* [PR PATCH] libwmf: update to 0.2.12
@ 2020-11-19 0:07 ndowens
2020-11-19 0:29 ` ericonr
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: ndowens @ 2020-11-19 0:07 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 361 bytes --]
There is a new pull request by ndowens against master on the void-packages repository
https://github.com/ndowens/void-packages libwmf
https://github.com/void-linux/void-packages/pull/26498
libwmf: update to 0.2.12
Change source as original upstream is dead also adopt
A patch file from https://github.com/void-linux/void-packages/pull/26498.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-libwmf-26498.patch --]
[-- Type: text/x-diff, Size: 13322 bytes --]
From c2f19b9b5558893a867a15c6049e2383c67d213f Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Wed, 18 Nov 2020 17:30:36 -0600
Subject: [PATCH] libwmf: update to 0.2.12
Change source as original upstream is dead
---
common/shlibs | 4 +-
...yer.c-integer-overflow-cve-2006-3376.patch | 28 ---
..._clip.c-use-after-free-cve-2009-1364.patch | 11 --
...015-4588_CVE-2015-4695_CVE-2015-4696.patch | 186 ------------------
srcpkgs/libwmf/patches/CVE-2016-9011.patch | 34 ----
.../fix-gdk-pixbuf-loaders-location.patch | 15 --
srcpkgs/libwmf/template | 25 ++-
7 files changed, 13 insertions(+), 290 deletions(-)
delete mode 100644 srcpkgs/libwmf/patches/01_player.c-integer-overflow-cve-2006-3376.patch
delete mode 100644 srcpkgs/libwmf/patches/04_gd-gd_clip.c-use-after-free-cve-2009-1364.patch
delete mode 100644 srcpkgs/libwmf/patches/CVE-2015-0848_CVE-2015-4588_CVE-2015-4695_CVE-2015-4696.patch
delete mode 100644 srcpkgs/libwmf/patches/CVE-2016-9011.patch
delete mode 100644 srcpkgs/libwmf/patches/fix-gdk-pixbuf-loaders-location.patch
diff --git a/common/shlibs b/common/shlibs
index 9a576f18d0f..a0c2442d3b1 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -80,8 +80,8 @@ libgomp.so.1 libgomp-4.4.0_1
libgps.so.25 gpsd-3.20_1
libmagic.so.1 libmagic-5.12_1
libbluetooth.so.3 libbluetooth-4.58_1
-libwmf-0.2.so.7 libwmf-0.2.8.4_1
-libwmflite-0.2.so.7 libwmf-0.2.8.4_1
+libwmf-0.2.so.7 libwmf-0.2.12_1
+libwmflite-0.2.so.7 libwmf-0.2.12_1
libgthread-2.0.so.0 glib-2.18.0_1
libglib-2.0.so.0 glib-2.18.0_1
libgmodule-2.0.so.0 glib-2.18.0_1
diff --git a/srcpkgs/libwmf/patches/01_player.c-integer-overflow-cve-2006-3376.patch b/srcpkgs/libwmf/patches/01_player.c-integer-overflow-cve-2006-3376.patch
deleted file mode 100644
index fcb029f420d..00000000000
--- a/srcpkgs/libwmf/patches/01_player.c-integer-overflow-cve-2006-3376.patch
+++ /dev/null
@@ -1,28 +0,0 @@
---- src/player.c
-+++ src/player.c
-@@ -23,6 +23,7 @@
-
- #include <stdio.h>
- #include <stdlib.h>
-+#include <stdint.h>
- #include <string.h>
- #include <math.h>
-
-@@ -132,8 +133,14 @@
- }
- }
-
--/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
-- */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char));
-+ if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
-+ {
-+ API->err = wmf_E_InsMem;
-+ WMF_DEBUG (API,"bailing...");
-+ return (API->err);
-+ }
-+
-+ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char));
-
- if (ERR (API))
- { WMF_DEBUG (API,"bailing...");
-
