diff options
author | root | 2006-06-15 22:35:14 -0500 |
---|---|---|
committer | root | 2006-06-15 22:35:14 -0500 |
commit | 2f2c0d253a5b549a1cc1efe4e40ef3f86a467704 (patch) | |
tree | 918bc61838cac70fc73cdc1af0868523eebcc148 | |
parent | a5baa34bbd8c8910ab4130ef6e7babba36d318f1 (diff) |
x11/xloadimage/: 2006/06/15 sync stable from p4
-rwxr-xr-x | x11/xloadimage/BUILD | 5 | ||||
-rwxr-xr-x | x11/xloadimage/DETAILS | 5 | ||||
-rw-r--r-- | x11/xloadimage/HISTORY | 10 | ||||
-rwxr-xr-x | x11/xloadimage/PRE_BUILD | 8 | ||||
-rw-r--r-- | x11/xloadimage/security-sprintf.patch | 111 | ||||
-rw-r--r-- | x11/xloadimage/xloadimage-4.1-zio-shell-meta-char.diff | 36 |
6 files changed, 168 insertions, 7 deletions
diff --git a/x11/xloadimage/BUILD b/x11/xloadimage/BUILD index 063bd53425..0dc601340e 100755 --- a/x11/xloadimage/BUILD +++ b/x11/xloadimage/BUILD @@ -1,8 +1,3 @@ -patch -p1 < $SCRIPT_DIRECTORY/xloadimage.4.1-linux.patch && -patch -p1 < $SCRIPT_DIRECTORY/xloadimage.4.1-nobr.patch && -patch -p1 < $SCRIPT_DIRECTORY/xloadimage-unaligned.patch && -patch -p1 < $SCRIPT_DIRECTORY/xloadimage-4.1-buffer.patch && - #gcc3.3 needs this for i in $(grep -rl varargs.h .) do sedit "s/varargs.h/stdarg.h/g" $i diff --git a/x11/xloadimage/DETAILS b/x11/xloadimage/DETAILS index 7a459395bf..7a067d082c 100755 --- a/x11/xloadimage/DETAILS +++ b/x11/xloadimage/DETAILS @@ -3,12 +3,13 @@ SOURCE=$SPELL.$VERSION.tar.gz SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL.$VERSION SOURCE_URL[0]=ftp://ftp.x.org/R5contrib/$SOURCE - MD5[0]=bb508af740153c61bfab4c03b22d3454 + SOURCE_HASH=sha512:2c91699c8ef07c101ff9b458708ace01cab2979a5e88cf8a4e47ec971f7b4cb5571108afa3e53271ade4e8ccfdcf72ef9e2e09edfc0be6b8afaba50847aa0586 WEB_SITE=http://gopher.std.com/homepages/jimf/xloadimage.html ENTERED=20030221 - UPDATED=20030221 + UPDATED=20051106 LICENSE=XLOADIMAGE BUILD_API=2 + KEYWORDS="x11" SHORT="X11 Image Loading Utility" cat << EOF Xloadimage is a utility which will view many different types of images under X11, load images onto the root window, or dump processed images into one of several image file formats. diff --git a/x11/xloadimage/HISTORY b/x11/xloadimage/HISTORY index e9467577c2..c632f1dc30 100644 --- a/x11/xloadimage/HISTORY +++ b/x11/xloadimage/HISTORY @@ -1,3 +1,13 @@ +2006-03-12 Karsten Behrmann <BearPerson@sourcemage.org> + * DETAILS: (automated) Add KEYWORDS + +2005-11-29 Seth Woolley <seth@tautology.org> + * DETAILS: MD5 -> SHA512 + +2005-11-06 Thomas Houssin <Thomas.Houssin@sourcemage.org> + * DETAILS: updated UPDATED + * xloadimage-4.1-zio-shell-meta-char.diff, security-sprintf.patch: added security fixes + 2005-01-23 Arwed v. Merkatz <v.merkatz@gmx.net> * BUILD: fix the sedit call, fixes bug #7708 * BUILD, INSTALL: converted to BUILD_API 2 diff --git a/x11/xloadimage/PRE_BUILD b/x11/xloadimage/PRE_BUILD new file mode 100755 index 0000000000..9583acfc06 --- /dev/null +++ b/x11/xloadimage/PRE_BUILD @@ -0,0 +1,8 @@ +default_pre_build && +patch -d ${SOURCE_DIRECTORY} -p1 < $SCRIPT_DIRECTORY/xloadimage.4.1-linux.patch && +patch -d ${SOURCE_DIRECTORY} -p1 < $SCRIPT_DIRECTORY/xloadimage.4.1-nobr.patch && +patch -d ${SOURCE_DIRECTORY} -p1 < $SCRIPT_DIRECTORY/xloadimage-unaligned.patch && +patch -d ${SOURCE_DIRECTORY} -p1 < $SCRIPT_DIRECTORY/xloadimage-4.1-buffer.patch && +patch -d ${SOURCE_DIRECTORY} -p1 < $SCRIPT_DIRECTORY/xloadimage-4.1-zio-shell-meta-char.diff && +patch -d ${SOURCE_DIRECTORY} -p1 < $SCRIPT_DIRECTORY/security-sprintf.patch + diff --git a/x11/xloadimage/security-sprintf.patch b/x11/xloadimage/security-sprintf.patch new file mode 100644 index 0000000000..b29cc145a2 --- /dev/null +++ b/x11/xloadimage/security-sprintf.patch @@ -0,0 +1,111 @@ +diff -urNad --exclude=CVS --exclude=.svn ./mcidas.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/mcidas.c +--- ./mcidas.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/mcidas.c 2005-10-08 04:15:19.000000000 +0100 +@@ -63,7 +63,7 @@ + minute = (time % 10000) / 100; + second = (time % 100); + +- sprintf(buf, "%d:%2.2d:%2.2d %s %d, %d (day %d)", ++ snprintf(buf, 29, "%d:%2.2d:%2.2d %s %d, %d (day %d)", + hour, minute, second, month_info[month].name, day, year, + (date % 1000)); + return(buf); +diff -urNad --exclude=CVS --exclude=.svn ./reduce.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/reduce.c +--- ./reduce.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/reduce.c 2005-10-08 04:15:19.000000000 +0100 +@@ -501,7 +501,7 @@ + + depth= colorsToDepth(n); + new_image= newRGBImage(image->width, image->height, depth); +- sprintf(buf, "%s (%d colors)", image->title, n); ++ snprintf(buf, BUFSIZ - 1, "%s (%d colors)", image->title, n); + new_image->title= dupString(buf); + + /* calculate RGB table from each color area. this should really calculate +diff -urNad --exclude=CVS --exclude=.svn ./rotate.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/rotate.c +--- ./rotate.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/rotate.c 2005-10-08 04:15:19.000000000 +0100 +@@ -70,7 +70,7 @@ + { printf(" Rotating image by %d degrees...", degrees); + fflush(stdout); + } +- sprintf(buf, "%s (rotated by %d degrees)", simage->title, degrees); ++ snprintf(buf, BUFSIZ - 1, "%s (rotated by %d degrees)", simage->title, degrees); + + image1 = simage; + image2 = NULL; +diff -urNad --exclude=CVS --exclude=.svn ./tiff.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/tiff.c +--- ./tiff.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/tiff.c 2005-10-08 04:15:19.000000000 +0100 +@@ -125,14 +125,14 @@ + switch (info->photometric) { + case PHOTOMETRIC_MINISBLACK: + if (info->bitspersample > 1) { +- sprintf(buf, "%d-bit greyscale ", info->bitspersample); ++ snprintf(buf, 31, "%d-bit greyscale ", info->bitspersample); + return(buf); + } + else + return "white-on-black "; + case PHOTOMETRIC_MINISWHITE: + if (info->bitspersample > 1) { +- sprintf(buf, "%d-bit greyscale ", info->bitspersample); ++ snprintf(buf, 31, "%d-bit greyscale ", info->bitspersample); + return(buf); + } + else +diff -urNad --exclude=CVS --exclude=.svn ./window.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/window.c +--- ./window.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/window.c 2005-10-08 04:15:19.000000000 +0100 +@@ -602,7 +602,7 @@ + else { + char def_geom[30]; + +- sprintf(def_geom, "%ux%u+0+0", image->width, image->height); ++ snprintf(def_geom, 29, "%ux%u+0+0", image->width, image->height); + XGeometry(disp, scrn, opt->info.geometry.string, def_geom, 0, 1, 1, 0, 0, + (int *)&winx, (int *)&winy, (int *)&winwidth, (int *)&winheight); + } +diff -urNad --exclude=CVS --exclude=.svn ./zio.