From f025b838e67c696a3de58d6d7d1b4981cb2ffe43 Mon Sep 17 00:00:00 2001
From: Dirk Meyer <dinoex@FreeBSD.org>
Date: Sat, 20 Sep 2008 07:33:20 +0000
Subject: - add Security patches - fix missign macro in manpages - add
 regression test Security: CVE-2006-2193 Security: CVE-2006-2327 Security:
 CVE-2006-2656 Security: CVE-2006-3459 Security: CVE-2006-3460 Security:
 CVE-2006-3461 Security: CVE-2006-3462 Security: CVE-2006-3463 Security:
 CVE-2006-3464 Security: CVE-2006-3465 Security: CVE-2008-2327 PR:	
 127434 Submitted by:	<bf2006a@yahoo.com> Obtained From:	Gentoo,Debian
 Approved by:	portmgr (marcus)

---
 graphics/tiff/files/patch-tiffsplit.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 graphics/tiff/files/patch-tiffsplit.c

(limited to 'graphics/tiff/files/patch-tiffsplit.c')

diff --git a/graphics/tiff/files/patch-tiffsplit.c b/graphics/tiff/files/patch-tiffsplit.c
new file mode 100644
index 000000000000..ea75a024ce85
--- /dev/null
+++ b/graphics/tiff/files/patch-tiffsplit.c
@@ -0,0 +1,21 @@
+CVE-2006-2656
+===================================================================
+--- tools/tiffsplit.c.orig	2008-08-17 13:03:49.014994263 -0400
++++ tools/tiffsplit.c	2008-08-17 13:03:52.726994578 -0400
+@@ -61,14 +61,13 @@
+ 		return (-3);
+ 	}
+ 	if (argc > 2)
+-		strcpy(fname, argv[2]);
++		snprintf(fname, sizeof(fname), "%s", argv[2]);
+ 	in = TIFFOpen(argv[1], "r");
+ 	if (in != NULL) {
+ 		do {
+ 			char path[1024+1];
+ 			newfilename();
+-			strcpy(path, fname);
+-			strcat(path, ".tif");
++			snprintf(path, sizeof(path), "%s.tif", fname);
+ 			out = TIFFOpen(path, TIFFIsBigEndian(in)?"wb":"wl");
+ 			if (out == NULL)
+ 				return (-2);
-- 
cgit v1.2.3