From e4d30ac6d9547630b7ac7d10ad6fd2ded2d79265 Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Sun, 20 Apr 2008 19:28:13 +0000 Subject: [PATCH 1/4] Initialize branch F-9 for giflib --- branch | 1 + 1 file changed, 1 insertion(+) create mode 100644 branch diff --git a/branch b/branch new file mode 100644 index 0000000..1c26f78 --- /dev/null +++ b/branch @@ -0,0 +1 @@ +F-9 From 06781ad3a14396f4ace6b26fa4d5442aa5aab7f1 Mon Sep 17 00:00:00 2001 From: Robert Scheck Date: Sat, 16 May 2009 01:45:27 +0000 Subject: [PATCH 2/4] - CVE-2005-2974: NULL pointer dereference crash (#494826) - CVE-2005-3350: Memory corruption via a crafted GIF (#494823) - Solved multilib problems with documentation (#465208, #474538) - Removed static library from giflib-devel package (#225796 #c1) --- giflib-4.1.3-colormap.patch | 94 ++++++++++++++ ...-hash64.patch => giflib-4.1.3-hash64.patch | 12 +- giflib.spec | 117 +++++++++--------- 3 files changed, 161 insertions(+), 62 deletions(-) create mode 100644 giflib-4.1.3-colormap.patch rename giflib-hash64.patch => giflib-4.1.3-hash64.patch (89%) diff --git a/giflib-4.1.3-colormap.patch b/giflib-4.1.3-colormap.patch new file mode 100644 index 0000000..b01180a --- /dev/null +++ b/giflib-4.1.3-colormap.patch @@ -0,0 +1,94 @@ +--- giflib-4.1.3/lib/gifalloc.c 2005-10-27 15:37:01.000000000 -0400 ++++ giflib-4.1.3/lib/gifalloc.c.colormap 2005-10-27 15:37:39.000000000 -0400 +@@ -420,8 +420,10 @@ + } + for (sp = GifFile->SavedImages; + sp < GifFile->SavedImages + GifFile->ImageCount; sp++) { +- if (sp->ImageDesc.ColorMap) ++ if (sp->ImageDesc.ColorMap) { + FreeMapObject(sp->ImageDesc.ColorMap); ++ sp->ImageDesc.ColorMap = NULL; ++ } + + if (sp->RasterBits) + free((char *)sp->RasterBits); +--- giflib-4.1.3/lib/dgif_lib.c 2005-10-27 15:21:30.000000000 -0400 ++++ giflib-4.1.3/lib/dgif_lib.c.colormap 2005-10-27 15:25:26.000000000 -0400 +@@ -263,6 +263,7 @@ + for (i = 0; i < GifFile->SColorMap->ColorCount; i++) { + if (READ(GifFile, Buf, 3) != 3) { + FreeMapObject(GifFile->SColorMap); ++ GifFile->SColorMap = NULL; + _GifError = D_GIF_ERR_READ_FAILED; + return GIF_ERROR; + } +@@ -363,6 +364,7 @@ + for (i = 0; i < GifFile->Image.ColorMap->ColorCount; i++) { + if (READ(GifFile, Buf, 3) != 3) { + FreeMapObject(GifFile->Image.ColorMap); ++ GifFile->Image.ColorMap = NULL; + _GifError = D_GIF_ERR_READ_FAILED; + return GIF_ERROR; + } +@@ -923,6 +925,12 @@ + 0x0fff + }; + ++ /* The image can't contain more than LZ_BITS per code. */ ++ if (Private->RunningBits > LZ_BITS) { ++ _GifError = D_GIF_ERR_IMAGE_DEFECT; ++ return GIF_ERROR; ++ } ++ + while (Private->CrntShiftState < Private->RunningBits) { + /* Needs to get more bytes from input stream for next code: */ + if (DGifBufferedInput(GifFile, Private->Buf, &NextByte) == GIF_ERROR) { +@@ -938,8 +946,12 @@ + Private->CrntShiftState -= Private->RunningBits; + + /* If code cannot fit into RunningBits bits, must raise its size. Note +- * however that codes above 4095 are used for special signaling. */ +- if (++Private->RunningCode > Private->MaxCode1 && ++ * however that codes above 4095 are used for special signaling. ++ * If we're using LZ_BITS bits already and we're at the max code, just ++ * keep using the table as it is, don't increment Private->RunningCode. ++ */ ++ if (Private->RunningCode < LZ_MAX_CODE + 2 && ++ ++Private->RunningCode > Private->MaxCode1 && + Private->RunningBits < LZ_BITS) { + Private->MaxCode1 <<= 1; + Private->RunningBits++; +@@ -964,6 +976,14 @@ + _GifError = D_GIF_ERR_READ_FAILED; + return GIF_ERROR; + } ++ /* There shouldn't be any empty data blocks here as the LZW spec ++ * says the LZW termination code should come first. Therefore we ++ * shouldn't be inside this routine at that point. ++ */ ++ if (Buf[0] == 0) { ++ _GifError = D_GIF_ERR_IMAGE_DEFECT; ++ return GIF_ERROR; ++ } + if (READ(GifFile, &Buf[1], Buf[0]) != Buf[0]) { + _GifError = D_GIF_ERR_READ_FAILED; + return GIF_ERROR; +--- giflib-4.1.3/lib/egif_lib.c 2005-10-27 15:25:37.000000000 -0400 ++++ giflib-4.1.3/lib/egif_lib.c.colormap 2005-10-27 15:29:30.000000000 -0400 +@@ -712,10 +712,14 @@ + Buf = ';'; + WRITE(GifFile, &Buf, 1); + +- if (GifFile->Image.ColorMap) ++ if (GifFile->Image.ColorMap) { + FreeMapObject(GifFile->Image.ColorMap); +- if (GifFile->SColorMap) ++ GifFile->Image.ColorMap = NULL; ++ } ++ if (GifFile->SColorMap) { + FreeMapObject(GifFile->SColorMap); ++ GifFile->SColorMap = NULL; ++ } + if (Private) { + free((char *)Private); + } diff --git a/giflib-hash64.patch b/giflib-4.1.3-hash64.patch similarity index 89% rename from giflib-hash64.patch rename to giflib-4.1.3-hash64.patch index e3d7379..0db944e 100644 --- a/giflib-hash64.patch +++ b/giflib-4.1.3-hash64.patch @@ -1,5 +1,5 @@ ---- giflib-4.1.3/lib/gif_hash.c.64 2005-09-20 13:39:32.000000000 -0700 -+++ giflib-4.1.3/lib/gif_hash.c 2005-09-20 13:41:40.000000000 -0700 +--- giflib-4.1.3/lib/gif_hash.c 2005-09-20 13:39:32.000000000 -0700 ++++ giflib-4.1.3/lib/gif_hash.c.hash64 2005-09-20 13:41:40.000000000 -0700 @@ -45,7 +45,7 @@ NumberOfMisses = 0; #endif /* DEBUG_HIT_RATE */ @@ -52,8 +52,8 @@ { return ((Item >> 12) ^ Item) & HT_KEY_MASK; } ---- giflib-4.1.3/lib/gif_hash.h.64 2005-09-20 13:39:42.000000000 -0700 -+++ giflib-4.1.3/lib/gif_hash.h 2005-09-20 13:42:08.000000000 -0700 +--- giflib-4.1.3/lib/gif_hash.h 2005-09-20 13:39:42.000000000 -0700 ++++ giflib-4.1.3/lib/gif_hash.h.hash64 2005-09-20 13:42:08.000000000 -0700 @@ -25,12 +25,12 @@ #define HT_PUT_CODE(l) (l & 0x0FFF) @@ -70,8 +70,8 @@ +int _ExistsHashTable(GifHashTableType *HashTable, unsigned int Key); #endif /* _GIF_HASH_H_ */ ---- giflib-4.1.3/lib/egif_lib.c.64 2005-09-20 13:45:28.000000000 -0700 -+++ giflib-4.1.3/lib/egif_lib.c 2005-09-20 13:43:39.000000000 -0700 +--- giflib-4.1.3/lib/egif_lib.c 2005-09-20 13:45:28.000000000 -0700 ++++ giflib-4.1.3/lib/egif_lib.c.hash64 2005-09-20 13:43:39.000000000 -0700 @@ -188,6 +188,12 @@ _GifError = E_GIF_ERR_NOT_ENOUGH_MEM; return NULL; diff --git a/giflib.spec b/giflib.spec index ca10778..7bbbdcd 100644 --- a/giflib.spec +++ b/giflib.spec @@ -1,82 +1,83 @@ -Summary: Library for manipulating GIF format image files -Name: giflib -Version: 4.1.3 -Release: 9 -License: MIT -URL: http://www.sf.net/projects/libungif/ -Source0: http://dl.sf.net/libungif/%{name}-%{version}.tar.bz2 -Patch0: giflib-hash64.patch -Group: System Environment/Libraries -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildRequires: libX11-devel, libICE-devel, libSM-devel, libXt-devel - -Obsoletes: libungif <= %{version}-%{release} -Provides: libungif <= %{version}-%{release} +Summary: Library for manipulating GIF format image