diff --git a/srcpkgs/libwmf/patches/04_gd-gd_clip.c-use-after-free-cve-2009-1364.patch b/srcpkgs/libwmf/patches/04_gd-gd_clip.c-use-after-free-cve-2009-1364.patch
deleted file mode 100644
index 01f0dd2795c..00000000000
--- a/srcpkgs/libwmf/patches/04_gd-gd_clip.c-use-after-free-cve-2009-1364.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/extra/gd/gd_clip.c
-+++ src/extra/gd/gd_clip.c
-@@ -70,6 +70,7 @@
- { more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle));
- if (more == 0) return;
- im->clip->max += 8;
-+ im->clip->list = more;
- }
- im->clip->list[im->clip->count] = (*rect);
- im->clip->count++;
-
diff --git a/srcpkgs/libwmf/patches/CVE-2015-0848_CVE-2015-4588_CVE-2015-4695_CVE-2015-4696.patch b/srcpkgs/libwmf/patches/CVE-2015-0848_CVE-2015-4588_CVE-2015-4695_CVE-2015-4696.patch
deleted file mode 100644
index 26b44ef76cb..00000000000
--- a/srcpkgs/libwmf/patches/CVE-2015-0848_CVE-2015-4588_CVE-2015-4695_CVE-2015-4696.patch
+++ /dev/null
@@ -1,186 +0,0 @@
---- src/player/meta.h
-+++ src/player/meta.h
-@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API,
- objects = P->objects;
-
- i = 0;
-- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
-
- if (i == NUM_OBJECTS (API))
- { WMF_ERROR (API,"Object out of range!");
-@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,w
- objects = P->objects;
-
- i = 0;
-- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
-
- if (i == NUM_OBJECTS (API))
- { WMF_ERROR (API,"Object out of range!");
-@@ -2593,9 +2593,10 @@ static int meta_dc_restore (wmfAPI* API,
- polyrect.BR = 0;
-
- polyrect.count = 0;
-+
-+ if (FR->region_clip) FR->region_clip (API,&polyrect);
- }
-
-- if (FR->region_clip) FR->region_clip (API,&polyrect);
-
- return (changed);
- }
-@@ -3067,7 +3068,7 @@ static int meta_pen_create (wmfAPI* API,
- objects = P->objects;
-
- i = 0;
-- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
-
- if (i == NUM_OBJECTS (API))
- { WMF_ERROR (API,"Object out of range!");
-@@ -3181,7 +3182,7 @@ static int meta_brush_create (wmfAPI* AP
- objects = P->objects;
-
- i = 0;
-- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
-
- if (i == NUM_OBJECTS (API))
- { WMF_ERROR (API,"Object out of range!");
-@@ -3288,7 +3289,7 @@ static int meta_font_create (wmfAPI* API
- objects = P->objects;
-
- i = 0;
-- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
-
- if (i == NUM_OBJECTS (API))
- { WMF_ERROR (API,"Object out of range!");
-@@ -3396,7 +3397,7 @@ static int meta_palette_create (wmfAPI*
- objects = P->objects;
-
- i = 0;
-- while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
-
- if (i == NUM_OBJECTS (API))
- { WMF_ERROR (API,"Object out of range!");
---- src/ipa/ipa.h
-+++ src/ipa/ipa.h
-@@ -48,7 +48,7 @@ static int ReadBlobByte (BMPS
- static unsigned short ReadBlobLSBShort (BMPSource*);
- static unsigned long ReadBlobLSBLong (BMPSource*);
- static long TellBlob (BMPSource*);
--static void DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*);
-+static int DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*);
- static void ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*);
- static int ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int);
- static void SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int);
