diff options
| author |   Ryan Hill <dirtyepic@gentoo.org> | 2009-07-19 03:10:18 +0000 |
|---|---|---|
| committer | Ryan Hill <dirtyepic@gentoo.org> | 2009-07-19 03:10:18 +0000 |
| commit | 22d44baa06156773f0819dc3ef723fe39734039b (patch) | |
| tree | 8eb0c79d03e0414da8603606acc426eb0d923049 /x11-libs | |
| parent | Direct error messages from the wrappers to stderr as suggested by (diff) | |
| download | gentoo-2-22d44baa06156773f0819dc3ef723fe39734039b.tar.gz gentoo-2-22d44baa06156773f0819dc3ef723fe39734039b.tar.bz2 gentoo-2-22d44baa06156773f0819dc3ef723fe39734039b.zip | |
Patch added for CVE-2009-2369. Bug #277722.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'x11-libs')
| -rw-r--r-- | x11-libs/wxGTK/ChangeLog | 8 | ||||
| -rw-r--r-- | x11-libs/wxGTK/files/wxGTK-2.8.10.1-CVE-2009-2369.patch | 59 | ||||
| -rw-r--r-- | x11-libs/wxGTK/wxGTK-2.8.10.1-r1.ebuild | 159 |
3 files changed, 225 insertions, 1 deletions
diff --git a/x11-libs/wxGTK/ChangeLog b/x11-libs/wxGTK/ChangeLog index 4730214035d8..c37d32e69e94 100644 --- a/x11-libs/wxGTK/ChangeLog +++ b/x11-libs/wxGTK/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for x11-libs/wxGTK # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/x11-libs/wxGTK/ChangeLog,v 1.222 2009/05/18 03:15:29 dirtyepic Exp $ +# $Header: /var/cvsroot/gentoo-x86/x11-libs/wxGTK/ChangeLog,v 1.223 2009/07/19 03:10:18 dirtyepic Exp $ + +*wxGTK-2.8.10.1-r1 (19 Jul 2009) + + 19 Jul 2009; Ryan Hill <dirtyepic@gentoo.org> +wxGTK-2.8.10.1-r1.ebuild, + +files/wxGTK-2.8.10.1-CVE-2009-2369.patch: + Patch added for CVE-2009-2369. Bug #277722. *wxGTK-2.8.10.1 (18 May 2009) diff --git a/x11-libs/wxGTK/files/wxGTK-2.8.10.1-CVE-2009-2369.patch b/x11-libs/wxGTK/files/wxGTK-2.8.10.1-CVE-2009-2369.patch new file mode 100644 index 000000000000..42392c8bb3d4 --- /dev/null +++ b/x11-libs/wxGTK/files/wxGTK-2.8.10.1-CVE-2009-2369.patch @@ -0,0 +1,59 @@ +diff -Naurp wxPython-src-2.8.10.1-orig/src/common/imagpng.cpp wxPython-src-2.8.10.1/src/common/imagpng.cpp +--- wxPython-src-2.8.10.1-orig/src/common/imagpng.cpp 2008-05-11 22:26:45.000000000 -0600 ++++ wxPython-src-2.8.10.1/src/common/imagpng.cpp 2009-07-18 19:54:13.128547627 -0600 +@@ -568,18 +568,16 @@ wxPNGHandler::LoadFile(wxImage *image, + if (!image->Ok()) + goto error; + +- lines = (unsigned char **)malloc( (size_t)(height * sizeof(unsigned char *)) ); ++ // initialize all line pointers to NULL to ensure that they can be safely ++ // free()d if an error occurs before all of them could be allocated ++ lines = (unsigned char **)calloc(height, sizeof(unsigned char *)); + if ( !lines ) + goto error; + + for (i = 0; i < height; i++) + { + if ((lines[i] = (unsigned char *)malloc( (size_t)(width * (sizeof(unsigned char) * 4)))) == NULL) +- { +- for ( unsigned int n = 0; n < i; n++ ) +- free( lines[n] ); + goto error; +- } + } + + png_read_image( png_ptr, lines ); +diff -Naurp wxPython-src-2.8.10.1-orig/src/common/imagtiff.cpp wxPython-src-2.8.10.1/src/common/imagtiff.cpp +--- wxPython-src-2.8.10.1-orig/src/common/imagtiff.cpp 2007-09-21 14:27:05.000000000 -0600 ++++ wxPython-src-2.8.10.1/src/common/imagtiff.cpp 2009-07-18 19:54:35.801832862 -0600 +@@ -261,7 +261,6 @@ bool wxTIFFHandler::LoadFile( wxImage *i + } + + uint32 w, h; +- uint32 npixels; + uint32 *raster; + + TIFFGetField( tif, TIFFTAG_IMAGEWIDTH, &w ); +@@ -275,9 +274,20 @@ bool wxTIFFHandler::LoadFile( wxImage *i + (samplesInfo[0] == EXTRASAMPLE_ASSOCALPHA || + samplesInfo[0] == EXTRASAMPLE_UNASSALPHA)); + +- npixels = w * h; ++ // guard against integer overflow during multiplication which could result ++ // in allocating a too small buffer and then overflowing it ++ const double bytesNeeded = (double)w * (double)h * sizeof(uint32); ++ if ( bytesNeeded >= 4294967295U /* UINT32_MAX */ ) ++ { ++ if ( verbose ) ++ wxLogError( _("TIFF: Image size is abnormally big.") ); ++ ++ TIFFClose(tif); ++ ++ return false; ++ } + +- raster = (uint32*) _TIFFmalloc( npixels * sizeof(uint32) ); ++ raster = (uint32*) _TIFFmalloc( bytesNeeded ); + + if (!raster) + { diff --git a/x11-libs/wxGTK/wxGTK-2.8.10.1-r1.ebuild b/x11-libs/wxGTK/wxGTK-2.8.10.1-r1.ebuild new file mode 100644 index 000000000000..8c26cb9d5f95 --- /dev/null +++ b/x11-libs/wxGTK/wxGTK-2.8.10.1-r1.ebuild @@ -0,0 +1,159 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/x11-libs/wxGTK/wxGTK-2.8.10.1-r1.ebuild,v 1.1 2009/07/19 03:10:18 dirtyepic Exp $ + +EAPI="2" + +inherit eutils versionator flag-o-matic + +DESCRIPTION="GTK+ version of wxWidgets, a cross-platform C++ GUI toolkit." +HOMEPAGE="http://wxwidgets.org/" + +BASE_PV="$(get_version_component_range 1-3)" +BASE_P="${PN}-${BASE_PV}" + +# we use the wxPython tarballs because they include the full wxGTK sources and +# docs, and are released more frequently than wxGTK. +SRC_URI="mirror://sourceforge/wxpython/wxPython-src-${PV}.tar.bz2" + +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="X doc debug gnome gstreamer odbc opengl pch sdl" + +RDEPEND=" + dev-libs/expat + odbc? ( dev-db/unixODBC ) + sdl? ( media-libs/libsdl ) + X? ( + >=x11-libs/gtk+-2.4 + >=dev-libs/glib-2.4 + media-libs/jpeg + media-libs/tiff + x11-libs/libSM + x11-libs/libXinerama + x11-libs/libXxf86vm + gnome? ( gnome-base/libgnomeprintui ) + gstreamer? ( + >=gnome-base/gconf-2.0 + >=media-libs/gstreamer-0.10 ) + opengl? ( virtual/opengl ) + )" + +DEPEND="${RDEPEND} + dev-util/pkgconfig + X? ( + x11-proto/xproto + x11-proto/xineramaproto + x11-proto/xf86vidmodeproto + )" + +PDEPEND=">=app-admin/eselect-wxwidgets-0.7" + +SLOT="2.8" +LICENSE="wxWinLL-3 + GPL-2 + odbc? ( LGPL-2 ) + doc? ( wxWinFDL-3 )" + +S="${WORKDIR}/wxPython-src-${PV}" + +src_prepare() { + cd "${S}" + epatch "${FILESDIR}"/${PN}-2.6.3-unicode-odbc.patch + epatch "${FILESDIR}"/${PN}-2.8.10-collision.patch + epatch "${FILESDIR}"/${PN}-2.8.7-mmedia.patch # Bug #174874 + # this version only: + epatch "${FILESDIR}"/${P}-CVE-2009-2369.patch # Bug #277722 +} + +src_configure() { + local myconf + + append-flags -fno-strict-aliasing + + # X independent options + myconf="--enable-compat26 + --enable-shared + --enable-unicode + --with-regex=builtin + --with-zlib=sys + --with-expat=sys + $(use_enable debug) + $(use_enable pch precomp-headers) + $(use_with sdl)" + + use odbc \ + && myconf="${myconf} --with-odbc=sys" \ + || myconf="${myconf} $(use_with odbc)" + + # wxGTK options + # --enable-graphics_ctx - needed for webkit, editra + # --without-gnomevfs - bug #203389 + + use X && \ + myconf="${myconf} + --enable-graphics_ctx + --enable-gui + --with-libpng=sys + --with-libxpm=sys + --with-libjpeg=sys + --with-libtiff=sys + $(use_enable gstreamer mediactrl) + $(use_enable opengl) + $(use_with opengl) + $(use_with gnome gnomeprint) + --without-gnomevfs" + + # wxBase options + use X || \ + myconf="${myconf} + --disable-gui" + + mkdir "${S}"/wxgtk_build + cd "${S}"/wxgtk_build + + ECONF_SOURCE="${S}" econf ${myconf} || die "configure failed." +} + +src_compile() { + cd "${S}"/wxgtk_build + + emake || die "make failed." + + if [[ -d contrib/src ]]; then + cd contrib/src + emake || die "make contrib failed." + fi +} + +src_install() { + cd "${S}"/wxgtk_build + + emake DESTDIR="${D}" install || die "install failed." + + if [[ -d contrib/src ]]; then + cd contrib/src + emake DESTDIR="${D}" install || die "install contrib failed." + fi + + cd "${S}"/docs + dodoc changes.txt readme.txt todo30.txt + newdoc base/readme.txt base_readme.txt + newdoc gtk/readme.txt gtk_readme.txt + + if use doc; then + dohtml -r "${S}"/docs/html/* + fi + + # We don't want this + rm "${D}"usr/share/locale/it/LC_MESSAGES/wxmsw.mo +} + +pkg_postinst() { + has_version app-admin/eselect-wxwidgets \ + && eselect wxwidgets update +} + +pkg_postrm() { + has_version app-admin/eselect-wxwidgets \ + && eselect wxwidgets update +} |