- add Security patches

- fix missign macro in manpages - add regression test Security: CVE-2006-2193 Security: CVE-2006-2327 Security: CVE-2006-2656 Security: CVE-2006-3459 Security: CVE-2006-3460 Security: CVE-2006-3461 Security: CVE-2006-3462 Security: CVE-2006-3463 Security: CVE-2006-3464 Security: CVE-2006-3465 Security: CVE-2008-2327 PR: 127434 Submitted by: <bf2006a@yahoo.com> Obtained From: Gentoo,Debian Approved by: portmgr (marcus)
author: Dirk Meyer <dinoex@FreeBSD.org> 2008-09-20 07:33:20 +0000
committer: Dirk Meyer <dinoex@FreeBSD.org> 2008-09-20 07:33:20 +0000
commit: f025b838e67c696a3de58d6d7d1b4981cb2ffe43 (patch)
tree: a3d4c336b5bc71be7bf030c374a5d83663476eb6 /graphics/tiff/files/patch-tif_lzw.c
parent: - Update to 2.2.6 (diff)
1 files changed, 60 insertions, 0 deletions
diff --git a/graphics/tiff/files/patch-tif_lzw.c b/graphics/tiff/files/patch-tif_lzw.c
new file mode 100644
index 000000000000..e4a36858b4d0
--- /dev/null
+++ b/graphics/tiff/files/patch-tif_lzw.c
@@ -0,0 +1,60 @@
+CVE-2008-2327
+===================================================================
+--- libtiff/tif_lzw.c.orig	2008-08-17 13:03:49.090994393 -0400
++++ libtiff/tif_lzw.c	2008-08-17 13:03:52.354994400 -0400
+@@ -237,6 +237,13 @@
+                     sp->dec_codetab[code].length = 1;
+                     sp->dec_codetab[code].next = NULL;
+                 } while (code--);
++                /*
++                 * Zero-out the unused entries
++                 */
++                 _TIFFmemset(&sp->dec_codetab[CODE_CLEAR], 0,
++                 (CODE_FIRST-CODE_CLEAR)*sizeof (code_t));
++
++
+ 	}
+ 	return (1);
+ }
+@@ -408,12 +415,20 @@
+ 			break;
+ 		if (code == CODE_CLEAR) {
+ 			free_entp = sp->dec_codetab + CODE_FIRST;
++			 _TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t));
+ 			nbits = BITS_MIN;
+ 			nbitsmask = MAXCODE(BITS_MIN);
+ 			maxcodep = sp->dec_codetab + nbitsmask-1;
+ 			NextCode(tif, sp, bp, code, GetNextCode);
+ 			if (code == CODE_EOI)
+ 				break;
++			 if (code == CODE_CLEAR) {
++				 TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
++				 "LZWDecode: Corrupted LZW table at scanline %d",
++				 tif->tif_row);
++				 return (0);
++			 }
++
+ 			*op++ = (char)code, occ--;
+ 			oldcodep = sp->dec_codetab + code;
+ 			continue;
+@@ -604,12 +619,20 @@
+ 			break;
+ 		if (code == CODE_CLEAR) {
+ 			free_entp = sp->dec_codetab + CODE_FIRST;
++			 _TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t));
+ 			nbits = BITS_MIN;
+ 			nbitsmask = MAXCODE(BITS_MIN);
+ 			maxcodep = sp->dec_codetab + nbitsmask;
+ 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
+ 			if (code == CODE_EOI)
+ 				break;
++			 if (code == CODE_CLEAR) {
++				 TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
++				 "LZWDecode: Corrupted LZW table at scanline %d",
++				 tif->tif_row);
++				 return (0);
++			 }
++
+ 			*op++ = code, occ--;
+ 			oldcodep = sp->dec_codetab + code;
+ 			continue;
author	Dirk Meyer <dinoex@FreeBSD.org>	2008-09-20 07:33:20 +0000
committer	Dirk Meyer <dinoex@FreeBSD.org>	2008-09-20 07:33:20 +0000
commit	f025b838e67c696a3de58d6d7d1b4981cb2ffe43 (patch)
tree	a3d4c336b5bc71be7bf030c374a5d83663476eb6 /graphics/tiff/files/patch-tif_lzw.c
parent	- Update to 2.2.6 (diff)