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/zio.c +--- ./zio.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/zio.c 2005-10-08 04:15:28.000000000 +0100 +@@ -232,7 +232,7 @@ + strcpy (s, "'"); + debug(("Filtering image through '%s'\n", filter->filter)); + zf->type= ZPIPE; +- sprintf(buf, "%s %s", filter->filter, fname); ++ snprintf(buf, BUFSIZ - 1, "%s %s", filter->filter, fname); + lfree (fname); + if (! (zf->stream= popen(buf, "r"))) { + lfree((byte *)zf->filename); +diff -urNad --exclude=CVS --exclude=.svn ./zoom.c /tmp/dpep-work.5qsW5w/xloadimage-4.1/zoom.c +--- ./zoom.c 2005-10-08 04:15:18.000000000 +0100 ++++ /tmp/dpep-work.5qsW5w/xloadimage-4.1/zoom.c 2005-10-08 04:15:19.000000000 +0100 +@@ -63,23 +63,23 @@ + if (!xzoom) { + if (verbose) + printf(" Zooming image Y axis by %d%%...", yzoom); +- sprintf(buf, "%s (Y zoom %d%%)", oimage->title, yzoom); ++ snprintf(buf, BUFSIZ - 1, "%s (Y zoom %d%%)", oimage->title, yzoom); + } + else if (!yzoom) { + if (verbose) + printf(" Zooming image X axis by %d%%...", xzoom); +- sprintf(buf, "%s (X zoom %d%%)", oimage->title, xzoom); ++ snprintf(buf, BUFSIZ - 1, "%s (X zoom %d%%)", oimage->title, xzoom); + } + else if (xzoom == yzoom) { + if (verbose) + printf(" Zooming image by %d%%...", xzoom); +- sprintf(buf, "%s (%d%% zoom)", oimage->title, xzoom); ++ snprintf(buf, BUFSIZ - 1, "%s (%d%% zoom)", oimage->title, xzoom); + } + else { + if (verbose) + printf(" Zooming image X axis by %d%% and Y axis by %d%%...", + xzoom, yzoom); +- sprintf(buf, "%s (X zoom %d%% Y zoom %d%%)", oimage->title, ++ snprintf(buf, BUFSIZ - 1, "%s (X zoom %d%% Y zoom %d%%)", oimage->title, + xzoom, yzoom); + } + if (verbose) diff --git a/x11/xloadimage/xloadimage-4.1-zio-shell-meta-char.diff b/x11/xloadimage/xloadimage-4.1-zio-shell-meta-char.diff new file mode 100644 index 0000000000..730504fb43 --- /dev/null +++ b/x11/xloadimage/xloadimage-4.1-zio-shell-meta-char.diff @@ -0,0 +1,36 @@ +--- xloadimage.4.1/zio.c 1993-10-28 17:10:02.000000000 +0000 ++++ xloadimage.4.1/zio.c 2005-02-28 15:32:05.895470680 +0000 +@@ -210,9 +211,30 @@ + if ((strlen(name) > strlen(filter->extension)) && + !strcmp(filter->extension, + name + (strlen(name) - strlen(filter->extension)))) { +- debug(("Filtering image through '%s'\n", filter->filter)); +- zf->type= ZPIPE; +- sprintf(buf, "%s %s", filter->filter, name); ++ char *fname, *t, *s; ++ ++ /* meta-char protection from xli. ++ * ++ * protect in single quotes, replacing single quotes ++ * with '"'"', so worst-case expansion is 5x ++ */ ++ ++ s = fname = (char *) lmalloc(1 + (5 * strlen(name)) + 1 + 1); ++ *s++ = '\''; ++ for (t = name; *t; ++t) { ++ if ('\'' == *t) { ++ /* 'foo'bar' -> 'foo'"'"'bar' */ ++ strcpy(s, "'\"'\"'"); ++ s += strlen(s); ++ } else { ++ *s++ = *t; ++ } ++ } ++ strcpy (s, "'"); ++ debug(("Filtering image through '%s'\n", filter->filter)); ++ zf->type= ZPIPE; ++ sprintf(buf, "%s %s", filter->filter, fname); ++ lfree (fname); + if (! (zf->stream= popen(buf, "r"))) { + lfree((byte *)zf->filename); + zf->filename= NULL; |