files +Name: giflib +Version: 4.1.3 +Release: 10%{?dist} +License: MIT +Group: System Environment/Libraries +URL: http://www.sourceforge.net/projects/%{name}/ +Source: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2 +Patch0: giflib-4.1.3-hash64.patch +Patch1: giflib-4.1.3-colormap.patch +BuildRequires: libX11-devel, libICE-devel, libSM-devel, libXt-devel +Provides: libungif = %{version}-%{release} +Obsoletes: libungif <= %{version}-%{release} +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description -The giflib package contains a shared library of functions for -loading and saving GIF format image files. It is API and ABI compatible -with libungif, the library which supported uncompressed GIFs while the -Unisys LZW patent was in effect. - -Install the giflib package if you need to write programs that use GIF files. -You should also install the giflib-utils package if you need some simple -utilities to manipulate GIFs. +The giflib package contains a shared library of functions for loading and +saving GIF format image files. It is API and ABI compatible with libungif, +the library which supported uncompressed GIFs while the Unisys LZW patent +was in effect. %package devel -Summary: Development tools for programs which will use the libungif library -Group: Development/Libraries -Requires: %{name} = %{version}-%{release} -Provides: libungif-devel <= %{version}-%{release} -Obsoletes: libungif-devel <= %{version}-%{release} +Summary: Development tools for programs using the giflib library +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} +Provides: libungif-devel = %{version}-%{release} +Obsoletes: libungif-devel <= %{version}-%{release} %description devel -This package contains the static libraries, header files and -documentation necessary for development of programs that will use the -giflib library to load and save GIF format image files. - -You should install this package if you need to develop programs which -will use giflib library functions. You'll also need to install the -giflib package. +The giflib-devel package includes header files, libraries necessary for +developing programs which use the giflib library to load and save GIF format +image files. It contains the documentation of the giflib library, too. %package utils -Summary: Programs for manipulating GIF format image files -Group: Applications/Multimedia -Requires: %{name} = %{version}-%{release} -Obsoletes: libungif-progs <= %{version}-%{release} +Summary: Programs for manipulating GIF format image files +Group: Applications/Multimedia +Requires: %{name} = %{version}-%{release} +Provides: libungif-progs = %{version}-%{release} +Obsoletes: libungif-progs <= %{version}-%{release} %description utils -The giflib-utils package contains various programs for manipulating -GIF format image files. - -Install this package if you need to manipulate GIF format image files. -You'll also need to install the giflib package. +The giflib-utils package contains various programs for manipulating GIF +format image files. Install it if you need to manipulate GIF format image +files. %prep %setup -q -%patch0 -p1 -b .amd64 -%{__sed} -i 's/\r//' doc/lzgif.txt +%patch0 -p1 -b .hash64 +%patch1 -p1 -b .colormap %build %configure make %{?_smp_mflags} all -MAJOR=`echo '%{version}' | sed 's/\([0-9]\+\)\..