fixed patch

(Portage version: 2.0.53)
author: Carsten Lohrke <carlo@gentoo.org> 2005-12-09 21:05:06 +0000
committer: Carsten Lohrke <carlo@gentoo.org> 2005-12-09 21:05:06 +0000
commit: 018c5f183e1a2d2b9c6c4140f11f586e46416ec7 (patch)
tree: c65cb600097a81e5469dbdabe657baa7c782d9cc
parent: Added config2 patch to make /etc/vmware/config writable by the vmware group a... (diff)
download: gentoo-2-018c5f183e1a2d2b9c6c4140f11f586e46416ec7.tar.gz
gentoo-2-018c5f183e1a2d2b9c6c4140f11f586e46416ec7.tar.bz2
gentoo-2-018c5f183e1a2d2b9c6c4140f11f586e46416ec7.zip
12 files changed, 399 insertions, 254 deletions
diff --git a/kde-base/kdegraphics/ChangeLog b/kde-base/kdegraphics/ChangeLog
index 2360ad7b5e37..7f0f5ec5b785 100644
--- a/kde-base/kdegraphics/ChangeLog
+++ b/kde-base/kdegraphics/ChangeLog
@@ -1,6 +1,20 @@
 # ChangeLog for kde-base/kdegraphics
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/ChangeLog,v 1.202 2005/12/08 02:26:56 carlo Exp $
+# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/ChangeLog,v 1.203 2005/12/09 21:05:05 carlo Exp $
+
+*kdegraphics-3.5.0-r2 (09 Dec 2005)
+*kdegraphics-3.4.3-r2 (09 Dec 2005)
+*kdegraphics-3.4.1-r3 (09 Dec 2005)
+
+  09 Dec 2005; Carsten Lohrke <carlo@gentoo.org>
+  -files/kpdf-3.4.3-CAN-2005-3193.patch,
+  +files/post-3.4.3-kdegraphics-CAN-2005-3193.diff,
+  -files/kpdf-3.5.0-CAN-2005-3193.patch,
+  +files/post-3.5.0-kdegraphics-CAN-2005-3193.diff,
+  -kdegraphics-3.4.1-r2.ebuild, +kdegraphics-3.4.1-r3.ebuild,
+  -kdegraphics-3.4.3-r1.ebuild, +kdegraphics-3.4.3-r2.ebuild,
+  -kdegraphics-3.5.0-r1.ebuild, +kdegraphics-3.5.0-r2.ebuild:
+  fixed patch
 
 *kdegraphics-3.4.1-r2 (08 Dec 2005)
 
diff --git a/kde-base/kdegraphics/Manifest b/kde-base/kdegraphics/Manifest
index b75dae4e260c..1cb9fb374d53 100644
--- a/kde-base/kdegraphics/Manifest
+++ b/kde-base/kdegraphics/Manifest
@@ -1,30 +1,30 @@
-MD5 6f557f7f75d2595c9cf3a28d49c68564 ChangeLog 28388
+MD5 ecb70f7084de63bdbf16cf8345eb6b1d ChangeLog 28933
 MD5 284f518172a2843428d308d2d48bbbee files/CAN-2005-0064.patch 793
 MD5 9eb12845ce85cc31e216d463877cb519 files/digest-kdegraphics-3.3.2-r3 71
 MD5 1a6dde4414b4ad894e4ed7ed3fa919ff files/digest-kdegraphics-3.4.1-r1 71
-MD5 1a6dde4414b4ad894e4ed7ed3fa919ff files/digest-kdegraphics-3.4.1-r2 71
+MD5 1a6dde4414b4ad894e4ed7ed3fa919ff files/digest-kdegraphics-3.4.1-r3 71
 MD5 a603b1f40c870db682665f57f908df0e files/digest-kdegraphics-3.4.2-r2 71
 MD5 ad9f9a5920cdd067ae76d39d768fce5f files/digest-kdegraphics-3.4.3 71
-MD5 ad9f9a5920cdd067ae76d39d768fce5f files/digest-kdegraphics-3.4.3-r1 71
+MD5 ad9f9a5920cdd067ae76d39d768fce5f files/digest-kdegraphics-3.4.3-r2 71
 MD5 0459ac16349d79da6246392e2454796b files/digest-kdegraphics-3.5.0 71
-MD5 0459ac16349d79da6246392e2454796b files/digest-kdegraphics-3.5.0-r1 71
+MD5 0459ac16349d79da6246392e2454796b files/digest-kdegraphics-3.5.0-r2 71
 MD5 72b0e0cd29559b5ac4a20829a3da892c files/kdegraphics-3.4-configure.patch 847
 MD5 c52515e268cbff75a6f7b7d1ee1fad47 files/kdegraphics-3.4-gcc4.patch 1226
 MD5 0abb98c262645006a4b116c0635edb49 files/kdegraphics-3.4.1-gocr.patch 454
 MD5 653bd55a1e87c51731d0b0512051774e files/kdegraphics-3.4.2-kpdf-contentcrash.patch 749
 MD5 4caddebea4d845abb2de6dbbfe1b979a files/kdegraphics-3.4.2-kpdf-fix.patch 1024
-MD5 a4a2359edd7af28474916f12f99871fb files/kpdf-3.4.3-CAN-2005-3193.patch 3455
-MD5 fb8e3783bd62a0ef7979c10fb6046201 files/kpdf-3.5.0-CAN-2005-3193.patch 3384
 MD5 d18efc8eb0bf3e3b54a33cf04cdba3fd files/kpdf-3.5.0-splitter-io.patch 1415
 MD5 4a4bcdcb2456ab92b7846b6646da1bcb files/post-3.3.1-kdegraphics-4.diff 1797
 MD5 bf6b28780e0f5ea8f99e0777187e73cb files/post-3.3.2-kdegraphics.diff 1385
 MD5 ec3b95efe9139f4259d6de213fe4b87b files/post-3.4.1-kdegraphics-4.diff 1827
+MD5 a2e4c4878c6637efbbbb4ffd20ae6cc2 files/post-3.4.3-kdegraphics-CAN-2005-3193.diff 6383
+MD5 45bc3c00d76feb234aa5db42da0137e5 files/post-3.5.0-kdegraphics-CAN-2005-3193.diff 4768
 MD5 8752f936f226c4117006b64736b21b05 kdegraphics-3.3.2-r3.ebuild 1612
 MD5 511facb4e5557ab04a88092e393860db kdegraphics-3.4.1-r1.ebuild 1456
-MD5 f32412ed0de18a6e559274716929578d kdegraphics-3.4.1-r2.ebuild 1514
+MD5 7436c1517457b6950b2e47c817e01602 kdegraphics-3.4.1-r3.ebuild 1416
 MD5 f8b2b24be0e28925e87267accd66968a kdegraphics-3.4.2-r2.ebuild 2089
-MD5 37cb86f11dc91d0ddcd2e3f6168e47fe kdegraphics-3.4.3-r1.ebuild 1788
+MD5 d9e8008c4edf734745d91c47288ae026 kdegraphics-3.4.3-r2.ebuild 1692
 MD5 f31268d787d150bd1810a8df5fc46735 kdegraphics-3.4.3.ebuild 1731
-MD5 18c9f2812e590e167ff1d5b35333e664 kdegraphics-3.5.0-r1.ebuild 1967
+MD5 490770479e0a68f029b578dcbb8c0cbb kdegraphics-3.5.0-r2.ebuild 1976
 MD5 71a6e1d836d6cce0d6a9ce6a71863200 kdegraphics-3.5.0.ebuild 1870
 MD5 acc03a4b12bb0433a57e95bd253b9501 metadata.xml 156
diff --git a/kde-base/kdegraphics/files/digest-kdegraphics-3.4.1-r2 b/kde-base/kdegraphics/files/digest-kdegraphics-3.4.1-r3
index 74738527d810..74738527d810 100644
--- a/kde-base/kdegraphics/files/digest-kdegraphics-3.4.1-r2
+++ b/kde-base/kdegraphics/files/digest-kdegraphics-3.4.1-r3
diff --git a/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r1 b/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r2
index 2cb888ba9f29..2cb888ba9f29 100644
--- a/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r1
+++ b/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r2
diff --git a/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r1 b/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r2
index 44e671a5ef99..44e671a5ef99 100644
--- a/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r1
+++ b/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r2
