Upstream patch for CVE-2012-1173 wrt #410931 by Agostino Sarubbo

(Portage version: 2.2.0_alpha99/cvs/Linux x86_64)
author: Samuli Suominen <ssuominen@gentoo.org> 2012-04-06 17:39:21 +0000
committer: Samuli Suominen <ssuominen@gentoo.org> 2012-04-06 17:39:21 +0000
commit: cf78f4ea0e6ce18167f5b041b53f7316a86b519e (patch)
tree: c6b0b66f0b486cdbc0c70378feda5a77b5e727be /media-libs
parent: Version bump and remove old. (diff)
download: gentoo-2-cf78f4ea0e6ce18167f5b041b53f7316a86b519e.tar.gz
gentoo-2-cf78f4ea0e6ce18167f5b041b53f7316a86b519e.tar.bz2
gentoo-2-cf78f4ea0e6ce18167f5b041b53f7316a86b519e.zip
5 files changed, 219 insertions, 1 deletions
diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog
index a1709052fba6..15e891b6ac6f 100644
--- a/media-libs/tiff/ChangeLog
+++ b/media-libs/tiff/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for media-libs/tiff
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/ChangeLog,v 1.185 2012/03/02 17:21:27 ssuominen Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/ChangeLog,v 1.186 2012/04/06 17:39:21 ssuominen Exp $
+
+*tiff-4.0.1-r1 (06 Apr 2012)
+*tiff-3.9.5-r2 (06 Apr 2012)
+
+  06 Apr 2012; Samuli Suominen <ssuominen@gentoo.org> +tiff-3.9.5-r2.ebuild,
+  +files/tiff-3.9.5-CVE-2012-1173.patch, +tiff-4.0.1-r1.ebuild,
+  +files/tiff-4.0.1-CVE-2012-1173.patch:
+  Upstream patch for CVE-2012-1173 wrt #410931 by Agostino Sarubbo
 
 *tiff-4.0.1 (02 Mar 2012)
 
