From f1bc537f089cc8477a9a18db597cb349e1b00e91 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 16 Jun 2018 05:02:38 +0100 Subject: gentoo resync : 16.06.2018 --- media-libs/tiff/Manifest | 10 --- ....0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch | 20 ----- ...iff-4.0.7-pdfium-0007-uninitialized-value.patch | 26 ------ ...-4.0.7-pdfium-0013-validate-refblackwhite.patch | 42 ---------- ....7-pdfium-0017-safe_skews_in_gtTileContig.patch | 97 ---------------------- ...ium-0018-fix-leak-in-PredictorSetupDecode.patch | 27 ------ .../tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch | 29 ------- media-libs/tiff/tiff-4.0.8.ebuild | 80 ------------------ media-libs/tiff/tiff-4.0.9-r1.ebuild | 75 ----------------- media-libs/tiff/tiff-4.0.9-r2.ebuild | 79 ------------------ 10 files changed, 485 deletions(-) delete mode 100644 media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch delete mode 100644 media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch delete mode 100644 media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch delete mode 100644 media-libs/tiff/files/tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch delete mode 100644 media-libs/tiff/files/tiff-4.0.7-pdfium-0018-fix-leak-in-PredictorSetupDecode.patch delete mode 100644 media-libs/tiff/files/tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch delete mode 100644 media-libs/tiff/tiff-4.0.8.ebuild delete mode 100644 media-libs/tiff/tiff-4.0.9-r1.ebuild delete mode 100644 media-libs/tiff/tiff-4.0.9-r2.ebuild (limited to 'media-libs/tiff') diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index ceace0445309..ae841a81b750 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -3,25 +3,15 @@ AUX tiff-3.9.7-CVE-2012-4564.patch 1987 BLAKE2B a56084760a03fc70e42d4ccff14b7f45 AUX tiff-3.9.7-CVE-2012-5581.patch 8156 BLAKE2B 39457d90041b04014970c8b0bb9275353eca34fef6660810537294348ff33103b735523f5b84f0de2b1003014ace561a2c3bb498ff771b5c4101fef6fd89adf6 SHA512 2e215edeb6f4f5d6e14753874a67d76cfec34b3f6ffc420e1c7ede2007a6b2f64c09505e879e83db1de87f28c82c806c4379b38bf7f8735bb2bae675543683f0 AUX tiff-3.9.7-printdir-width.patch 1523 BLAKE2B a0bfeda833e604137529537bed29dcb50308e3f6493d2985390c4528a4ac38f432104d796ec3368462d331017db4393f58622d17e1f068811913df78e98c7444 SHA512 9bf2edcbda2ed5dba01839cf1bb34316801b4c5a2b6c71ed46f8777518cf1bc77084db94eaf1ebde84583fa2e1749a5fc5151e321b4d83975b13c3e9ebe96436 AUX tiff-3.9.7-tiffinfo-exif.patch 1847 BLAKE2B c6e55e92ebe86558cfabec730d2f15836390fa1789d57ada01fb1c6037699898706a051dab415db35e1ac2d39902301c1639e944f177b4b098227279c98c00c5 SHA512 6f211dc864bfb314a1c7edb8855b68cfbbdbbde1ba9422c1c578acbb15e5769323eec366bef618a8100b0ccb8057b2997762ebbd0f943be10882411861ec72fb -AUX tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch 613 BLAKE2B 82fbf9989f729384a8e970919bdeeaa881866dc13f36148a4af806cc0923173763ef79c0adbe9e0300283df8effe09ea27e10c7c5737a87dfb7a07dbad08709a SHA512 d29d1eefece677e5802c649a41f96af4dbd6c39e487327dd123b905e7fdfb8982b5e82eae365e5df11832c1682008805a5a7cf572577c5483ec530d881024b3b AUX tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch 930 BLAKE2B 52d77fcdd773ce52232257da2c60f8b90417f102238df2039262e3afa7275908c74817ddd6958e430d7cfcff58d2d04ebd6ddd49f553f0f261883b67f557c599 SHA512 822ccc22304d23b4f50efe1f0fb7890fda8b9edf2075b8add814c0bac0a153fa0ed5d7ee5f47e23799b24f11678c8e0bf9c90ad59c5cc61fd9546b2dca4714a9 -AUX tiff-4.0.7-pdfium-0007-uninitialized-value.patch 