diff --git a/kde-base/kdegraphics/files/kpdf-3.4.3-CAN-2005-3193.patch b/kde-base/kdegraphics/files/kpdf-3.4.3-CAN-2005-3193.patch
deleted file mode 100644
index 0999fe01cd4e..000000000000
--- a/kde-base/kdegraphics/files/kpdf-3.4.3-CAN-2005-3193.patch
+++ /dev/null
@@ -1,119 +0,0 @@
---- kpdf/xpdf/xpdf/JPXStream.cc.orig	2005-12-04 13:01:07.000000000 +0100
-+++ kpdf/xpdf/xpdf/JPXStream.cc	2005-12-04 13:15:44.000000000 +0100
-@@ -666,7 +666,7 @@
-   int segType;
-   GBool haveSIZ, haveCOD, haveQCD, haveSOT;
-   Guint precinctSize, style;
--  Guint segLen, capabilities, comp, i, j, r;
-+  Guint segLen, capabilities, nTiles, comp, i, j, r;
- 
-   //----- main header
-   haveSIZ = haveCOD = haveQCD = haveSOT = gFalse;
-@@ -701,6 +701,13 @@
- 	            / img.xTileSize;
-       img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1)
- 	            / img.yTileSize;
-+      nTiles = img.nXTiles * img.nYTiles;
-+      // check for overflow before allocating memory
-+      if (nTiles == 0 || nTiles / img.nXTiles != img.nYTiles) {
-+	error(getPos(), "Bad tile count in JPX SIZ marker segment");
-+	return gFalse;
-+      }
-+      img.tiles = (JPXTile *)gmalloc(nTiles * sizeof(JPXTile));
-       img.tiles = (JPXTile *)gmalloc(img.nXTiles * img.nYTiles *
- 				     sizeof(JPXTile));
-       for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
---- kpdf/xpdf/xpdf/Stream.h.orig	2005-12-04 13:16:13.000000000 +0100
-+++ kpdf/xpdf/xpdf/Stream.h	2005-12-04 13:21:52.000000000 +0100
-@@ -233,6 +233,8 @@
- 
-   ~StreamPredictor();
- 
-+  GBool isOk() { return ok; }
-+
-   int lookChar();
-   int getChar();
- 
-@@ -250,6 +252,7 @@
-   int rowBytes;			// bytes per line
-   Guchar *predLine;		// line buffer
-   int predIdx;			// current index in predLine
-+  GBool ok;
- };
- 
- //------------------------------------------------------------------------
---- kpdf/xpdf/xpdf/Stream.cc.orig	2005-12-04 13:23:51.000000000 +0100
-+++ kpdf/xpdf/xpdf/Stream.cc	2005-12-04 13:36:34.000000000 +0100
-@@ -408,18 +408,34 @@
- 
- StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
- 				 int widthA, int nCompsA, int nBitsA) {
-+  int totalBits;
-+
-   str = strA;
-   predictor = predictorA;
-   width = widthA;
-   nComps = nCompsA;
-   nBits = nBitsA;
-+  predLine = NULL;
-+  ok = gFalse;
-+
- 
-   nVals = width * nComps;
-+  totalBits = nVals * nBits;
-+  if (totalBits == 0 ||
-+      (totalBits / nBits) / nComps != width ||
-+      totalBits + 7 < 0) {
-+    return;
-+  }
-   pixBytes = (nComps * nBits + 7) >> 3;
--  rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-+  rowBytes = ((totalBits + 7) >> 3) + pixBytes;
-+  if (rowBytes < 0) {
-+    return;
-+  }
-   predLine = (Guchar *)gmalloc(rowBytes);
-   memset(predLine, 0, rowBytes);
-   predIdx = rowBytes;
-+
-+  ok = gTrue;
- }
- 
- StreamPredictor::~StreamPredictor() {
-@@ -1013,6 +1029,10 @@
-     FilterStream(strA) {
-   if (predictor != 1) {
-     pred = new StreamPredictor(this, predictor, columns, colors, bits);
-+    if (!pred->isOk()) {
-+      delete pred;
-+      pred = NULL;
-+    }
-   } else {
-     pred = NULL;
-   }
-@@ -2899,6 +2919,14 @@
-   height = read16();
-   width = read16();
-   numComps = str->getChar();
-+  if (numComps <= 0 || numComps > 4) {
-+    error(getPos(), "Bad number of components in DCT stream", prec);
-+    return gFalse;
-+  }
-+  if (numComps <= 0 || numComps > 4) {
-+    error(getPos(), "Bad number of components in DCT stream", prec);
-+    return gFalse;
-+  }
-   if (prec != 8) {
-     error(getPos(), "Bad DCT precision %d", prec);
-     return gFalse;
-@@ -3258,6 +3286,10 @@
-     FilterStream(strA) {
-   if (predictor != 1) {
-     pred = new StreamPredictor(this, predictor, columns, colors, bits);
-+    if (!pred->isOk()) {
-+      delete pred;
-+      pred = NULL;
-+    }
-   } else {
-     pred = NULL;
-   }
diff --git a/kde-base/kdegraphics/files/kpdf-3.5.0-CAN-2005-3193.patch b/kde-base/kdegraphics/files/kpdf-3.5.0-CAN-2005-3193.patch
deleted file mode 100644
index f171b12cf5ce..000000000000
--- a/kde-base/kdegraphics/files/kpdf-3.5.0-CAN-2005-3193.patch
+++ /dev/null
@@ -1,118 +0,0 @@
---- kpdf/xpdf/xpdf/JPXStream.cc	2005/12/01 22:32:29	484786
-+++ kpdf/xpdf/xpdf/JPXStream.cc	2005/12/01 22:34:41	484787
-@@ -783,7 +783,7 @@
-   int segType;
-   GBool haveSIZ, haveCOD, haveQCD, haveSOT;
-   Guint precinctSize, style;
--  Guint segLen, capabilities, comp, i, j, r;
-+  Guint segLen, capabilities, nTiles, comp, i, j, r;
- 
-   //----- main header
-   haveSIZ = haveCOD = haveQCD = haveSOT = gFalse;
-@@ -818,6 +818,13 @@
- 	            / img.xTileSize;
-       img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1)
- 	            / img.yTileSize;
-+      nTiles = img.nXTiles * img.nYTiles;
-+      // check for overflow before allocating memory
-+      if (nTiles == 0 || nTiles / img.nXTiles != img.nYTiles) {
-+	error(getPos(), "Bad tile count in JPX SIZ marker segment");
-+	return gFalse;
-+      }
-+      img.tiles = (JPXTile *)gmallocn(nTiles, sizeof(JPXTile));
-       img.tiles = (JPXTile *)gmallocn(img.nXTiles * img.nYTiles,
- 				     sizeof(JPXTile));
-       for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
---- kpdf/xpdf/xpdf/Stream.h	2005/12/01 22:32:29	484786
-+++ kpdf/xpdf/xpdf/Stream.h	2005/12/01 22:34:41	484787
-@@ -232,6 +232,8 @@
- 
-   ~StreamPredictor();
- 
-+  GBool isOk() { return ok; }
-+
-   int lookChar();
-   int getChar();
- 
-@@ -249,6 +251,7 @@
-   int rowBytes;			// bytes per line
-   Guchar *predLine;		// line buffer
-   int predIdx;			// current index in predLine
-+  GBool ok;
- };
- 
- //------------------------------------------------------------------------
---- kpdf/xpdf/xpdf/Stream.cc	2005/12/01 22:32:29	484786
-+++ kpdf/xpdf/xpdf/Stream.cc	2005/12/01 22:34:41	484787
-@@ -403,18 +403,33 @@
- 
- StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
- 				 int widthA, int nCompsA, int nBitsA) {
-+  int totalBits;
-+
-   str = strA;
-   predictor = predictorA;
-   width = widthA;
-   nComps = nCompsA;
-   nBits = nBitsA;
-+  predLine = NULL;
-+  ok = gFalse;
- 
-   nVals = width * nComps;
-+  totalBits = nVals * nBits;
-+  if (totalBits == 0 ||
-+      (totalBits / nBits) / nComps != width ||
-+      totalBits + 7 < 0) {
-+    return;
-+  }
-   pixBytes = (nComps * nBits + 7) >> 3;
--  rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-+  rowBytes = ((totalBits + 7) >> 3) + pixBytes;
-+  if (rowBytes < 0) {
-+    return;
-+  }
-   predLine = (Guchar *)gmalloc(rowBytes);
-   memset(predLine, 0, rowBytes);
-   predIdx = rowBytes;
-+
-+  ok = gTrue;
- }
- 
- StreamPredictor::~StreamPredictor() {
-@@ -1006,6 +1021,10 @@
-     FilterStream(strA) {
-   if (predictor != 1) {
-     pred = new StreamPredictor(this, predictor, columns, colors, bits);
-+    if (!pred->isOk()) {
-+      delete pred;
-+      pred = NULL;
-+    }
-   } else {
-     pred = NULL;
-   }
-@@ -2903,6 +2922,14 @@
-   height = read16();
-   width = read16();
-   numComps = str->getChar();
-+  if (numComps <= 0 || numComps > 4) {
-+    error(getPos(), "Bad number of components in DCT stream", prec);
-+    return gFalse;
-+  }
-+  if (numComps <= 0 || numComps > 4) {
-+    error(getPos(), "Bad number of components in DCT stream", prec);
-+    return gFalse;
-+  }
-   if (prec != 8) {
-     error(getPos(), "Bad DCT precision %d", prec);
-     return gFalse;
-@@ -3833,6 +3860,10 @@
-     FilterStream(strA) {
-   if (predictor != 1) {
-     pred = new StreamPredictor(this, predictor, columns, colors, bits);
-+    if (!pred->isOk()) {
-+      delete pred;
-+      pred = NULL;
-+    }
-   } else {
-     pred = NULL;
-   }
diff --git a/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff b/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff
new file mode 100644
index 000000000000..c060c4e31324
--- /dev/null
+++ b/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff
@@ -0,0 +1,213 @@
+Index: kpdf/xpdf/xpdf/Stream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/Stream.cc	(revision 486337)
++++ kpdf/xpdf/xpdf/Stream.cc	(revision 487206)
+@@ -15,6 +15,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <stddef.h>
++#include <limits.h>
+ #ifndef WIN32
+ #include <unistd.h>
+ #endif
+@@ -413,13 +414,27 @@ StreamPredictor::StreamPredictor(Stream 
+   width = widthA;
+   nComps = nCompsA;
+   nBits = nBitsA;
++  predLine = NULL;
++  ok = gFalse;
++
++  if (width <= 0 || nComps <= 0 || nBits <= 0 ||
++      nComps >= INT_MAX / nBits ||
++      width >= INT_MAX / nComps / nBits)
++    return;
+ 
+   nVals = width * nComps;
++  if (nVals + 7 <= 0)
++    return;
+   pixBytes = (nComps * nBits + 7) >> 3;
+   rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
++  if (rowBytes < 0)
++    return;
++
+   predLine = (Guchar *)gmalloc(rowBytes);
+   memset(predLine, 0, rowBytes);
+   predIdx = rowBytes;
++
++  ok = gTrue;
+ }
+ 
+ StreamPredictor::~StreamPredictor() {
+@@ -1013,6 +1028,10 @@ LZWStream::LZWStream(Stream *strA, int p
+     FilterStream(strA) {
+   if (predictor != 1) {
+     pred = new StreamPredictor(this, predictor, columns, colors, bits);
++    if (!pred->isOk()) {
++      delete pred;
++      pred = NULL;
++    }
+   } else {
+     pred = NULL;
+   }
+@@ -2899,6 +2918,10 @@ GBool DCTStream::readBaselineSOF() {
+   height = read16();
+   width = read16();
+   numComps = str->getChar();
++  if (numComps <= 0 || numComps > 4) {
++    error(getPos(), "Bad number of components in DCT stream");
++    return gFalse;
++  }
+   if (prec != 8) {
+     error(getPos(), "Bad DCT precision %d", prec);
+     return gFalse;
+@@ -2925,6 +2948,10 @@ GBool DCTStream::readProgressiveSOF() {
+   height = read16();
+   width = read16();
+   numComps = str->getChar();
++  if (numComps <= 0 || numComps > 4) {
++    error(getPos(), "Bad number of components in DCT stream");
++    return gFalse;
++  }
+   if (prec != 8) {
+     error(getPos(), "Bad DCT precision %d", prec);
+     return gFalse;
+@@ -2947,6 +2974,10 @@ GBool DCTStream::readScanInfo() {
+ 
+   length = read16() - 2;
+   scanInfo.numComps = str->getChar();
++  if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) {
++    error(getPos(), "Bad number of components in DCT stream");
++    return gFalse;
++  }
+   --length;
+   if (length != 2 * scanInfo.numComps + 3) {
+     error(getPos(), "Bad DCT scan info block");
+@@ -3258,6 +3289,10 @@ FlateStream::FlateStream(Stream *strA, i
+     FilterStream(strA) {
+   if (predictor != 1) {
+     pred = new StreamPredictor(this, predictor, columns, colors, bits);
++    if (!pred->isOk()) {
++      delete pred;
++      pred = NULL;
++    }
+   } else {
+     pred = NULL;
+   }
+Index: kpdf/xpdf/xpdf/Stream.h
+===================================================================
+--- kpdf/xpdf/xpdf/Stream.h	(revision 486337)
++++ kpdf/xpdf/xpdf/Stream.h	(revision 487206)
+@@ -233,6 +233,8 @@ public:
+ 
+   ~StreamPredictor();
+ 
++  GBool isOk() { return ok; }
++
+   int lookChar();
+   int getChar();
+ 
+@@ -250,6 +252,7 @@ private:
+   int rowBytes;			// bytes per line
+   Guchar *predLine;		// line buffer
+   int predIdx;			// current index in predLine
++  GBool ok;
+ };
+ 
+ //------------------------------------------------------------------------
+Index: kpdf/xpdf/xpdf/JPXStream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/JPXStream.cc	(revision 486337)
++++ kpdf/xpdf/xpdf/JPXStream.cc	(revision 487206)
+@@ -7,6 +7,7 @@
+ //========================================================================
+ 
+ #include <aconf.h>
++#include <limits.h>
+ 
+ #ifdef USE_GCC_PRAGMAS
+ #pragma implementation
+@@ -666,7 +667,7 @@ GBool JPXStream::readCodestream(Guint /*
+   int segType;
+   GBool haveSIZ, haveCOD, haveQCD, haveSOT;
+   Guint precinctSize, style;
+-  Guint segLen, capabilities, comp, i, j, r;
++  Guint segLen, capabilities, nTiles, comp, i, j, r;
+ 
+   //----- main header
+   haveSIZ = haveCOD = haveQCD = haveSOT = gFalse;
+@@ -701,8 +702,12 @@ GBool JPXStream::readCodestream(Guint /*
+ 	            / img.xTileSize;
+       img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1)
+ 	            / img.yTileSize;
+-      img.tiles = (JPXTile *)gmalloc(img.nXTiles * img.nYTiles *
+-				     sizeof(JPXTile));
++      nTiles = img.nXTiles * img.nYTiles;
++      if (img.nXTiles <= 0 || img.nYTiles <= 0 || img.nXTiles >= INT_MAX / img.nYTiles) {
++        error(getPos(), "Bad tile count in JPX SIZ marker segment");  
++        return gFalse;
++      }
++      img.tiles = (JPXTile *)gmallocn(nTiles, sizeof(JPXTile));
+       for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
+ 	img.tiles[i].tileComps = (JPXTileComp *)gmalloc(img.nComps *
+ 							sizeof(JPXTileComp));
+Index: kpdf/xpdf/goo/gmem.c
+===================================================================
+--- kpdf/xpdf/goo/gmem.c	(revision 486337)
++++ kpdf/xpdf/goo/gmem.c	(revision 487206)
+@@ -11,6 +11,7 @@
+ #include <stdlib.h>
+ #include <stddef.h>
+ #include <string.h>
++#include <limits.h>
+ #include "gmem.h"
+ 
+ #ifdef DEBUG_MEM
+@@ -175,6 +176,28 @@ void gfree(void *p) {
+ #endif
+ }
+ 
++void *gmallocn(int nObjs, int objSize) {
++  int n;
++
++  n = nObjs * objSize;
++  if (objSize <= 0 || nObjs < 0 || nObjs >= INT_MAX / objSize) {
++    fprintf(stderr, "Bogus memory allocation size\n");
++    exit(1);
++  }
++  return gmalloc(n);
++}
++
++void *greallocn(void *p, int nObjs, int objSize) {
++  int n;
++
++  n = nObjs * objSize;
++  if (objSize <= 0 || nObjs < 0 || nObjs >= INT_MAX / objSize) {
++    fprintf(stderr, "Bogus memory allocation size\n");
++    exit(1);
++  }
++  return grealloc(p, n);
++}
++
+ #ifdef DEBUG_MEM
+ void gMemReport(FILE *f) {
+   GMemHdr *p;
+Index: kpdf/xpdf/goo/gmem.h
+===================================================================
+--- kpdf/xpdf/goo/gmem.h	(revision 486337)
++++ kpdf/xpdf/goo/gmem.h	(revision 487206)
+@@ -28,6 +28,15 @@ extern void *gmalloc(size_t size);
+ extern void *grealloc(void *p, size_t size);
+ 
+ /*
++ * These are similar to gmalloc and grealloc, but take an object count
++ * and size.  The result is similar to allocating nObjs * objSize
++ * bytes, but there is an additional error check that the total size
++ * doesn't overflow an int.
++ */
++extern void *gmallocn(int nObjs, int objSize);
++extern void *greallocn(void *p, int nObjs, int objSize);
++
++/*
+  * Same as free, but checks for and ignores NULL pointers.
+  */
+ extern void gfree(void *p);
diff --git a/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff b/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff
new file mode 100644
index 000000000000..a30fe74a789a
--- /dev/null
+++ b/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff
@@ -0,0 +1,155 @@
+Index: kpdf/xpdf/xpdf/Stream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/Stream.cc	(revision 473213)
++++ kpdf/xpdf/xpdf/Stream.cc	(revision 487206)
+@@ -15,6 +15,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <stddef.h>
++#include <limits.h>
+ #ifndef WIN32
+ #include <unistd.h>
+ #endif
+@@ -408,13 +409,27 @@ StreamPredictor::StreamPredictor(Stream 
+   width = widthA;
+   nComps = nCompsA;
+   nBits = nBitsA;
++  predLine = NULL;
++  ok = gFalse;
++
++  if (width <= 0 || nComps <= 0 || nBits <= 0 ||
++      nComps >= INT_MAX / nBits ||
++      width >= INT_MAX / nComps / nBits)
++    return;
+ 
+   nVals = width * nComps;
++  if (nVals + 7 <= 0)
++    return;
+   pixBytes = (nComps * nBits + 7) >> 3;
+   rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
++  if (rowBytes < 0)
++    return;
++
+   predLine = (Guchar *)gmalloc(rowBytes);
+   memset(predLine, 0, rowBytes);
+   predIdx = rowBytes;
++
++  ok = gTrue;
+ }
+ 
+ StreamPredictor::~StreamPredictor() {
+@@ -1006,6 +1021,10 @@ LZWStream::LZWStream(Stream *strA, int p
+     FilterStream(strA) {
+   if (predictor != 1) {
+     pred = new StreamPredictor(this, predictor, columns, colors, bits);
++    if (!pred->isOk()) {
++      delete pred;
++      pred = NULL;
++    }
+   } else {
+     pred = NULL;
+   }
