[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Update: graphics/tiff 3.7.2
- To: ports_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Update: graphics/tiff 3.7.2
- From: Bernd Ahlers <b_(_dot_)_ahlers_(_at_)_ba-net_(_dot_)_org>
- Date: Thu, 26 May 2005 14:13:17 +0200
- Mail-followup-to: ports_(_at_)_openbsd_(_dot_)_org
Christian Weisgerber [Thu May 26, 2005 at 10:25:11AM +0200] wrote:
>Update graphics/tiff to 3.7.2.
>
>All the security patches have been incorporated into the upstream
>release. The build infrastructure was converted to autotools, so
>we now have to play the usual whack-an-automole.
>
>Since the changes consist mostly of patch removals and additions, I've
>attached the complete port.
>
Works for me on i386 and amd64.
How about to include Bruno Rohees unsafe string handling function
cleanup? (From his message to ports@ on May 1st.)
I've made a diff for your attached tgz. Applies and works fine for me.
(tested on i386 and amd64)
Regards,
Bernd
diff -Nur -X CVS tiff.naddy/patches/patch-libtiff_tif_compress_c tiff/patches/patch-libtiff_tif_compress_c
--- tiff.naddy/patches/patch-libtiff_tif_compress_c Thu Jan 1 01:00:00 1970
+++ tiff/patches/patch-libtiff_tif_compress_c Thu May 26 11:56:38 2005
@@ -0,0 +1,21 @@
+$OpenBSD$
+--- libtiff/tif_compress.c.orig Thu May 26 11:30:55 2005
++++ libtiff/tif_compress.c Thu May 26 11:32:30 2005
+@@ -191,14 +191,15 @@ TIFFFindCODEC(uint16 scheme)
+ TIFFCodec*
+ TIFFRegisterCODEC(uint16 scheme, const char* name, TIFFInitMethod init)
+ {
++ size_t namesize = strlen(name)+1;
+ codec_t* cd = (codec_t*)
+- _TIFFmalloc(sizeof (codec_t) + sizeof (TIFFCodec) + strlen(name)+1);
++ _TIFFmalloc(sizeof (codec_t) + sizeof (TIFFCodec) + namesize);
+
+ if (cd != NULL) {
+ cd->info = (TIFFCodec*) ((tidata_t) cd + sizeof (codec_t));
+ cd->info->name = (char*)
+ ((tidata_t) cd->info + sizeof (TIFFCodec));
+- strcpy(cd->info->name, name);
++ strlcpy(cd->info->name, name, namesize);
+ cd->info->scheme = scheme;
+ cd->info->init = init;
+ cd->next = registeredCODECS;
diff -Nur -X CVS tiff.naddy/patches/patch-libtiff_tif_dir_c tiff/patches/patch-libtiff_tif_dir_c
--- tiff.naddy/patches/patch-libtiff_tif_dir_c Thu Jan 1 01:00:00 1970
+++ tiff/patches/patch-libtiff_tif_dir_c Thu May 26 11:56:38 2005
@@ -0,0 +1,12 @@
+$OpenBSD$
+--- libtiff/tif_dir.c.orig Thu May 26 11:32:48 2005
++++ libtiff/tif_dir.c Thu May 26 11:38:24 2005
+@@ -615,7 +615,7 @@ _TIFFVSetField(TIFF* tif, ttag_t tag, va
+ status = 0;
+ goto end;
+ }
+- strcpy(tv->value, value);
++ strlcpy(tv->value, value, tv->count);
+ } else {
+ /* not supporting "pass by value" types yet */
+ TIFFError(module,
diff -Nur -X CVS tiff.naddy/patches/patch-libtiff_tif_dirinfo_c tiff/patches/patch-libtiff_tif_dirinfo_c
--- tiff.naddy/patches/patch-libtiff_tif_dirinfo_c Thu Jan 1 01:00:00 1970
+++ tiff/patches/patch-libtiff_tif_dirinfo_c Thu May 26 11:56:38 2005
@@ -0,0 +1,12 @@
+$OpenBSD$
+--- libtiff/tif_dirinfo.c.orig Thu May 26 11:38:45 2005
++++ libtiff/tif_dirinfo.c Thu May 26 11:39:25 2005
+@@ -527,7 +527,7 @@ _TIFFCreateAnonFieldInfo(TIFF *tif, ttag
+ /* note that this name is a special sign to TIFFClose() and
+ * _TIFFSetupFieldInfo() to free the field
+ */
+- sprintf(fld->field_name, "Tag %d", (int) tag);
++ snprintf(fld->field_name, 32, "Tag %d", (int) tag);
+
+ return fld;
+ }
diff -Nur -X CVS tiff.naddy/patches/patch-libtiff_tif_extension_c tiff/patches/patch-libtiff_tif_extension_c
--- tiff.naddy/patches/patch-libtiff_tif_extension_c Thu Jan 1 01:00:00 1970
+++ tiff/patches/patch-libtiff_tif_extension_c Thu May 26 11:56:38 2005