802 BLAKE2B 9605ff6b676e6be0d63cf23fee843ee8341ad51b5a909182f09346498722646f8c37edd99f73968aa56864789a9db5da0e73f7c428a6a07801995249bfa45f6b SHA512 198907ad009d5faf2dd079d1a4e7355d439828a23643158531b15821be0cb3fc9b93da1ccf8baae8f4029b08ae2a55a94c7ef97ea5af6c48a9e013822a5f763d AUX tiff-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch 924 BLAKE2B 03160ce33639620b1deb918d358f559b8bc6296d28530b440d0d770438453c25aecc393b8cfcc582ed2d0ec1decd557a212c91f43f7923c9e94387e235680021 SHA512 43973cc5512eb8fe2e0beab1a98ff0d3bd999ed1adbf7c08c344b3442559cc2cdc99a9f2e9c1bb2bffa4be027945b12b120fa27ec6c8006367932039b8d8dd37 -AUX tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch 1278 BLAKE2B d2e9406584c5e8791f5fc4ba86218a782e8b0c81f310d9897e91882f2cb893dd8b4328f3af326e6638f713b32c7c93e0cecb1e5c2a136eb21bbe983d7e9ec797 SHA512 b99e4147a3a15c7d612c9884df1677e64cdf0cc0f05b36fded9bf1a187e2aa936a921b78adfba790061c4c06e45d78138ea8a3d7192c4cc23b61d12bd1055912 -AUX tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch 2992 BLAKE2B f588838219ba3323a15b35d04b168180229ce1ad9c018c2104d2663905aaafc2aae001f188f6c6c722190d086b1fd1422ca5bfd2a55b45c7120dfe1792b4d728 SHA512 0fc1b6b8a57629730b10c0c30d915ce8a9575cac5e1daa91ae74be4e866e4c9cf49031897c001b3ade8182274d875988d40c1d4214b2a427d4676762ca7f2c4c -AUX tiff-4.0.7-pdfium-0018-fix-leak-in-PredictorSetupDecode.patch 849 BLAKE2B b0087382944185e1b91e65ae5b1a8998d31c4285308a1d9a2db20064f92b8aea07341a4a93242678f7ff332bf21d091a902907f74d320d2739b151efff25bec1 SHA512 9da30e7223522dfb4d8a8bc8b5bd545615cfe60a509f8583d29817ecbb1ff28ca38a6e00ee845e9484d9bc02666f99b0144ea08e5083eef2035e99b1825f4bd3 -AUX tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch 1228 BLAKE2B ca3babb8a10c96ecfb72914651f8e737ec4d2a7a7fbdc4b9c153e2a7f540fa1a0b5907bad374ddbce53364caba0282d848b03992b793c14490740ecb786fe47c SHA512 4add933c6b7e2938affb03e00da0bb28789cd9998f5496f4b592ae14d35175f6ce8a4e83ee639ef42211a8683bddad5b4c8375a1ba0a331bc72a40c45e691162 AUX tiff-4.0.9-CVE-2017-18013.patch 1531 BLAKE2B e0b825408ba684084153ebd19c13bc7124733ba9b84393534b57481aabb8f1de5529f0a31c997b6e4947be8f01970c711e1f23ce30919bcbcef489939a0ed31e SHA512 e0598c4702fbe22379182c78191305b3769b7cb7f927ad4372e220aad9567e43adee6baa164696852ce6fa4f1f307c666a4fc3fc2b942baca16cd2b8fe9998cb AUX tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch 2443 BLAKE2B e18f4acec3dc8088eec5080272e6d759c0823cb1f8036d45bc5289cc22e8a487ff5d8761e0d2e49d4c450f407e859c00913988df9c45e51318b53c5fbec01483 SHA512 a489d4bdf5b3861fdf18107ff4a0224e2d458acf719af9d7eb6ef230285ceb5d37bc483c32800cc8180ccc69ffbc80d8887b8660265466ddd52a3447f1f44e61 AUX tiff-4.0.9-CVE-2017-9935.patch 6636 BLAKE2B b7660dee9e379aea59f7225024697ea35b820837502e9e19157391c569c6b85473c4da5163f2e6fa8934c68cc32cbc45d025a2c336d21d79f461723a68a6e49f SHA512 ca1beda6e1550ac8a4bdf2bdefaba38f5fc40d2e842709ed1a803aeef5c34cd466f93fc6e7bb8e7ffb7e21a702d54584b84615e7c3dc3a8d2d29ceeadaeca7f6 AUX tiff-4.0.9-CVE-2018-5784.patch 4251 BLAKE2B defd555ebc53e178439331cd04f3099c4ad77584efd0a4312802307ce90828e63513df738e992905af824f25d987d43e095d313d359c3de9eebba5bf4c843bf1 SHA512 ebff45d1ecc1fb783f806eb556ccb01316289e190786378309a51a0c4d10b53ae6c86a1310ea59bc79946e633163916700e17752d0a7add10c22b8824b000b7b DIST tiff-3.9.7.tar.gz 1468097 BLAKE2B 303339acf9bb48558695b13fcc2b41acacbbf2ce6d2ec497067761895cb2de7674108e8ca2f35f845dcd2e45801777fe25d234af1c308acf59846c2f5617ab53 SHA512 