Commit e7899278 authored by Rasmus Thomsen's avatar Rasmus Thomsen Committed by Natanael Copa

main/gdk-pixbuf: upgrade to 2.38.1

parent a0020da8
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gdk-pixbuf
pkgver=2.36.11
pkgrel=2
pkgver=2.38.1
pkgrel=0
pkgdesc="GTK+ image loading library"
url="https://www.gtk.org/"
url="https://wiki.gnome.org/Projects/GdkPixbuf"
arch="all"
license="LGPL-2.0+"
license="LGPL-2.0-or-later"
depends="shared-mime-info"
depends_dev=""
makedepends="$depends_dev tiff-dev libjpeg-turbo-dev gobject-introspection-dev
libpng-dev glib-dev"
depends_dev="shared-mime-info"
makedepends="tiff-dev libjpeg-turbo-dev gobject-introspection-dev
libpng-dev glib-dev meson"
install="$pkgname.pre-deinstall"
triggers="$pkgname.trigger=/usr/lib/gdk-pixbuf-2.0/*/loaders"
subpackages="$pkgname-dev $pkgname-doc $pkgname-lang $pkgname-dbg"
source="https://download.gnome.org/sources/gdk-pixbuf/${pkgver%.*}/gdk-pixbuf-$pkgver.tar.xz
CVE-2017-6312.patch
CVE-2017-6314.patch
"
source="https://download.gnome.org/sources/gdk-pixbuf/${pkgver%.*}/gdk-pixbuf-$pkgver.tar.xz"
replaces="gtk+"
# secfixes:
......@@ -27,28 +24,31 @@ replaces="gtk+"
build() {
cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
meson \
--prefix=/usr \
--sysconfdir=/etc \
--with-x11 \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--with-libjpeg \
--with-libtiff \
--enable-introspection
make
-Dinstalled_tests=false \
output .
ninja -C output
}
check() {
cd "$builddir"
make check
# pixbuf-area-updated takes over 50 minutes to run on Drone
case $CARCH in
armhf)
if test $DRONE; then
sed -i '/pixbuf-area-updated/d' tests/meson.build
fi
;;
esac
meson test -C output
}
package() {
cd "$builddir"
make DESTDIR="$pkgdir" install
DESTDIR="$pkgdir" ninja -C output install
}
doc() {
......@@ -61,6 +61,4 @@ dev() {
default_dev
}
sha512sums="231e13ef2339fc6953788e8597a0c455143273338793ed835dac6ccf42e26e0292dec4121a4976b859ba8ffaa81b3ca5b250b54bd4897dbd3146a1874a59d4e3 gdk-pixbuf-2.36.11.tar.xz
3b67e10ae02ecfdb541c427f811541e2cd0cfc3f048b1e4b119767b7f8f3a02de8a9c7302c21d23de1ea886f994d4dcdb687580c970d7d49eba80f17075ff0de CVE-2017-6312.patch
2ea67f0716234de017f7e8c628d544b40513f23689d70e5e5e2621affabce40ae733d399f64d2641616c114ac7f3fa22396e68142656dbb10993d70181ff5a50 CVE-2017-6314.patch"
sha512sums="e50badaad2ccb3c816ba0849be386ecb75ea3c7df203d0b0144541c463ad1ace86c0d190b7550e3f59f0cba9639acc5cc048b7127484287894e4df6d62777920 gdk-pixbuf-2.38.1.tar.xz"
--- a/gdk-pixbuf/io-ico.c
+++ a/gdk-pixbuf/io-ico.c
@@ -330,10 +330,8 @@ static void DecodeHeader(guchar *Data, gint Bytes,
return;
}
- /* We know how many bytes are in the "header" part. */
- State->HeaderSize = entry->DIBoffset + INFOHEADER_SIZE;
-
- if (State->HeaderSize < 0) {
+ /* Avoid invoking undefined behavior in the State->HeaderSize calculation below */
+ if (entry->DIBoffset > G_MAXINT - INFOHEADER_SIZE) {
g_set_error (error,
GDK_PIXBUF_ERROR,
GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
@@ -341,6 +339,9 @@ static void DecodeHeader(guchar *Data, gint Bytes,
return;
}
+ /* We know how many bytes are in the "header" part. */
+ State->HeaderSize = entry->DIBoffset + INFOHEADER_SIZE;
+
if (State->HeaderSize>State->BytesInHeaderBuf) {
guchar *tmp=g_try_realloc(State->HeaderBuf,State->HeaderSize);
if (!tmp) {
--- gdk-pixbuf-2.30.8/gdk-pixbuf/io-tiff.c
+++ gdk-pixbuf-2.30.8/gdk-pixbuf/io-tiff.c
@@ -458,9 +458,12 @@ make_available_at_least (TiffContext *co
need_alloc = context->used + needed;
if (need_alloc > context->allocated) {
guint new_size = 1;
- while (new_size < need_alloc)
+ while (new_size && (new_size < need_alloc))
new_size *= 2;
+ if(!(new_size))
+ return FALSE;
+
new_buffer = g_try_realloc (context->buffer, new_size);
if (new_buffer) {
context->buffer = new_buffer;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment