Sun Jan 20 18:24:51 2008 UTC ()
libXfont-1.3.1nb2:
Include upstream fix for another PCF integer overflow.
This is CVE-2008-0006.


(joerg)
diff -r1.8 -r1.9 pkgsrc/x11/libXfont/Makefile
diff -r1.7 -r1.8 pkgsrc/x11/libXfont/distinfo
diff -r0 -r1.3 pkgsrc/x11/libXfont/patches/patch-ab
cvs diff -r1.8 -r1.9 pkgsrc/x11/libXfont/Makefile (expand / switch to unified diff)

--- pkgsrc/x11/libXfont/Makefile 2007/09/24 16:24:48 1.8
+++ pkgsrc/x11/libXfont/Makefile 2008/01/20 18:24:51 1.9
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1# $NetBSD: Makefile,v 1.8 2007/09/24 16:24:48 joerg Exp $ 1# $NetBSD: Makefile,v 1.9 2008/01/20 18:24:51 joerg Exp $
2# 2#
3 3
4DISTNAME= libXfont-1.3.1 4DISTNAME= libXfont-1.3.1
5PKGREVISION= 1 5PKGREVISION= 2
6CATEGORIES= x11 devel fonts 6CATEGORIES= x11 devel fonts
7MASTER_SITES= http://xorg.freedesktop.org/releases/individual/lib/ 7MASTER_SITES= http://xorg.freedesktop.org/releases/individual/lib/
8EXTRACT_SUFX= .tar.bz2 8EXTRACT_SUFX= .tar.bz2
9 9
10MAINTAINER= joerg@NetBSD.org 10MAINTAINER= joerg@NetBSD.org
11HOMEPAGE= http://xorg.freedesktop.org/ 11HOMEPAGE= http://xorg.freedesktop.org/
12COMMENT= X font Library 12COMMENT= X font Library
13 13
14PKG_DESTDIR_SUPPORT= user-destdir 14PKG_DESTDIR_SUPPORT= user-destdir
15 15
16USE_LIBTOOL= yes 16USE_LIBTOOL= yes
17GNU_CONFIGURE= yes 17GNU_CONFIGURE= yes
18USE_TOOLS+= pkg-config 18USE_TOOLS+= pkg-config
cvs diff -r1.7 -r1.8 pkgsrc/x11/libXfont/distinfo (expand / switch to unified diff)

--- pkgsrc/x11/libXfont/distinfo 2007/09/24 16:24:48 1.7
+++ pkgsrc/x11/libXfont/distinfo 2008/01/20 18:24:51 1.8
@@ -1,6 +1,7 @@ @@ -1,6 +1,7 @@
1$NetBSD: distinfo,v 1.7 2007/09/24 16:24:48 joerg Exp $ 1$NetBSD: distinfo,v 1.8 2008/01/20 18:24:51 joerg Exp $
2 2
3SHA1 (libXfont-1.3.1.tar.bz2) = 90153414cd3580d92cad6469166c099749cddd29 3SHA1 (libXfont-1.3.1.tar.bz2) = 90153414cd3580d92cad6469166c099749cddd29
4RMD160 (libXfont-1.3.1.tar.bz2) = 13c8ed7b33ec0c4f08c032d74958e49d3c177464 4RMD160 (libXfont-1.3.1.tar.bz2) = 13c8ed7b33ec0c4f08c032d74958e49d3c177464
5Size (libXfont-1.3.1.tar.bz2) = 564235 bytes 5Size (libXfont-1.3.1.tar.bz2) = 564235 bytes
6SHA1 (patch-aa) = e421de2c9b67b46c2dab651ba1bab13fd08df914 6SHA1 (patch-aa) = e421de2c9b67b46c2dab651ba1bab13fd08df914
 7SHA1 (patch-ab) = 56339bd99f714be3d9a7d697c39eab1b13794c3b
File Added: pkgsrc/x11/libXfont/patches/Attic/patch-ab
$NetBSD: patch-ab,v 1.3 2008/01/20 18:24:51 joerg Exp $

--- src/bitmap/pcfread.c.orig	2007-09-05 02:18:23.000000000 +0200
+++ src/bitmap/pcfread.c
@@ -588,6 +588,9 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
     pFont->info.lastRow = pcfGetINT16(file, format);
     pFont->info.defaultCh = pcfGetINT16(file, format);
     if (IS_EOF(file)) goto Bail;
+    if (pFont->info.firstCol > pFont->info.lastCol ||
+       pFont->info.firstRow > pFont->info.lastRow ||
+       pFont->info.lastCol-pFont->info.firstCol > 255) goto Bail;
 
     nencoding = (pFont->info.lastCol - pFont->info.firstCol + 1) *
 	(pFont->info.lastRow - pFont->info.firstRow + 1);
@@ -726,6 +729,9 @@ pcfReadFontInfo(FontInfoPtr pFontInfo, F
     pFontInfo->lastRow = pcfGetINT16(file, format);
     pFontInfo->defaultCh = pcfGetINT16(file, format);
     if (IS_EOF(file)) goto Bail;
+    if (pFontInfo->firstCol > pFontInfo->lastCol ||
+       pFontInfo->firstRow > pFontInfo->lastRow ||
+       pFontInfo->lastCol-pFontInfo->firstCol > 255) goto Bail;
 
     nencoding = (pFontInfo->lastCol - pFontInfo->firstCol + 1) *
 	(pFontInfo->lastRow - pFontInfo->firstRow + 1);