ca89584a9ffa33b4986e4bc2165043cec239896f1f0ab73db00818d0442b570efaa6345b2ed422e884202324d359713df849bf14782bb0cf3b959655febddd77 -DIST tiff-4.0.8.tar.gz 2065574 BLAKE2B b9ece26d3549836d2cbbce1b90ce724a6eae51adae0abbd6193942ced8be965df63d1aa8e774b83d9ae689e5d08033705ef62b77276b40c34913cd535caa72b9 SHA512 5d010ec4ce37aca733f7ab7db9f432987b0cd21664bd9d99452a146833c40f0d1e7309d1870b0395e947964134d5cfeb1366181e761fe353ad585803ff3d6be6 DIST tiff-4.0.9.tar.gz 2305681 BLAKE2B 3de03408d2974b9f9f5f2444029cc3018ef43beb67e9fd21be68ee400cdcc6deca1247f055d880841a18b92284ce81f112682c8b5f083ddc61e5255d73a7de3f SHA512 04f3d5eefccf9c1a0393659fe27f3dddd31108c401ba0dc587bca152a1c1f6bc844ba41622ff5572da8cc278593eff8c402b44e7af0a0090e91d326c2d79f6cd EBUILD tiff-3.9.7-r1.ebuild 1941 BLAKE2B 38e7fc7b06adec30d32dce66390c5174fa8ca514d8fdc12d6486ed3b8a78b95ea2efb3e083c959892ea65e46853b4c5b7236508c9812736ff0bebce26961d64f SHA512 659c879ae594501bb3a88dde00797d67fd004cbbefbb4403a2374876a6c909cb38f4a7d56256325c5d53fd7ed107849e7c2862f9de777ab6b6d996ec279fe997 -EBUILD tiff-4.0.8.ebuild 2485 BLAKE2B de7917ea6c510b4da138abc7c8c46c108d93385845f37922c0043e619ecce744212ce0da78d3cd32c7ab6d07c667037432ff5203271ac357019260b2b2426120 SHA512 6b36c1575467420df401fa1268a93d51ad7e58c0e2ea1f43f79a98fbaced66f8f8d248f6f38531e731b384e1c4ea4d36416ba1545724cea7ad6d99e8fbfe1235 -EBUILD tiff-4.0.9-r1.ebuild 2130 BLAKE2B 09892b7bd37c8dfc6660bcb4ef5369457bf8e0929a2863fd62bc2a02c235c893fbc1880f0267683b115381980cade0f8412ec3bb63c2cae247263f7a3677b23b SHA512 fb2797ff15a7b1d3eb1ebf6be90a76c219f8cfb088ec1608b45f696e797fe1a74669152e89cee385d2c38758a737e4f4eba574701f02c27f2a791b8b394f90bd -EBUILD tiff-4.0.9-r2.ebuild 2229 BLAKE2B 53aa8befbe2c445bec2276190fd1c7282b46881b8a8ea14cc5b71e9df65de8199c8b4f9d155f6d47b8d727bc91b31be7ec975720c27e597c737fd6e6fc388d8d SHA512 789642b417be56603c2acd94c6e472780944022f138b19ad1f41d72381a876a9212107c5dc39c96fa650f8632055ffabafb6c543a26331f8f7e3c754e44a9001 EBUILD tiff-4.0.9-r3.ebuild 2264 BLAKE2B ec6bd649cf31a2a4a2b9125d1cd2fa9c203be954f6ff7367c6e46422d4d846928a3a48bb1b6e19147dab3680b13160c352b2cc8e3e18bdd11dccd77b047e1540 SHA512 bad10c08475e1c1a2765df6d35846c99cfefa149ebf3b5d571859b639699c740dc07264a8758c4306e1901389dbe3c7e4822f91d9729ece741499e515cf6601a EBUILD tiff-4.0.9-r4.ebuild 2328 BLAKE2B 2fae57ca25b717b292681a13726acdd09618fb3057cc10dfa664d666d9f16332c5451bfab80d4cba977d45e4e4e044b6e60232ea61cc4950bb7e3099da451ebb SHA512 e98adfa48131f65620e802b3cd46a9e0fba3649e90a1fbd2bcdda3aec70a1a4336797f5fe3d069155dde3f0be977dc1d674fab79a9b100464cb0b5fdd291b47b MISC metadata.xml 565 BLAKE2B 3d487835599974795ba6007439bf1d08756ab1c5dbe191509832b302f3199e4ffc05be64df3e26b4d4a1c11d1292c48cbb59ffa6e412831d16d7415e076f1062 SHA512 289043206dbb512c97e4bb703b32549ac4a77f40e212548b80ea865052b80fed9d4562f9fc94638fda54da9bc3e0c19ba303c027e66e7b75c772aeec91aebe6f diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch deleted file mode 100644 index afb0151f9632..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch +++ /dev/null @@ -1,20 +0,0 @@ -https://codereview.chromium.org/2204793002 -https://crbug.com/633387 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: thestig -Date: Mon Aug 1 19:36:27 2016 -0700 - -Fix a memory leak in libtiff. - ---- a/libtiff/tif_dirread.c -+++ b/libtiff/tif_dirread.c -@@ -5372,6 +5372,8 @@ TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uint64** lpp) - static const char module[] = "TIFFFetchStripThing"; - enum TIFFReadDirEntryErr err; - uint64* data; -+ _TIFFfree(*lpp); -+ *lpp = 0; - err=TIFFReadDirEntryLong8Array(tif,dir,&data); - if (err!