
+@@ -62,6 +62,13 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro
+ 
+ 	for(i = 0; i < number; i++) {
+ 		char *c_color = image.colorTable[i].c_color;
++		if (!c_color)
++		{
++			/* unsupported color key or color key not defined */
++			gdImageDestroy(im);
++			im = 0;
++			goto done;
++		}
+ 		if(strcmp(c_color, "None") == 0) {
+ 			colors[i] = gdImageGetTransparent(im);
+ 			if(colors[i] == -1) colors[i] = gdImageColorAllocate(im, 0, 0, 0);
+diff -up ./x.color_c_null_pointer ./x




More information about the arch-commits mailing list