*/\1/'` +# Handling of libungif compatibility +MAJOR=`echo '%{version}' | sed -e 's/\([0-9]\+\)\..*/\1/'` %{__cc} $RPM_OPT_FLAGS -shared -Wl,-soname,libungif.so.$MAJOR -Llib/.libs -lgif -o libungif.so.%{version} %install -rm -rf ${RPM_BUILD_ROOT} +rm -rf $RPM_BUILD_ROOT +make DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p' install -make install DESTDIR=$RPM_BUILD_ROOT +# Handling of libungif compatibility +install -p -m 755 libungif.so.%{version} $RPM_BUILD_ROOT%{_libdir} +ln -sf libungif.so.%{version} $RPM_BUILD_ROOT%{_libdir}/libungif.so.4 +ln -sf libungif.so.4 $RPM_BUILD_ROOT%{_libdir}/libungif.so -install -m 0755 -p libungif.so.%{version} $RPM_BUILD_ROOT%{_libdir} -ln -sf libungif.so.%{version} ${RPM_BUILD_ROOT}%{_libdir}/libungif.so.4 -ln -sf libungif.so.4 ${RPM_BUILD_ROOT}%{_libdir}/libungif.so +# Don't install any static .a and libtool .la files +rm -f $RPM_BUILD_ROOT%{_libdir}/*.{a,la} -rm -f $RPM_BUILD_ROOT%{_libdir}/*.la +# Remove makefile relics from documentation +rm -f doc/Makefile* + +# Correct wrong line ending +sed -e 's/\r//' doc/lzgif.txt > doc/lzgif.txt.new +touch -c -r doc/lzgif.txt doc/lzgif.txt.new +mv -f doc/lzgif.txt.new doc/lzgif.txt %clean -rm -rf ${RPM_BUILD_ROOT} +rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig @@ -84,14 +85,12 @@ rm -rf ${RPM_BUILD_ROOT} %files %defattr(-,root,root,-) -%doc COPYING README NEWS ONEWS -%doc ChangeLog TODO BUGS AUTHORS +%doc AUTHORS ChangeLog COPYING NEWS README %{_libdir}/lib*.so.* %files devel %defattr(-,root,root,-) %doc doc/* util/giffiltr.c util/gifspnge.c -%{_libdir}/lib*.a %{_libdir}/lib*.so %{_includedir}/*.h @@ -100,6 +99,12 @@ rm -rf ${RPM_BUILD_ROOT} %{_bindir}/* %changelog +* Sat May 16 2009 Robert Scheck 4.1.3-10 +- CVE-2005-2974: NULL pointer dereference crash (#494826) +- CVE-2005-3350: Memory corruption via a crafted GIF (#494823) +- Solved multilib problems with documentation (#465208, #474538) +- Removed static library from giflib-devel package (#225796 #c1) + * Tue Feb 19 2008 Fedora Release Engineering - 4.1.3-9 - Autorebuild for GCC 4.3 From f2eab389b101e095f57eade9f690dde6e2d11076 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Thu, 26 Nov 2009 01:56:27 +0000 Subject: [PATCH 3/4] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 9edd25f..bee5a82 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,10 @@ # Makefile for source rpm: giflib -# $Id: Makefile,v 1.1 2005/10/06 19:18:05 wtogami Exp $ +# $Id: Makefile,v 1.2 2007/10/15 18:47:25 notting Exp $ NAME := giflib SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From 4b7e798e924ffa8ec5b7d3f3e77950e3f5a8ae01 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 15:38:08 +0000 Subject: [PATCH 4/4] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- branch | 1 - 3 files changed, 22 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile delete mode 100644 branch diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index bee5a82..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: giflib -# $Id: Makefile,v 1.2 2007/10/15 18:47:25 notting Exp $ -NAME := giflib -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attempt a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/branch b/branch deleted file mode 100644 index 1c26f78..0000000 --- a/branch +++ /dev/null @@ -1 +0,0 @@ -F-9