=TIFFReadDirEntryErrOk) - { diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch deleted file mode 100644 index ab5627f5c169..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch +++ /dev/null @@ -1,26 +0,0 @@ -https://codereview.chromium.org/2389993002 -https://crbug.com/651632 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: dsinclair -Date: Mon Oct 3 13:59:57 2016 -0700 - -Fix potentially uninitialized value. - -Depending on what ReadOK does it's possible for |dircount16| to be used without -being initialized. The read code calls back into PDFium specific code which then -calls into the stream reading code. - -Initialize the value to be sure it is set. - ---- a/libtiff/tif_dirread.c -+++ b/libtiff/tif_dirread.c -@@ -4443,7 +4443,7 @@ TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir, - static const char module[] = "TIFFFetchDirectory"; - - void* origdir; -- uint16 dircount16; -+ uint16 dircount16 = 0; - uint32 dirsize; - TIFFDirEntry* dir; - uint8* ma; diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch deleted file mode 100644 index d98ff9d0f252..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch +++ /dev/null @@ -1,42 +0,0 @@ -https://pdfium-review.googlesource.com/2151 -https://crbug.com/632883 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: Dan Sinclair -Date: Mon Jan 9 09:50:50 2017 -0500 - -[libtiff] Validate refblackwhite values - -The td_refblackwhite value is currently assigned without validation. This -may pose an issue as the image can specify the value as nan. This will cause -problems later when we use the nan in calcluations. - -This CL validates each of the float values are not nan and if they are sets -them to the default provided by the TIFF spec v6. - ---- a/libtiff/tif_dir.c -+++ b/libtiff/tif_dir.c -@@ -31,6 +31,7 @@ - * (and also some miscellaneous stuff) - */ - #include "tiffiop.h" -+#include - #include - - /* -@@ -426,6 +426,15 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) - case TIFFTAG_REFERENCEBLACKWHITE: - /* XXX should check for null range */ - _TIFFsetFloatArray(&td->td_refblackwhite, va_arg(ap, float*), 6); -+ int i; -+ for (i = 0; i < 6; i++) { -+ if (isnan(td->td_refblackwhite[i])) { -+ if (i % 2 == 0) -+ td->td_refblackwhite[i] = 0; -+ else -+ td->td_refblackwhite[i] = pow(2, td->td_bitspersample) - 1; -+ } -+ } - break; - case TIFFTAG_INKNAMES: - v = (uint16) va_arg(ap, uint16_vap); diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch deleted file mode 100644 index 7914743393ff..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch +++ /dev/null @@ -1,97 +0,0 @@ -https://pdfium-review.googlesource.com/2355 -https://crbug.com/681300 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: Nicolas Pena -Date: Wed Jan 25 10:41:06 2017 -0500 - -Prevent skew overflows in gtTileContig - -Using int64 to check whether uint32 operations have overflowed. - ---- a/libtiff/tif_getimage.c -+++ b/libtiff/tif_getimage.c -@@ -31,6 +31,7 @@ - */ - #include "tiffiop.h" - #include -+#include - - static int gtTileContig(TIFFRGBAImage*, uint32*, uint32, uint32); - static int gtTileSeparate(TIFFRGBAImage*, uint32*, uint32, uint32); -@@ -629,6 +628,7 @@ gtTileContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - uint32 tw, th; - unsigned char* buf; - int32 fromskew, toskew; -+ int64 safeskew; - uint32 nrow; - int ret = 1, flip; - uint32 this_tw, tocol; -@@ -649,19 +647,37 @@ gtTileContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - flip = setorientation(img); - if (flip & FLIP_VERTICALLY) { - y = h - 1; -- toskew = -(int32)(tw + w); -+ safeskew = 0; -+ safeskew -= tw; -+ safeskew -= w; - } - else { - y = 0; -- toskew = -(int32)(tw - w); -+ safeskew = 0; -+ safeskew -= tw; -+ safeskew +=w; - } - -+ if(safeskew > INT_MAX || safeskew < INT_MIN){ -+ _TIFFfree(buf); -+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "Invalid skew"); -+ return (0); -+ } -+ toskew = safeskew; -+ - /* - * Leftmost tile is clipped on left side if col_offset > 0. - */ - leftmost_fromskew = img->col_offset % tw; - leftmost_tw = tw - leftmost_fromskew; -- leftmost_toskew = toskew + leftmost_fromskew; -+ safeskew = toskew; -+ safeskew += leftmost_fromskew; -+ if(safeskew > INT_MAX || safeskew < INT_MIN){ -+ _TIFFfree(buf); -+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "Invalid skew"); -+ return (0); -+ } -+ leftmost_toskew = safeskew; - for (row = 0; row < h; row += nrow) - { - rowstoread = th - (row + img->row_offset) % th; -@@ -704,9 +684,24 @@ gtTileContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - /* - * Rightmost tile is clipped on right side. - */ -- fromskew = tw - (w - tocol); -+ safeskew = tw; -+ safeskew -= w; -+ safeskew += tocol; -+ if(safeskew > INT_MAX || safeskew < INT_MIN){ -+ _TIFFfree(buf); -+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "Invalid skew"); -+ return (0); -+ } -+ fromskew = safeskew; - this_tw = tw - fromskew; -- this_toskew = toskew + fromskew; -+ safeskew = toskew; -+ safeskew += fromskew; -+ if(safeskew > INT_MAX || safeskew < INT_MIN){ -+ _TIFFfree(buf); -+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "%s", "Invalid skew"); -+ return (0); -+ } -+ this_toskew = safeskew; - } - (*put)(img, raster+y*w+tocol, tocol, y, this_tw, nrow, fromskew, this_toskew, buf + pos); - tocol += this_tw; diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0018-fix-leak-in-PredictorSetupDecode.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0018-fix-leak-in-PredictorSetupDecode.patch deleted file mode 100644 index b74ddc5c499c..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0018-fix-leak-in-PredictorSetupDecode.patch +++ /dev/null @@ -1,27 +0,0 @@ -https://pdfium-review.googlesource.com/2432 -https://crbug.com/683834 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: Nicolas Pena -Date: Thu Jan 26 15:45:02 2017 -0500 - -Fix leak in PredictorSetupDecode by calling tif_cleanup on failure - -tif_data and tif_cleanup are both set on the TIFFInit methods, see for -instance TIFFInitPixarLog. If PredictorSetupDecode fails, whatever was -filled on tif_data should be cleaned up. The previous leak fix from -PixarLogSetupDecode is no longer necessary. - ---- a/libtiff/tif_predict.c -+++ b/libtiff/tif_predict.c -@@ -118,7 +118,10 @@ PredictorSetupDecode(TIFF* tif) - TIFFDirectory* td = &tif->tif_dir; - - if (!(*sp->setupdecode)(tif) || !PredictorSetup(tif)) -+ { -+ (*tif->tif_cleanup)(tif); - return 0; -+ } - - if (sp->predictor == 2) { - switch (td->td_bitspersample) { diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch deleted file mode 100644 index 11975cf38acf..