+@@ -2903,7 +2922,11 @@ GBool DCTStream::readBaselineSOF() {
+   height = read16();
+   width = read16();
+   numComps = str->getChar();
+-  if (prec != 8) {
++  if (numComps <= 0 || numComps > 4) {
++    error(getPos(), "Bad number of components in DCT stream", prec);
++    return gFalse;
++  }
++ if (prec != 8) {
+     error(getPos(), "Bad DCT precision %d", prec);
+     return gFalse;
+   }
+@@ -2929,6 +2952,10 @@ GBool DCTStream::readProgressiveSOF() {
+   height = read16();
+   width = read16();
+   numComps = str->getChar();
++  if (numComps <= 0 || numComps > 4) {
++    error(getPos(), "Bad number of components in DCT stream");
++    return gFalse;
++  }
+   if (prec != 8) {
+     error(getPos(), "Bad DCT precision %d", prec);
+     return gFalse;
+@@ -2951,6 +2978,10 @@ GBool DCTStream::readScanInfo() {
+ 
+   length = read16() - 2;
+   scanInfo.numComps = str->getChar();
++  if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) {
++    error(getPos(), "Bad number of components in DCT stream");
++    return gFalse;
++  }
+   --length;
+   if (length != 2 * scanInfo.numComps + 3) {
+     error(getPos(), "Bad DCT scan info block");
+@@ -3833,6 +3864,10 @@ FlateStream::FlateStream(Stream *strA, i
+     FilterStream(strA) {
+   if (predictor != 1) {
+     pred = new StreamPredictor(this, predictor, columns, colors, bits);
++    if (!pred->isOk()) {
++      delete pred;
++      pred = NULL;
++    }
+   } else {
+     pred = NULL;
+   }
+Index: kpdf/xpdf/xpdf/Stream.h
+===================================================================
+--- kpdf/xpdf/xpdf/Stream.h	(revision 473213)
++++ kpdf/xpdf/xpdf/Stream.h	(revision 487206)
+@@ -232,6 +232,8 @@ public:
+ 
+   ~StreamPredictor();
+ 
++  GBool isOk() { return ok; }
++
+   int lookChar();
+   int getChar();
+ 
+@@ -249,6 +251,7 @@ private:
+   int rowBytes;			// bytes per line
+   Guchar *predLine;		// line buffer
+   int predIdx;			// current index in predLine
++  GBool ok;
+ };
+ 
+ //------------------------------------------------------------------------
+Index: kpdf/xpdf/xpdf/JPXStream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/JPXStream.cc	(revision 473213)
++++ kpdf/xpdf/xpdf/JPXStream.cc	(revision 487206)
+@@ -7,6 +7,7 @@
+ //========================================================================
+ 
+ #include <aconf.h>
++#include <limits.h>
+ 
+ #ifdef USE_GCC_PRAGMAS
+ #pragma implementation
+@@ -783,7 +784,7 @@ GBool JPXStream::readCodestream(Guint /*
+   int segType;
+   GBool haveSIZ, haveCOD, haveQCD, haveSOT;
+   Guint precinctSize, style;
+-  Guint segLen, capabilities, comp, i, j, r;
++  Guint segLen, capabilities, nTiles, comp, i, j, r;
+ 
+   //----- main header
+   haveSIZ = haveCOD = haveQCD = haveSOT = gFalse;
+@@ -818,8 +819,13 @@ GBool JPXStream::readCodestream(Guint /*
+ 	            / img.xTileSize;
+       img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1)
+ 	            / img.yTileSize;
+-      img.tiles = (JPXTile *)gmallocn(img.nXTiles * img.nYTiles,
+-				     sizeof(JPXTile));
++      nTiles = img.nXTiles * img.nYTiles;
++      // check for overflow before allocating memory
++      if (img.nXTiles <= 0 || img.nYTiles <= 0 || img.nXTiles >= INT_MAX / img.nYTiles) {
++	error(getPos(), "Bad tile count in JPX SIZ marker segment");
++	return gFalse;
++      }
++      img.tiles = (JPXTile *)gmallocn(nTiles, sizeof(JPXTile));
+       for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
+ 	img.tiles[i].tileComps = (JPXTileComp *)gmallocn(img.nComps,
+ 							sizeof(JPXTileComp));
diff --git a/kde-base/kdegraphics/kdegraphics-3.4.1-r2.ebuild b/kde-base/kdegraphics/kdegraphics-3.4.1-r3.ebuild
index ca442cec681e..807fb5c4a1d4 100644
--- a/kde-base/kdegraphics/kdegraphics-3.4.1-r2.ebuild
+++ b/kde-base/kdegraphics/kdegraphics-3.4.1-r3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.4.1-r2.ebuild,v 1.1 2005/12/08 02:26:57 carlo Exp $
+# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.4.1-r3.ebuild,v 1.1 2005/12/09 21:05:06 carlo Exp $
 
