[oe-commits] Koen Kooi : libwmf: add 0.2.8.4

git at git.openembedded.org git at git.openembedded.org
Mon Nov 21 11:10:58 UTC 2011 

Module: meta-openembedded.git
Branch: master
Commit: fdbc6ae58b2bddb2ba7bac1cad61c8526a702cc2
URL:    http://git.openembedded.org/?p=meta-openembedded.git&a=commit;h=fdbc6ae58b2bddb2ba7bac1cad61c8526a702cc2

Author: Koen Kooi <koen at dominion.thruhere.net>
Date:   Mon Nov 21 11:43:19 2011 +0100

libwmf: add 0.2.8.4

Signed-off-by: Koen Kooi <koen at dominion.thruhere.net>

---

 .../libwmf/libwmf/libwmf-0.2.8.4-intoverflow.patch |   31 ++++++++++++++++++++
 .../libwmf/libwmf-0.2.8.4-useafterfree.patch       |   14 +++++++++
 meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb  |   24 +++++++++++++++
 3 files changed, 69 insertions(+), 0 deletions(-)

diff --git a/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-intoverflow.patch b/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-intoverflow.patch
new file mode 100644
index 0000000..50d915c
--- /dev/null
+++ b/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-intoverflow.patch
@@ -0,0 +1,31 @@
+http://cvs.fedoraproject.org/viewvc/devel/libwmf/libwmf-0.2.8.4-intoverflow.patch?view=log
+
+CVE-2006-3376 libwmf integer overflow
+
+--- libwmf-0.2.8.4.orig/src/player.c	2002-12-10 19:30:26.000000000 +0000
++++ libwmf-0.2.8.4/src/player.c	2006-07-12 15:12:52.000000000 +0100
+@@ -42,6 +42,7 @@
+ #include "player/defaults.h" /* Provides: default settings               */
+ #include "player/record.h"   /* Provides: parameter mechanism            */
+ #include "player/meta.h"     /* Provides: record interpreters            */
++#include <stdint.h>
+ 
+ /**
+  * @internal
+@@ -132,8 +134,14 @@
+ 		}
+ 	}
+ 
+-/*	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
+- */	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
++	if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
++	{
++		API->err = wmf_E_InsMem;
++		WMF_DEBUG (API,"bailing...");
++		return (API->err);
++	}
++	
++ 	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
+ 
+ 	if (ERR (API))
+ 	{	WMF_DEBUG (API,"bailing...");
diff --git a/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-useafterfree.patch b/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-useafterfree.patch
new file mode 100644
index 0000000..4d2d285
--- /dev/null
+++ b/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-useafterfree.patch
@@ -0,0 +1,14 @@
+
+http://cvs.fedoraproject.org/viewvc/devel/libwmf/libwmf-0.2.8.4-useafterfree.patch?view=log
+Resolves: CVE-2009-1364
+
+--- libwmf-0.2.8.4/src/extra/gd/gd_clip.c.CVE-2009-1364-im-clip-list	2009-04-24 04:06:44.000000000 -0400
++++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c	2009-04-24 04:08:30.000000000 -0400
+@@ -70,6 +70,7 @@ void gdClipSetAdd(gdImagePtr im,gdClipRe
+ 	{	more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle));
+ 		if (more == 0) return;
+ 		im->clip->max += 8;
++                im->clip->list = more;
+ 	}
+ 	im->clip->list[im->clip->count] = (*rect);
+ 	im->clip->count++;
diff --git a/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb b/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
new file mode 100644
index 0000000..1e05da4
--- /dev/null
+++ b/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
@@ -0,0 +1,24 @@
+DESCRIPTION = "Library for converting WMF files"
+HOMEPAGE = "http://wvware.sourceforge.net/libwmf.html"
+SECTION = "libs"
+
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
+
+DEPENDS_virtclass-native = "libpng jpeg"
+DEPENDS = "libpng jpeg expat gtk+"
+
+BBCLASSEXTEND = "native"
+
+inherit autotools
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/wvware/${PN}/${PV}/${P}.tar.gz;name=tarball \
+           file://libwmf-0.2.8.4-intoverflow.patch                   \
+           file://libwmf-0.2.8.4-useafterfree.patch"
+SRC_URI[tarball.md5sum] = "d1177739bf1ceb07f57421f0cee191e0"
+SRC_URI[tarball.sha256sum] = "5b345c69220545d003ad52bfd035d5d6f4f075e65204114a9e875e84895a7cf8"
+
+FILES_${PN}-dbg += "${libdir}/gtk-2.0/2.10.0/loaders/.debug"
+FILES_${PN}-dev += "${libdir}/gtk-2.0/2.10.0/loaders/*.la ${libdir}/gtk-2.0/2.10.0/loaders/*.a"
+FILES_${PN} += "${libdir}/gtk-2.0/2.10.0/loaders/*.so"
+

More information about the Openembedded-commits mailing list