Tue Mar 8 17:13:34 2011 UTC ()

adopt evince/patch-ba to fix 2 possible buffer overflows in AFM file
parsing (SA43491), bump PKGREV


(drochner)

diff -r1.42 -r1.43 pkgsrc/fonts/t1lib/Makefile
diff -r1.19 -r1.20 pkgsrc/fonts/t1lib/distinfo
diff -r0 -r1.3 pkgsrc/fonts/t1lib/patches/patch-ai

--- pkgsrc/fonts/t1lib/Makefile 2010/07/08 18:48:47 1.42
+++ pkgsrc/fonts/t1lib/Makefile 2011/03/08 17:13:33 1.43

 @@ -1,63 +1,63 @@
-# $NetBSD: Makefile,v 1.42 2010/07/08 18:48:47 jdolecek Exp $
+# $NetBSD: Makefile,v 1.43 2011/03/08 17:13:33 drochner Exp $
 DISTNAME=	t1lib-5.1.2
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	fonts devel graphics
 MASTER_SITES=	${MASTER_SITE_SUNSITE:=libs/graphics/}
 MAINTAINER=	pkgsrc-users@NetBSD.org
 COMMENT=	Library for generating bitmaps from Adobe Type 1 fonts
 PKG_INSTALLATION_TYPES=	overwrite pkgviews
 PKG_DESTDIR_SUPPORT=	user-destdir
 MAKE_JOBS_SAFE=		no
 USE_LIBTOOL=		yes
 USE_TOOLS+=		gmake pax
 GNU_CONFIGURE=		yes
 BUILD_TARGET=	without_doc
 EGDIR=		${PREFIX}/share/examples/${PKGBASE}
 DATADIR=	${PREFIX}/share/${PKGBASE}
 CONF_FILES=	${EGDIR}/t1lib.config.sample ${DATADIR}/t1lib.config
 CONF_FILES+=	${EGDIR}/FontDataBase ${DATADIR}/FontDataBase
 .include "options.mk"
 PLIST_VARS+=	x11
 .if !empty(PKG_OPTIONS:Mx11)
 PLIST.x11=	yes
 .else
 CONFIGURE_ARGS+=	--without-x
 .endif
 SUBST_CLASSES+=		paths
 SUBST_FILES.paths=	t1lib.config.sample
 SUBST_SED.paths=	-e 's,@PREFIX@,${PREFIX},g'
 SUBST_SED.paths+=	-e 's,@LOCALBASE@,${LOCALBASE},g'
 SUBST_STAGE.paths=	post-patch
 post-extract:
 	${CP} ${FILESDIR}/t1lib.config.sample ${WRKSRC}
 pre-build:
 	${FIND} ${WRKSRC} -name "*.orig" -print | ${XARGS} ${RM}
 post-install:
 	${INSTALL_DATA_DIR} ${DESTDIR}${DATADIR}
 	cd ${WRKSRC};							\
 	pax -rw Fonts ${DESTDIR}${DATADIR};					\
 	${CHMOD} go+r ${DESTDIR}${DATADIR}/Fonts/enc/IsoLatin2.enc;		\
 	pax -rw -s "/doc/${PKGBASE}/" doc ${DESTDIR}${PREFIX}/share/doc
 	${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR}
 	${INSTALL_DATA} ${WRKSRC}/t1lib.config.sample ${DESTDIR}${EGDIR}
 	cd ${WRKSRC}/examples;						\
 	pax -rw FontDataBase t1example1.c t1lib.config ${DESTDIR}${EGDIR}
 .include "../../devel/gettext-lib/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"

--- pkgsrc/fonts/t1lib/distinfo 2008/02/11 18:53:38 1.19
+++ pkgsrc/fonts/t1lib/distinfo 2011/03/08 17:13:33 1.20

 @@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.19 2008/02/11 18:53:38 bjs Exp $
+$NetBSD: distinfo,v 1.20 2011/03/08 17:13:33 drochner Exp $
 SHA1 (t1lib-5.1.2.tar.gz) = 4b4fc22c8688eefaaa8cfc990f0039f95f4287de
 RMD160 (t1lib-5.1.2.tar.gz) = ab22aea390356750d743c0f4b08762aa76ca2a82
 Size (t1lib-5.1.2.tar.gz) = 1872534 bytes
 SHA1 (patch-aa) = 068c25f733c3037faa5051b527b1e1637d706a20
 SHA1 (patch-ac) = 14201794e29a2eeba22a9144726ed3e00322aa1d
 SHA1 (patch-ad) = 29c530f6d363de31777ad45823b55e72208c4ccb
 SHA1 (patch-af) = e89df0d94e0748e468c7c3d40ce2fc0ccdb0116c
 SHA1 (patch-ah) = 60ead43eeb6327cd3fd94755364633b6bf5d5d0d
 SHA1 (patch-ai) = 176ed28f114f64c5e97e7c00c684a74895de2df3

$NetBSD: patch-ai,v 1.3 2011/03/08 17:13:33 drochner Exp $

--- lib/t1lib/parseAFM.c.orig	2007-12-23 15:49:42.000000000 +0000
+++ lib/t1lib/parseAFM.c
@@ -199,7 +199,7 @@ static char *token(stream) 
     idx = 0;
     
     while (ch != EOF && ch != ' ' && ch != CR  && ch != LF &&
-	   ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){
+	   ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';' && idx < MAX_NAME){
       ident[idx++] = ch;
       ch = fgetc(stream);
     } /* while */
@@ -235,7 +235,7 @@ static char *linetoken(stream)
     while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); 
     
     idx = 0;
-    while (ch != EOF && ch != CR  && ch != LF && ch != CTRL_Z) 
+    while (ch != EOF && ch != CR  && ch != LF && ch != CTRL_Z && idx < MAX_NAME) 
     {
         ident[idx++] = ch;
         ch = fgetc(stream);