Thu Oct 22 14:39:55 2009 UTC ()
Fix gd library security problem refering PHP's SVN repositry.

	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546

Bump PKGREVISION.
(This fix is for php5 only and I don't know about php4.)


(taca)
diff -r1.80 -r1.81 pkgsrc/graphics/gd/Makefile
diff -r1.29 -r1.30 pkgsrc/graphics/gd/distinfo
diff -r0 -r1.1 pkgsrc/graphics/gd/patches/patch-ad
cvs diff -r1.80 -r1.81 pkgsrc/graphics/gd/Makefile (expand / switch to unified diff)

--- pkgsrc/graphics/gd/Makefile 2009/08/26 19:56:39 1.80
+++ pkgsrc/graphics/gd/Makefile 2009/10/22 14:39:55 1.81
@@ -1,17 +1,17 @@ @@ -1,17 +1,17 @@
1# $NetBSD: Makefile,v 1.80 2009/08/26 19:56:39 sno Exp $ 1# $NetBSD: Makefile,v 1.81 2009/10/22 14:39:55 taca Exp $
2 2
3DISTNAME= gd-2.0.35 3DISTNAME= gd-2.0.35
4PKGREVISION= 2 4PKGREVISION= 3
5CATEGORIES= graphics 5CATEGORIES= graphics
6MASTER_SITES= http://www.libgd.org/releases/ 6MASTER_SITES= http://www.libgd.org/releases/
7EXTRACT_SUFX= .tar.bz2 7EXTRACT_SUFX= .tar.bz2
8 8
9MAINTAINER= adam@NetBSD.org 9MAINTAINER= adam@NetBSD.org
10HOMEPAGE= http://www.libgd.org/ 10HOMEPAGE= http://www.libgd.org/
11COMMENT= Graphics library for the dynamic creation of images 11COMMENT= Graphics library for the dynamic creation of images
12 12
13PKG_DESTDIR_SUPPORT= user-destdir 13PKG_DESTDIR_SUPPORT= user-destdir
14 14
15.include "options.mk" 15.include "options.mk"
16 16
17# fails in test not finding libgd.a 17# fails in test not finding libgd.a
cvs diff -r1.29 -r1.30 pkgsrc/graphics/gd/distinfo (expand / switch to unified diff)

--- pkgsrc/graphics/gd/distinfo 2009/04/12 00:29:26 1.29
+++ pkgsrc/graphics/gd/distinfo 2009/10/22 14:39:55 1.30
@@ -1,8 +1,9 @@ @@ -1,8 +1,9 @@
1$NetBSD: distinfo,v 1.29 2009/04/12 00:29:26 sno Exp $ 1$NetBSD: distinfo,v 1.30 2009/10/22 14:39:55 taca Exp $
2 2
3SHA1 (gd-2.0.35.tar.bz2) = ccf34a610abff2dbf133a20c4d2a4aa94939018a 3SHA1 (gd-2.0.35.tar.bz2) = ccf34a610abff2dbf133a20c4d2a4aa94939018a
4RMD160 (gd-2.0.35.tar.bz2) = f452a2c333b2ba9b7b4c143983ec2af18a335516 4RMD160 (gd-2.0.35.tar.bz2) = f452a2c333b2ba9b7b4c143983ec2af18a335516
5Size (gd-2.0.35.tar.bz2) = 1212730 bytes 5Size (gd-2.0.35.tar.bz2) = 1212730 bytes
6SHA1 (patch-aa) = 726107579811ce1f33b00bd4dbf13040c48120bb 6SHA1 (patch-aa) = 726107579811ce1f33b00bd4dbf13040c48120bb
7SHA1 (patch-ab) = 082f5baa2c147fb62381c21ecb3ce11a1891a2aa 7SHA1 (patch-ab) = 082f5baa2c147fb62381c21ecb3ce11a1891a2aa
8SHA1 (patch-ac) = d166ed4d0a3510c610e8aa233d312e15d96f4667 8SHA1 (patch-ac) = d166ed4d0a3510c610e8aa233d312e15d96f4667
 9SHA1 (patch-ad) = 61daf7516615b30c749b3bdd7caeec728b4c61db
File Added: pkgsrc/graphics/gd/patches/Attic/patch-ad
$NetBSD: patch-ad,v 1.1 2009/10/22 14:39:55 taca Exp $

* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546,
  similar chagne from PHP's SVN repositry r289557.

--- gd_gd.c.orig	2006-04-06 00:52:22.000000000 +0900
+++ gd_gd.c
@@ -44,6 +44,10 @@ _gdGetColors (gdIOCtx * in, gdImagePtr i
 	    {
 	      goto fail1;
 	    }
+	  if (im->colorsTotal > gdMaxColors)
+	    {
+	        goto fail1;
+	    }
 	}
       /* Int to accommodate truecolor single-color transparency */
       if (!gdGetInt (&im->transparent, in))