@@ -0,0 +1,24 @@
+$OpenBSD$
+--- libtiff/tif_extension.c.orig Thu May 26 11:39:54 2005
++++ libtiff/tif_extension.c Thu May 26 11:43:32 2005
+@@ -80,6 +80,7 @@ void *TIFFGetClientInfo( TIFF *tif, cons
+ void TIFFSetClientInfo( TIFF *tif, void *data, const char *name )
+
+ {
++ size_t namesize;
+ TIFFClientInfoLink *link = tif->tif_clientinfo;
+
+ /*
+@@ -102,9 +103,10 @@ void TIFFSetClientInfo( TIFF *tif, void
+ link = (TIFFClientInfoLink *) _TIFFmalloc(sizeof(TIFFClientInfoLink));
+ assert (link != NULL);
+ link->next = tif->tif_clientinfo;
+- link->name = (char *) _TIFFmalloc(strlen(name)+1);
++ namesize = strlen(name)+1;
++ link->name = (char *) _TIFFmalloc(namesize);
+ assert (link->name != NULL);
+- strcpy(link->name, name);
++ strlcpy(link->name, name, namesize);
+ link->data = data;
+
+ tif->tif_clientinfo = link;
diff -Nur -X CVS tiff.naddy/patches/patch-libtiff_tif_getimage_c tiff/patches/patch-libtiff_tif_getimage_c
--- tiff.naddy/patches/patch-libtiff_tif_getimage_c Thu Jan 1 01:00:00 1970
+++ tiff/patches/patch-libtiff_tif_getimage_c Thu May 26 11:56:38 2005
@@ -0,0 +1,229 @@
+$OpenBSD$
+--- libtiff/tif_getimage.c.orig Thu May 26 11:44:18 2005
++++ libtiff/tif_getimage.c Thu May 26 11:54:09 2005
+@@ -77,7 +77,7 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ int colorchannels;
+
+ if (!tif->tif_decodestatus) {
+- sprintf(emsg, "Sorry, requested compression method is not configured");
++ snprintf(emsg, sizeof emsg, "Sorry, requested compression method is not configured");
+ return (0);
+ }
+ switch (td->td_bitspersample) {
+@@ -85,7 +85,7 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ case 8: case 16:
+ break;
+ default:
+- sprintf(emsg, "Sorry, can not handle images with %d-bit samples",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle images with %d-bit samples",
+ td->td_bitspersample);
+ return (0);
+ }
+@@ -99,7 +99,7 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ photometric = PHOTOMETRIC_RGB;
+ break;
+ default:
+- sprintf(emsg, "Missing needed %s tag", photoTag);
++ snprintf(emsg, sizeof emsg, "Missing needed %s tag", photoTag);
+ return (0);
+ }
+ }
+@@ -110,7 +110,7 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ if (td->td_planarconfig == PLANARCONFIG_CONTIG
+ && td->td_samplesperpixel != 1
+ && td->td_bitspersample < 8 ) {
+- sprintf(emsg,
++ snprintf(emsg, sizeof emsg,
+ "Sorry, can not handle contiguous data with %s=%d, "
+ "and %s=%d and Bits/Sample=%d",
+ photoTag, photometric,
+@@ -126,33 +126,33 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ break;
+ case PHOTOMETRIC_YCBCR:
+ if (td->td_planarconfig != PLANARCONFIG_CONTIG) {
+- sprintf(emsg, "Sorry, can not handle YCbCr images with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle YCbCr images with %s=%d",
+ "Planarconfiguration", td->td_planarconfig);
+ return (0);
+ }
+ break;
+ case PHOTOMETRIC_RGB:
+ if (colorchannels < 3) {
+- sprintf(emsg, "Sorry, can not handle RGB image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle RGB image with %s=%d",
+ "Color channels", colorchannels);
+ return (0);
+ }
+ break;
+ case PHOTOMETRIC_SEPARATED:
+ if (td->td_inkset != INKSET_CMYK) {
+- sprintf(emsg, "Sorry, can not handle separated image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle separated image with %s=%d",
+ "InkSet", td->td_inkset);
+ return (0);
+ }
+ if (td->td_samplesperpixel < 4) {
+- sprintf(emsg, "Sorry, can not handle separated image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle separated image with %s=%d",