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch +++ /dev/null @@ -1,29 +0,0 @@ -https://pdfium-review.googlesource.com/3811 -https://crbug.com/707431 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: Nicolas Pena -Date: Wed Apr 5 15:50:53 2017 -0400 - -Libtiff: Prevent OOM in TIFFFillStrip - -In TIFFFillStrip, calls to TIFFReadBufferSetup may allocate large amounts of -memory. In this CL we do sanity checks on the claimed size of the raw strip -data before that happens, to prevent out-of-memory. - ---- a/libtiff/tif_read.c -+++ b/libtiff/tif_read.c -@@ -616,6 +616,13 @@ TIFFFillStrip(TIFF* tif, uint32 strip) - TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); - return(0); - } -+ const tmsize_t size=isMapped(tif)? tif->tif_size : (tmsize_t)TIFFGetFileSize(tif); -+ if (bytecountm > size) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Requested read strip size %lu is too large", -+ (unsigned long) strip); -+ return (0); -+ } - if (bytecountm > tif->tif_rawdatasize) { - tif->tif_curstrip = NOSTRIP; - if ((tif->tif_flags & TIFF_MYBUFFER) == 0) { diff --git a/media-libs/tiff/tiff-4.0.8.ebuild b/media-libs/tiff/tiff-4.0.8.ebuild deleted file mode 100644 index 23aa7a1c6be3..000000000000 --- a/media-libs/tiff/tiff-4.0.8.ebuild +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" -inherit autotools eutils libtool multilib-minimal - -DESCRIPTION="Tag Image File Format (TIFF) library" -HOMEPAGE="http://libtiff.maptools.org" -SRC_URI="http://download.osgeo.org/libtiff/${P}.tar.gz - ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz" - -LICENSE="libtiff" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" -IUSE="+cxx jbig jpeg lzma static-libs test zlib" - -RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] ) - jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) - lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND}" - -REQUIRED_USE="test? ( jpeg )" #483132 - -PATCHES=( - "${FILESDIR}"/${PN}-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0007-uninitialized-value.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0013-validate-refblackwhite.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0018-fix-leak-in-PredictorSetupDecode.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch -) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/tiffconf.h -) - -src_prepare() { - default - - # tiffcp-thumbnail.sh fails as thumbnail binary doesn't get built anymore since tiff-4.0.7 - sed '/tiffcp-thumbnail\.sh/d' -i test/Makefile.am || die - - eautoreconf -} - -multilib_src_configure() { - ECONF_SOURCE="${S}" econf \ - $(use_enable static-libs static) \ - $(use_enable zlib) \ - $(use_enable jpeg) \ - $(use_enable jbig) \ - $(use_enable lzma) \ - $(use_enable cxx) \ - --without-x - - # remove useless subdirs - if ! multilib_is_native_abi ; then - sed -i \ - -e 's/ tools//' \ - -e 's/ contrib//' \ - -e 's/ man//' \ - -e 's/ html//' \ - Makefile || die - fi -} - -multilib_src_test() { - if ! multilib_is_native_abi ; then - emake -C tools - fi - emake check -} - -multilib_src_install_all() { - prune_libtool_files --all - rm -f "${ED}"/usr/share/doc/${PF}/{COPYRIGHT,README*,RELEASE-DATE,TODO,VERSION} -} diff --git a/media-libs/tiff/tiff-4.0.9-r1.ebuild b/media-libs/tiff/tiff-4.0.9-r1.ebuild deleted file mode 100644 index 72494681d30c..000000000000 --- a/media-libs/tiff/tiff-4.0.9-r1.ebuild +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" -inherit autotools eutils libtool multilib-minimal - -DESCRIPTION="Tag Image File Format (TIFF) library" -HOMEPAGE="http://libtiff.maptools.org" -SRC_URI="http://download.osgeo.org/libtiff/${P}.tar.gz - ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz" - -LICENSE="libtiff" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" -IUSE="+cxx