---- src/ipa/ipa/bmp.h
-+++ src/ipa/ipa/bmp.h
-@@ -859,7 +859,7 @@ static long TellBlob (BMPSource* src)
- %
- %
- */
--static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels)
-+static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels)
- { int byte;
- int count;
- int i;
-@@ -870,12 +870,14 @@ static void DecodeImage (wmfAPI* API,wmf
- U32 u;
-
- unsigned char* q;
-+ unsigned char* end;
-
- for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0;
-
- byte = 0;
- x = 0;
- q = pixels;
-+ end = pixels + bmp->width * bmp->height;
-
- for (y = 0; y < bmp->height; )
- { count = ReadBlobByte (src);
-@@ -884,7 +886,10 @@ static void DecodeImage (wmfAPI* API,wmf
- { /* Encoded mode. */
- byte = ReadBlobByte (src);
- for (i = 0; i < count; i++)
-- { if (compression == 1)
-+ {
-+ if (q == end)
-+ return 0;
-+ if (compression == 1)
- { (*(q++)) = (unsigned char) byte;
- }
- else
-@@ -896,13 +901,15 @@ static void DecodeImage (wmfAPI* API,wmf
- else
- { /* Escape mode. */
- count = ReadBlobByte (src);
-- if (count == 0x01) return;
-+ if (count == 0x01) return 1;
- switch (count)
- {
- case 0x00:
- { /* End of line. */
- x = 0;
- y++;
-+ if (y >= bmp->height)
-+ return 0;
- q = pixels + y * bmp->width;
- break;
- }
-@@ -910,13 +917,20 @@ static void DecodeImage (wmfAPI* API,wmf
- { /* Delta mode. */
- x += ReadBlobByte (src);
- y += ReadBlobByte (src);
-+ if (y >= bmp->height)
-+ return 0;
-+ if (x >= bmp->width)
-+ return 0;
- q = pixels + y * bmp->width + x;
- break;
- }
- default:
- { /* Absolute mode. */
- for (i = 0; i < count; i++)
-- { if (compression == 1)
-+ {
-+ if (q == end)
-+ return 0;
-+ if (compression == 1)
- { (*(q++)) = ReadBlobByte (src);
- }
- else
-@@ -943,7 +957,7 @@ static void DecodeImage (wmfAPI* API,wmf
- byte = ReadBlobByte (src); /* end of line */
- byte = ReadBlobByte (src);
-
-- return;
-+ return 1;
- }
-
- /*
-@@ -1143,8 +1157,18 @@ static void ReadBMPImage (wmfAPI* API,wm
- }
- }
- else
-- { /* Convert run-length encoded raster pixels. */
-- DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
-+ {
-+ if (bmp_info.bits_per_pixel == 8) /* Convert run-length encoded raster pixels. */
-+ {
-+ if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image))
-+ { WMF_ERROR (API,"corrupt bmp");
-+ API->err = wmf_E_BadFormat;
-+ }
-+ }
-+ else
-+ { WMF_ERROR (API,"Unexpected pixel depth");
-+ API->err = wmf_E_BadFormat;
-+ }
- }
-
- if (ERR (API))
diff --git a/srcpkgs/libwmf/patches/CVE-2016-9011.patch b/srcpkgs/libwmf/patches/CVE-2016-9011.patch
deleted file mode 100644
index 5955784c2d8..00000000000
--- a/srcpkgs/libwmf/patches/CVE-2016-9011.patch
+++ /dev/null
@@ -1,34 +0,0 @@
---- src/player.c
-+++ src/player.c
-@@ -140,7 +140,30 @@
- return (API->err);
- }
-
-- P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char));
-+ U32 nMaxRecordSize = (MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char);
-+ if (nMaxRecordSize)
-+ {
-+ //before allocating memory do a sanity check on size by seeking
-+ //to claimed end to see if its possible. We're constrained here
-+ //by the api and existing implementations to not simply seeking
-+ //to SEEK_END. So use what we have to skip to the last byte and
-+ //try and read it.