+ "Samples/pixel", td->td_samplesperpixel);
+ return (0);
+ }
+ break;
+ case PHOTOMETRIC_LOGL:
+ if (td->td_compression != COMPRESSION_SGILOG) {
+- sprintf(emsg, "Sorry, LogL data must have %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, LogL data must have %s=%d",
+ "Compression", COMPRESSION_SGILOG);
+ return (0);
+ }
+@@ -160,12 +160,12 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ case PHOTOMETRIC_LOGLUV:
+ if (td->td_compression != COMPRESSION_SGILOG &&
+ td->td_compression != COMPRESSION_SGILOG24) {
+- sprintf(emsg, "Sorry, LogLuv data must have %s=%d or %d",
++ snprintf(emsg, sizeof emsg, "Sorry, LogLuv data must have %s=%d or %d",
+ "Compression", COMPRESSION_SGILOG, COMPRESSION_SGILOG24);
+ return (0);
+ }
+ if (td->td_planarconfig != PLANARCONFIG_CONTIG) {
+- sprintf(emsg, "Sorry, can not handle LogLuv images with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle LogLuv images with %s=%d",
+ "Planarconfiguration", td->td_planarconfig);
+ return (0);
+ }
+@@ -173,7 +173,7 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
+ case PHOTOMETRIC_CIELAB:
+ break;
+ default:
+- sprintf(emsg, "Sorry, can not handle image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle image with %s=%d",
+ photoTag, photometric);
+ return (0);
+ }
+@@ -239,7 +239,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ case 8: case 16:
+ break;
+ default:
+- sprintf(emsg, "Sorry, can not handle images with %d-bit samples",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle images with %d-bit samples",
+ img->bitspersample);
+ return (0);
+ }
+@@ -289,7 +289,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ img->photometric = PHOTOMETRIC_RGB;
+ break;
+ default:
+- sprintf(emsg, "Missing needed %s tag", photoTag);
++ snprintf(emsg, sizeof emsg, "Missing needed %s tag", photoTag);
+ return (0);
+ }
+ }
+@@ -297,7 +297,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ case PHOTOMETRIC_PALETTE:
+ if (!TIFFGetField(tif, TIFFTAG_COLORMAP,
+ &red_orig, &green_orig, &blue_orig)) {
+- sprintf(emsg, "Missing required \"Colormap\" tag");
++ snprintf(emsg, sizeof emsg, "Missing required \"Colormap\" tag");
+ return (0);
+ }
+
+@@ -307,7 +307,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ img->greencmap = (uint16 *) _TIFFmalloc(sizeof(uint16)*n_color);
+ img->bluecmap = (uint16 *) _TIFFmalloc(sizeof(uint16)*n_color);
+ if( !img->redcmap || !img->greencmap || !img->bluecmap ) {
+- sprintf(emsg, "Out of memory for colormap copy");
++ snprintf(emsg, sizeof emsg, "Out of memory for colormap copy");
+ return (0);
+ }
+
+@@ -321,7 +321,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ if (planarconfig == PLANARCONFIG_CONTIG
+ && img->samplesperpixel != 1
+ && img->bitspersample < 8 ) {
+- sprintf(emsg,
++ snprintf(emsg, sizeof emsg,
+ "Sorry, can not handle contiguous data with %s=%d, "
+ "and %s=%d and Bits/Sample=%d",
+ photoTag, img->photometric,
+@@ -332,7 +332,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ break;
+ case PHOTOMETRIC_YCBCR:
+ if (planarconfig != PLANARCONFIG_CONTIG) {
+- sprintf(emsg, "Sorry, can not handle YCbCr images with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle YCbCr images with %s=%d",
+ "Planarconfiguration", planarconfig);
+ return (0);
+ }
+@@ -354,7 +354,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ break;
+ case PHOTOMETRIC_RGB:
+ if (colorchannels < 3) {
+- sprintf(emsg, "Sorry, can not handle RGB image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle RGB image with %s=%d",
+ "Color channels", colorchannels);