jbig jpeg lzma static-libs test zlib" - -RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] ) - jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) - lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND}" - -REQUIRED_USE="test? ( jpeg )" #483132 - -PATCHES=( - "${FILESDIR}"/${PN}-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch - "${FILESDIR}"/${P}-CVE-2017-9935.patch #624696 -) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/tiffconf.h -) - -src_prepare() { - default - - # tiffcp-thumbnail.sh fails as thumbnail binary doesn't get built anymore since tiff-4.0.7 - sed '/tiffcp-thumbnail\.sh/d' -i test/Makefile.am || die - - eautoreconf -} - -multilib_src_configure() { - ECONF_SOURCE="${S}" econf \ - $(use_enable static-libs static) \ - $(use_enable zlib) \ - $(use_enable jpeg) \ - $(use_enable jbig) \ - $(use_enable lzma) \ - $(use_enable cxx) \ - --without-x - - # remove useless subdirs - if ! multilib_is_native_abi ; then - sed -i \ - -e 's/ tools//' \ - -e 's/ contrib//' \ - -e 's/ man//' \ - -e 's/ html//' \ - Makefile || die - fi -} - -multilib_src_test() { - if ! multilib_is_native_abi ; then - emake -C tools - fi - emake check -} - -multilib_src_install_all() { - prune_libtool_files --all - rm -f "${ED}"/usr/share/doc/${PF}/{COPYRIGHT,README*,RELEASE-DATE,TODO,VERSION} -} diff --git a/media-libs/tiff/tiff-4.0.9-r2.ebuild b/media-libs/tiff/tiff-4.0.9-r2.ebuild deleted file mode 100644 index 3bd50a67341e..000000000000 --- a/media-libs/tiff/tiff-4.0.9-r2.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit autotools libtool ltprune multilib-minimal - -DESCRIPTION="Tag Image File Format (TIFF) library" -HOMEPAGE="http://libtiff.maptools.org" -SRC_URI="http://download.osgeo.org/libtiff/${P}.tar.gz - ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz" - -LICENSE="libtiff" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" -IUSE="+cxx jbig jpeg lzma static-libs test zlib" - -RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] ) - jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) - lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND}" - -REQUIRED_USE="test? ( jpeg )" #483132 - -PATCHES=( - "${FILESDIR}"/${PN}-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch - "${FILESDIR}"/${PN}-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch - "${FILESDIR}"/${P}-CVE-2017-9935.patch #624696 - "${FILESDIR}"/${P}-CVE-2017-9935-fix-incorrect-type.patch #624696 -) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/tiffconf.h -) - -src_prepare() { - default - - # tiffcp-thumbnail.sh fails as thumbnail binary doesn't get built anymore since tiff-4.0.7 - sed '/tiffcp-thumbnail\.sh/d' -i test/Makefile.am || die - - eautoreconf -} - -multilib_src_configure() { - local myeconfargs=( - --without-x - $(use_enable cxx) - $(use_enable jbig) - $(use_enable jpeg) - $(use_enable lzma) - $(use_enable static-libs static) - $(use_enable zlib) - ) - ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" - - # remove useless subdirs - if ! multilib_is_native_abi ; then - sed -i \ - -e 's/ tools//' \ - -e 's/ contrib//' \ - -e 's/ man//' \ - -e 's/ html//' \ - Makefile || die - fi -} - -multilib_src_test() { - if ! multilib_is_native_abi ; then - emake -C tools - fi - emake check -} - -multilib_src_install_all() { - prune_libtool_files --all - rm -f "${ED%/}"/usr/share/doc/${PF}/{COPYRIGHT,README*,RELEASE-DATE,TODO,VERSION} -} -- cgit v1.2.3