-+ const long nPos = WMF_TELL (API);
-+ WMF_SEEK (API, nPos + nMaxRecordSize - 1);
-+ if (ERR (API))
-+ { WMF_DEBUG (API,"bailing...");
-+ return (API->err);
-+ }
-+ int byte = WMF_READ (API);
-+ if (byte == (-1))
-+ { WMF_ERROR (API,"Unexpected EOF!");
-+ API->err = wmf_E_EOF;
-+ return (API->err);
-+ }
-+ WMF_SEEK (API, nPos);
-+ }
-+
-+ P->Parameters = (unsigned char*) wmf_malloc (API, nMaxRecordSize);
-
- if (ERR (API))
- { WMF_DEBUG (API,"bailing...");
diff --git a/srcpkgs/libwmf/patches/fix-gdk-pixbuf-loaders-location.patch b/srcpkgs/libwmf/patches/fix-gdk-pixbuf-loaders-location.patch
deleted file mode 100644
index 4b67ceaa8fd..00000000000
--- a/srcpkgs/libwmf/patches/fix-gdk-pixbuf-loaders-location.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Source: Debian https://sources.debian.org/src/libwmf/0.2.8.4-12/debian/patches/05_gdk-pixbuf-loader-dir.patch/
-Upstream: Unknown
-Reason: Install gdk-pixbuf-loader into correct location
-
---- configure.ac
-+++ configure.ac
-@@ -745,7 +745,7 @@ GDK_PIXBUF_DIR=""
- if test $LIBWMF_BUILDSTYLE != lite; then
- PKG_CHECK_MODULES(GDK_PIXBUF,gdk-pixbuf-2.0 >= 2.1.2,[
- GTK_VERSION=`$PKG_CONFIG --variable=gtk_binary_version gtk+-2.0`
-- GDK_PIXBUF_DIR="gtk-2.0/$GTK_VERSION/loaders"
-+ GDK_PIXBUF_DIR="gdk-pixbuf-2.0/$GTK_VERSION/loaders"
- wmf_gdk_pixbuf=yes
- ],[ wmf_gdk_pixbuf=no
- ])
diff --git a/srcpkgs/libwmf/template b/srcpkgs/libwmf/template
index 938d07c5e6b..75e10ce2ceb 100644
--- a/srcpkgs/libwmf/template
+++ b/srcpkgs/libwmf/template
@@ -1,26 +1,23 @@
# Template file for 'libwmf'
pkgname=libwmf
-version=0.2.8.4
-revision=18
+version=0.2.12
+revision=1
build_style=gnu-configure
configure_args="--with-freetype=${XBPS_CROSS_BASE}/usr
--with-gsfontdir=/usr/share/fonts/Type1
--with-fontdir=/usr/share/fonts/Type1 --disable-static
- --with-gsfontmap=/usr/share/ghostscript/8.15/lib/Fontmap.GS"
-hostmakedepends="automake libtool pkg-config gsfonts"
+ --with-gsfontmap=/usr/share/ghostscript/8.15/lib/Fontmap.GS
+ --with-expat=${XBPS_CROSS_BASE}/usr/include"
+hostmakedepends="pkg-config gsfonts"
makedepends="zlib-devel freetype-devel libjpeg-turbo-devel libpng-devel
expat-devel glib-devel gtk+-devel gd-devel gsfonts"
depends="gsfonts"
short_desc="Library for reading and converting WMF (Windows Meta Files)"
-maintainer="Orphaned <orphan@voidlinux.org>"
-homepage="http://wvware.sourceforge.net/libwmf.html"
-license="LGPL-2.1"
-distfiles="${SOURCEFORGE_SITE}/wvware/${pkgname}-${version}.tar.gz"
-checksum=5b345c69220545d003ad52bfd035d5d6f4f075e65204114a9e875e84895a7cf8
-
-pre_configure() {
- autoreconf -fi
-}
+maintainer="Nathan <ndowens@artixlinux.org>"
+license="LGPL-2.0-or-later"
+homepage="https://github.com/caolanm/libwmf"
+distfiles="https://github.com/caolanm/libwmf/archive/v${version}.tar.gz"
+checksum=464ff63605d7eaf61a4a12dbd420f7a41a4d854675d8caf37729f5bc744820e2
post_install() {
rm -rf ${DESTDIR}/usr/share/fonts
@@ -31,8 +28,8 @@ libwmf-devel_package() {
short_desc+=" - development files"
pkg_install() {
vmove usr/include
- vmove usr/share/doc
vmove usr/bin/libwmf-config
vmove "usr/lib/*.so"
+ vmove usr/lib/pkgconfig
}
}
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: libwmf: update to 0.2.12
2020-11-19 0:07 [PR PATCH] libwmf: update to 0.2.12 ndowens
@ 2020-11-19 0:29 ` ericonr