+ return (0);
+ }
+@@ -363,12 +363,12 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ uint16 inkset;
+ TIFFGetFieldDefaulted(tif, TIFFTAG_INKSET, &inkset);
+ if (inkset != INKSET_CMYK) {
+- sprintf(emsg, "Sorry, can not handle separated image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle separated image with %s=%d",
+ "InkSet", inkset);
+ return (0);
+ }
+ if (img->samplesperpixel < 4) {
+- sprintf(emsg, "Sorry, can not handle separated image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle separated image with %s=%d",
+ "Samples/pixel", img->samplesperpixel);
+ return (0);
+ }
+@@ -376,7 +376,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ }
+ case PHOTOMETRIC_LOGL:
+ if (compress != COMPRESSION_SGILOG) {
+- sprintf(emsg, "Sorry, LogL data must have %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, LogL data must have %s=%d",
+ "Compression", COMPRESSION_SGILOG);
+ return (0);
+ }
+@@ -386,12 +386,12 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ break;
+ case PHOTOMETRIC_LOGLUV:
+ if (compress != COMPRESSION_SGILOG && compress != COMPRESSION_SGILOG24) {
+- sprintf(emsg, "Sorry, LogLuv data must have %s=%d or %d",
++ snprintf(emsg, sizeof emsg, "Sorry, LogLuv data must have %s=%d or %d",
+ "Compression", COMPRESSION_SGILOG, COMPRESSION_SGILOG24);
+ return (0);
+ }
+ if (planarconfig != PLANARCONFIG_CONTIG) {
+- sprintf(emsg, "Sorry, can not handle LogLuv images with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle LogLuv images with %s=%d",
+ "Planarconfiguration", planarconfig);
+ return (0);
+ }
+@@ -402,7 +402,7 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ case PHOTOMETRIC_CIELAB:
+ break;
+ default:
+- sprintf(emsg, "Sorry, can not handle image with %s=%d",
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle image with %s=%d",
+ photoTag, img->photometric);
+ return (0);
+ }
+@@ -419,13 +419,13 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
+ if (img->isContig) {
+ img->get = TIFFIsTiled(tif) ? gtTileContig : gtStripContig;
+ if (!pickTileContigCase(img)) {
+- sprintf(emsg, "Sorry, can not handle image");
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle image");
+ return 0;
+ }
+ } else {
+ img->get = TIFFIsTiled(tif) ? gtTileSeparate : gtStripSeparate;
+ if (!pickTileSeparateCase(img)) {
+- sprintf(emsg, "Sorry, can not handle image");
++ snprintf(emsg, sizeof emsg, "Sorry, can not handle image");
+ return 0;
+ }
+ }
diff -Nur -X CVS tiff.naddy/patches/patch-libtiff_tif_open_c tiff/patches/patch-libtiff_tif_open_c
--- tiff.naddy/patches/patch-libtiff_tif_open_c Thu Jan 1 01:00:00 1970
+++ tiff/patches/patch-libtiff_tif_open_c Thu May 26 11:56:38 2005
@@ -0,0 +1,26 @@
+$OpenBSD$
+--- libtiff/tif_open.c.orig Thu May 26 11:54:59 2005
++++ libtiff/tif_open.c Thu May 26 11:56:11 2005
+@@ -152,18 +152,20 @@ TIFFClientOpen(
+ TIFF *tif;
+ int m, bigendian;
+ const char* cp;
++ size_t namesize;
+
+ m = _TIFFgetMode(mode, module);
+ if (m == -1)
+ goto bad2;
+- tif = (TIFF *)_TIFFmalloc(sizeof (TIFF) + strlen(name) + 1);
++ namesize = strlen(name) + 1;
++ tif = (TIFF *)_TIFFmalloc(sizeof (TIFF) + namesize);
+ if (tif == NULL) {
+ TIFFError(module, "%s: Out of memory (TIFF structure)", name);
+ goto bad2;
+ }
+ _TIFFmemset(tif, 0, sizeof (*tif));
+ tif->tif_name = (char *)tif + sizeof (TIFF);
+- strcpy(tif->tif_name, name);
++ strlcpy(tif->tif_name, name, namesize);
+ tif->tif_mode = m &~ (O_CREAT|O_TRUNC);
+ tif->tif_curdir = (tdir_t) -1; /* non-existent directory */
+ tif->tif_curoff = 0;
Visit your host, monkey.org