diff --git a/media-libs/tiff/files/tiff-3.9.5-CVE-2012-1173.patch b/media-libs/tiff/files/tiff-3.9.5-CVE-2012-1173.patch
new file mode 100644
index 000000000000..c1825a669897
--- /dev/null
+++ b/media-libs/tiff/files/tiff-3.9.5-CVE-2012-1173.patch
@@ -0,0 +1,56 @@
+Index: ChangeLog
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v
+retrieving revision 1.602.2.141
+diff -r1.602.2.141 ChangeLog
+0a1,6
+> 2012-03-30  Frank Warmerdam  <warmerdam@google.com>
+> 
+> 	* tif_getimage.c: Fix size overflow (zdi-can-1221,CVE-2012-1173)
+> 	care of Tom Lane @ Red Hat.
+> 
+> 
+Index: libtiff/tif_getimage.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_getimage.c,v
+retrieving revision 1.63.2.6
+diff -r1.63.2.6 tif_getimage.c
+675a676
+> 	tsize_t bufsize;
+682c683,688
+< 	buf = (unsigned char*) _TIFFmalloc((alpha?4:3)*tilesize);
+---
+> 	bufsize = TIFFSafeMultiply(tsize_t,alpha?4:3,tilesize);
+> 	if (bufsize == 0) {
+> 		TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate");
+> 		return (0);
+> 	}
+> 	buf = (unsigned char*) _TIFFmalloc(bufsize);
+687c693
+< 	_TIFFmemset(buf, 0, (alpha?4:3)*tilesize);
+---
+> 	_TIFFmemset(buf, 0, bufsize);
+882a889
+> 	tsize_t bufsize;
+888c895,900
+< 	p0 = buf = (unsigned char *)_TIFFmalloc((alpha?4:3)*stripsize);
+---
+> 	bufsize = TIFFSafeMultiply(tsize_t,alpha?4:3,stripsize);
+> 	if (bufsize == 0) {
+> 		TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate");
+> 		return (0);
+> 	}
+> 	p0 = buf = (unsigned char *)_TIFFmalloc(bufsize);
+893c905
+< 	_TIFFmemset(buf, 0, (alpha?4:3)*stripsize);
+---
+> 	_TIFFmemset(buf, 0, bufsize);
+Index: libtiff/tiffiop.h
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v
+retrieving revision 1.51.2.7
+diff -r1.51.2.7 tiffiop.h
+249c249
+< #define TIFFSafeMultiply(t,v,m) ((((t)m != (t)0) && (((t)((v*m)/m)) == (t)v)) ? (t)(v*m) : (t)0)
+---
+> #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0)
diff --git a/media-libs/tiff/files/tiff-4.0.1-CVE-2012-1173.patch b/media-libs/tiff/files/tiff-4.0.1-CVE-2012-1173.patch
new file mode 100644
index 000000000000..ad474dcbc4f4
--- /dev/null
+++ b/media-libs/tiff/files/tiff-4.0.1-CVE-2012-1173.patch
@@ -0,0 +1,55 @@
+Index: ChangeLog
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v
+retrieving revision 1.877
+diff -r1.877 ChangeLog
+0a1,5
+> 2012-03-30  Frank Warmerdam  <warmerdam@google.com>
+> 
+> 	* tif_getimage.c: Fix size overflow (zdi-can-1221,CVE-2012-1173)
+> 	care of Tom Lane @ Red Hat.
+> 
+Index: libtiff/tif_getimage.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_getimage.c,v
+retrieving revision 1.78
+diff -r1.78 tif_getimage.c
+694a695
+> 	tmsize_t bufsize;
+702c703,708
+< 	buf = (unsigned char*) _TIFFmalloc((alpha?4:3)*tilesize);
+---
+> 	bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,tilesize);
+> 	if (bufsize == 0) {
+> 		TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate");
+> 		return (0);
+> 	}
+> 	buf = (unsigned char*) _TIFFmalloc(bufsize);
+707c713
+< 	_TIFFmemset(buf, 0, (alpha?4:3)*tilesize);
+---
+> 	_TIFFmemset(buf, 0, bufsize);
+919a926
+> 	tmsize_t bufsize;
+925c932,937
+< 	p0 = buf = (unsigned char *)_TIFFmalloc((alpha?4:3)*stripsize);
+---
+> 	bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,stripsize);
+> 	if (bufsize == 0) {
+> 		TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate");
+> 		return (0);
+> 	}
+> 	p0 = buf = (unsigned char *)_TIFFmalloc(bufsize);
+930c942
+< 	_TIFFmemset(buf, 0, (alpha?4:3)*stripsize);
+---
+> 	_TIFFmemset(buf, 0, bufsize);
+Index: libtiff/tiffiop.h
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v
+retrieving revision 1.82
+diff -r1.82 tiffiop.h
+253c253
+< #define TIFFSafeMultiply(t,v,m) ((((t)m != (t)0) && (((t)((v*m)/m)) == (t)v)) ? (t)(v*m) : (t)0)
+---
+> #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0)
diff --git a/media-libs/tiff/tiff-3.9.5-r2.ebuild b/media-libs/tiff/tiff-3.9.5-r2.ebuild
new file mode 100644
index 000000000000..3c0e0d1be729
--- /dev/null
+++ b/media-libs/tiff/tiff-3.9.5-r2.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.5-r2.ebuild,v 1.1 2012/04/06 17:39:21 ssuominen Exp $
+
+# this ebuild is only for the libtiff.so.3 and libtiffxx.so.3 SONAME for ABI compat
+
+EAPI=4
+inherit eutils libtool multilib
+
+DESCRIPTION="Library for manipulation of TIFF (Tag Image File Format) images"
+HOMEPAGE="http://www.remotesensing.org/libtiff/"
+SRC_URI="ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz"
+
+LICENSE="as-is"
+SLOT="3"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
+IUSE="+cxx jbig jpeg zlib"
+
+RDEPEND="jpeg? ( virtual/jpeg )
+	jbig? ( media-libs/jbigkit )
+	zlib? ( sys-libs/zlib )
+	!media-libs/tiff-compat
+	!=media-libs/tiff-3*:0"
+DEPEND="${RDEPEND}"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-CVE-*.patch
+	elibtoolize
+}
+
+src_configure() {
+	econf \
+		--libdir=/libdir \
+		--disable-static \
+		$(use_enable cxx) \
+		$(use_enable zlib) \
+		$(use_enable jpeg) \
+		$(use_enable jbig) \
+		--without-x
+}
+
+src_install() {
+	# Let `make install` and libtool handle insecure runpath(s)
+	dodir tmp
+	emake DESTDIR="${D}/tmp" install
+
+	exeinto /usr/$(get_libdir)
+	doexe "${ED}"/tmp/libdir/libtiff$(get_libname 3)
+	use cxx && doexe "${ED}"/tmp/libdir/libtiffxx$(get_libname 3)
+
+	rm -rf "${ED}"/tmp
+}
diff --git a/media-libs/tiff/tiff-4.0.1-r1.ebuild b/media-libs/tiff/tiff-4.0.1-r1.ebuild
new file mode 100644
index 000000000000..ca442aaea956
--- /dev/null
+++ b/media-libs/tiff/tiff-4.0.1-r1.ebuild
@@ -0,0 +1,47 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-4.0.1-r1.ebuild,v 1.1 2012/04/06 17:39:21 ssuominen Exp $
+
+EAPI=4
+inherit eutils libtool
+
+DESCRIPTION="Tag Image File Format (TIFF) library"
+HOMEPAGE="http://www.remotesensing.org/libtiff/"
+SRC_URI="http://download.osgeo.org/libtiff/${P}.tar.gz
+	ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz"
+
+LICENSE="as-is"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris"
+IUSE="+cxx jbig jpeg lzma static-libs zlib"
+
+RDEPEND="jpeg? ( virtual/jpeg )
+	jbig? ( media-libs/jbigkit )
+	lzma? ( app-arch/xz-utils )
+	zlib? ( sys-libs/zlib )"
+DEPEND="${RDEPEND}"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-CVE-*.patch
+	elibtoolize
+}
+
+src_configure() {
+	econf \
+		$(use_enable static-libs static) \
+		$(use_enable zlib) \
+		$(use_enable jpeg) \
+		$(use_enable jbig) \
+		$(use_enable lzma) \
+		$(use_enable cxx) \
+		--without-x \
+		--with-docdir="${EPREFIX}"/usr/share/doc/${PF}
+}
+
+src_install() {
+	default
+
+	rm -f \
+		"${ED}"/usr/lib*/libtiff*.la \
+		"${ED}"/usr/share/doc/${PF}/{COPYRIGHT,README*,RELEASE-DATE,TODO,VERSION}
+}
author	Samuli Suominen <ssuominen@gentoo.org>	2012-04-06 17:39:21 +0000
committer	Samuli Suominen <ssuominen@gentoo.org>	2012-04-06 17:39:21 +0000
commit	cf78f4ea0e6ce18167f5b041b53f7316a86b519e (patch)
tree	c6b0b66f0b486cdbc0c70378feda5a77b5e727be /media-libs
parent	Version bump and remove old. (diff)
download	gentoo-2-cf78f4ea0e6ce18167f5b041b53f7316a86b519e.tar.gz gentoo-2-cf78f4ea0e6ce18167f5b041b53f7316a86b519e.tar.bz2 gentoo-2-cf78f4ea0e6ce18167f5b041b53f7316a86b519e.zip