2020-11-19 0:48 ` ndowens
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: ericonr @ 2020-11-19 0:29 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 203 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/26498#issuecomment-730043734
Comment:
Have you checked that all patches made it to the new upstream?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: libwmf: update to 0.2.12
2020-11-19 0:07 [PR PATCH] libwmf: update to 0.2.12 ndowens
2020-11-19 0:29 ` ericonr
@ 2020-11-19 0:48 ` ndowens
2020-11-19 0:53 ` [PR REVIEW] " ndowens
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: ndowens @ 2020-11-19 0:48 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 291 bytes --]
New comment by ndowens on void-packages repository
https://github.com/void-linux/void-packages/pull/26498#issuecomment-730050317
Comment:
Went through comparing and the lines that were added in the patches are in the new version's file, the code is a little different. But it seems so IMO
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PR REVIEW] libwmf: update to 0.2.12
2020-11-19 0:07 [PR PATCH] libwmf: update to 0.2.12 ndowens
2020-11-19 0:29 ` ericonr
2020-11-19 0:48 ` ndowens
@ 2020-11-19 0:53 ` ndowens
2021-04-28 12:11 ` biopsin
2021-05-09 4:22 ` [PR PATCH] [Closed]: " ndowens
4 siblings, 0 replies; 6+ messages in thread
From: ndowens @ 2020-11-19 0:53 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 209 bytes --]
New review comment by ndowens on void-packages repository
https://github.com/void-linux/void-packages/pull/26498#discussion_r526520674
Comment:
This line was in new version, just the red area wasn't removed
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: libwmf: update to 0.2.12
2020-11-19 0:07 [PR PATCH] libwmf: update to 0.2.12 ndowens
` (2 preceding siblings ...)
2020-11-19 0:53 ` [PR REVIEW] " ndowens
@ 2021-04-28 12:11 ` biopsin
2021-05-09 4:22 ` [PR PATCH] [Closed]: " ndowens
4 siblings, 0 replies; 6+ messages in thread
From: biopsin @ 2021-04-28 12:11 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 164 bytes --]
New comment by biopsin on void-packages repository
https://github.com/void-linux/void-packages/pull/26498#issuecomment-828403040
Comment:
@ndowens Ping to rebase
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PR PATCH] [Closed]: libwmf: update to 0.2.12
2020-11-19 0:07 [PR PATCH] libwmf: update to 0.2.12 ndowens
` (3 preceding siblings ...)
2021-04-28 12:11 ` biopsin
@ 2021-05-09 4:22 ` ndowens
4 siblings, 0 replies; 6+ messages in thread
From: ndowens @ 2021-05-09 4:22 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 270 bytes --]
There's a closed pull request on the void-packages repository
libwmf: update to 0.2.12
https://github.com/void-linux/void-packages/pull/26498
Description:
Change source as original upstream is dead also adopt.
Tested with abiword with a wmf file and it worked fine
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-05-09 4:22 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-19 0:07 [PR PATCH] libwmf: update to 0.2.12 ndowens
2020-11-19 0:29 ` ericonr
2020-11-19 0:48 ` ndowens
2020-11-19 0:53 ` [PR REVIEW] " ndowens
2021-04-28 12:11 ` biopsin
2021-05-09 4:22 ` [PR PATCH] [Closed]: " ndowens
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).