 inherit kde-dist eutils
 
@@ -37,7 +37,7 @@ src_unpack() {
 
 	epatch "${FILESDIR}/post-3.4.1-kdegraphics-4.diff"
 
-	epatch "${FILESDIR}/kpdf-3.4.3-CAN-2005-3193.patch"
+	epatch "${FILESDIR}/post-3.4.3-kdegraphics-CAN-2005-3193.diff"
 }
 
 src_compile() {
diff --git a/kde-base/kdegraphics/kdegraphics-3.4.3-r1.ebuild b/kde-base/kdegraphics/kdegraphics-3.4.3-r2.ebuild
index 26e74f574eb1..3ddacd1f71bb 100644
--- a/kde-base/kdegraphics/kdegraphics-3.4.3-r1.ebuild
+++ b/kde-base/kdegraphics/kdegraphics-3.4.3-r2.ebuild
@@ -1,12 +1,12 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.4.3-r1.ebuild,v 1.3 2005/12/07 19:48:54 cryos Exp $
+# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.4.3-r2.ebuild,v 1.1 2005/12/09 21:05:06 carlo Exp $
 
 inherit kde-dist eutils
 
 DESCRIPTION="KDE graphics-related apps"
 
-KEYWORDS="~alpha amd64 ~hppa ~ia64 ~mips ppc ~sparc ~x86"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~sparc ~x86"
 IUSE="gphoto2 imlib nodrm openexr opengl povray scanner tetex"
 
 DEPEND="~kde-base/kdebase-${PV}
@@ -44,7 +44,7 @@ src_unpack() {
 	# Configure patch. Applied for 3.5.
 	epatch "${FILESDIR}/kdegraphics-3.4-configure.patch"
 
-	epatch "${FILESDIR}/kpdf-3.4.3-CAN-2005-3193.patch"
+	epatch "${FILESDIR}/post-3.4.3-kdegraphics-CAN-2005-3193.diff"
 
 	# For the configure patch.
 	make -f admin/Makefile.common || die
diff --git a/kde-base/kdegraphics/kdegraphics-3.5.0-r1.ebuild b/kde-base/kdegraphics/kdegraphics-3.5.0-r2.ebuild
index f7a9a5b89af2..0f447e0ed440 100644
--- a/kde-base/kdegraphics/kdegraphics-3.5.0-r1.ebuild
+++ b/kde-base/kdegraphics/kdegraphics-3.5.0-r2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.5.0-r1.ebuild,v 1.1 2005/12/06 01:49:27 carlo Exp $
+# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.5.0-r2.ebuild,v 1.1 2005/12/09 21:05:06 carlo Exp $
 
 inherit kde-dist eutils
 
@@ -35,7 +35,7 @@ RDEPEND="${DEPEND}
 DEPEND="${DEPEND}
 	dev-util/pkgconfig"
 
-PATCHES="${FILESDIR}/kpdf-3.5.0-CAN-2005-3193.patch ${FILESDIR}/kpdf-3.5.0-splitter-io.patch"
+PATCHES="${FILESDIR}/post-3.5.0-kdegraphics-CAN-2005-3193.diff ${FILESDIR}/kpdf-3.5.0-splitter-io.patch"
 
 pkg_setup() {
 	if ! built_with_use virtual/ghostscript X; then
author	Carsten Lohrke <carlo@gentoo.org>	2005-12-09 21:05:06 +0000
committer	Carsten Lohrke <carlo@gentoo.org>	2005-12-09 21:05:06 +0000
commit	018c5f183e1a2d2b9c6c4140f11f586e46416ec7 (patch)
tree	c65cb600097a81e5469dbdabe657baa7c782d9cc
parent	Added config2 patch to make /etc/vmware/config writable by the vmware group a... (diff)
download	gentoo-2-018c5f183e1a2d2b9c6c4140f11f586e46416ec7.tar.gz gentoo-2-018c5f183e1a2d2b9c6c4140f11f586e46416ec7.tar.bz2 gentoo-2-018c5f183e1a2d2b9c6c4140f11f586e46416ec7.zip