dist-git conversion

#2781)

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: giflib
-# $Id: Makefile,v 1.1 2005/10/06 19:18:05 wtogami Exp $
-NAME := giflib
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

giflib-4.1.3-colormap.patch

@@ -0,0 +1,94 @@
+--- giflib-4.1.3/lib/gifalloc.c			2005-10-27 15:37:01.000000000 -0400
++++ giflib-4.1.3/lib/gifalloc.c.colormap	2005-10-27 15:37:39.000000000 -0400
+@@ -420,8 +420,10 @@
+     }
+     for (sp = GifFile->SavedImages;
+          sp < GifFile->SavedImages + GifFile->ImageCount; sp++) {
+-        if (sp->ImageDesc.ColorMap)
++      if (sp->ImageDesc.ColorMap) {
+             FreeMapObject(sp->ImageDesc.ColorMap);
++	    sp->ImageDesc.ColorMap = NULL;
++      }
+ 
+         if (sp->RasterBits)
+             free((char *)sp->RasterBits);
+--- giflib-4.1.3/lib/dgif_lib.c			2005-10-27 15:21:30.000000000 -0400
++++ giflib-4.1.3/lib/dgif_lib.c.colormap	2005-10-27 15:25:26.000000000 -0400
+@@ -263,6 +263,7 @@
+         for (i = 0; i < GifFile->SColorMap->ColorCount; i++) {
+             if (READ(GifFile, Buf, 3) != 3) {
+                 FreeMapObject(GifFile->SColorMap);
++		GifFile->SColorMap = NULL;
+                 _GifError = D_GIF_ERR_READ_FAILED;
+                 return GIF_ERROR;
+             }
+@@ -363,6 +364,7 @@
+         for (i = 0; i < GifFile->Image.ColorMap->ColorCount; i++) {
+             if (READ(GifFile, Buf, 3) != 3) {
+                 FreeMapObject(GifFile->Image.ColorMap);
++		GifFile->Image.ColorMap = NULL;
+                 _GifError = D_GIF_ERR_READ_FAILED;
+                 return GIF_ERROR;
+             }
+@@ -923,6 +925,12 @@
+         0x0fff
+     };
+ 
++    /* The image can't contain more than LZ_BITS per code. */
++    if (Private->RunningBits > LZ_BITS) {
++        _GifError = D_GIF_ERR_IMAGE_DEFECT;
++        return GIF_ERROR;
++    }    
++
+     while (Private->CrntShiftState < Private->RunningBits) {
+         /* Needs to get more bytes from input stream for next code: */
+         if (DGifBufferedInput(GifFile, Private->Buf, &NextByte) == GIF_ERROR) {
+@@ -938,8 +946,12 @@
+     Private->CrntShiftState -= Private->RunningBits;
+ 
+     /* If code cannot fit into RunningBits bits, must raise its size. Note
+-     * however that codes above 4095 are used for special signaling.  */
+-    if (++Private->RunningCode > Private->MaxCode1 &&
++     * however that codes above 4095 are used for special signaling.
++     * If we're using LZ_BITS bits already and we're at the max code, just
++     * keep using the table as it is, don't increment Private->RunningCode.
++     */
++    if (Private->RunningCode < LZ_MAX_CODE + 2 &&
++	++Private->RunningCode > Private->MaxCode1 &&
+         Private->RunningBits < LZ_BITS) {
+         Private->MaxCode1 <<= 1;
+         Private->RunningBits++;
+@@ -964,6 +976,14 @@
+             _GifError = D_GIF_ERR_READ_FAILED;
+             return GIF_ERROR;
+         }
++        /* There shouldn't be any empty data blocks here as the LZW spec
++         * says the LZW termination code should come first.  Therefore we
++         * shouldn't be inside this routine at that point.
++         */
++        if (Buf[0] == 0) {
++            _GifError = D_GIF_ERR_IMAGE_DEFECT;
++            return GIF_ERROR;
++        }
+         if (READ(GifFile, &Buf[1], Buf[0]) != Buf[0]) {
+             _GifError = D_GIF_ERR_READ_FAILED;
+             return GIF_ERROR;
+--- giflib-4.1.3/lib/egif_lib.c			2005-10-27 15:25:37.000000000 -0400
++++ giflib-4.1.3/lib/egif_lib.c.colormap	2005-10-27 15:29:30.000000000 -0400
+@@ -712,10 +712,14 @@
+     Buf = ';';
+     WRITE(GifFile, &Buf, 1);
+ 
+-    if (GifFile->Image.ColorMap)
++    if (GifFile->Image.ColorMap) {
+         FreeMapObject(GifFile->Image.ColorMap);
+-    if (GifFile->SColorMap)
++	GifFile->Image.ColorMap = NULL;
++    }
++    if (GifFile->SColorMap) {
+         FreeMapObject(GifFile->SColorMap);
++	GifFile->SColorMap = NULL;
++    }
+     if (Private) {
+         free((char *)Private);
+     }

giflib-4.1.3-hash64.patch

@@ -1,5 +1,5 @@
---- giflib-4.1.3/lib/gif_hash.c.64	2005-09-20 13:39:32.000000000 -0700
+--- giflib-4.1.3/lib/gif_hash.c			2005-09-20 13:39:32.000000000 -0700
-+++ giflib-4.1.3/lib/gif_hash.c	2005-09-20 13:41:40.000000000 -0700
++++ giflib-4.1.3/lib/gif_hash.c.hash64		2005-09-20 13:41:40.000000000 -0700
 @@ -45,7 +45,7 @@
  	    NumberOfMisses = 0;
  #endif	/* DEBUG_HIT_RATE */
@@ -52,8 +52,8 @@
  {
      return ((Item >> 12) ^ Item) & HT_KEY_MASK;
  }
---- giflib-4.1.3/lib/gif_hash.h.64	2005-09-20 13:39:42.000000000 -0700
+--- giflib-4.1.3/lib/gif_hash.h			2005-09-20 13:39:42.000000000 -0700
-+++ giflib-4.1.3/lib/gif_hash.h	2005-09-20 13:42:08.000000000 -0700
++++ giflib-4.1.3/lib/gif_hash.h.hash64		2005-09-20 13:42:08.000000000 -0700
 @@ -25,12 +25,12 @@
  #define HT_PUT_CODE(l)	(l & 0x0FFF)
  
@@ -70,8 +70,8 @@
 +int _ExistsHashTable(GifHashTableType *HashTable, unsigned int Key);
  
  #endif /* _GIF_HASH_H_ */
---- giflib-4.1.3/lib/egif_lib.c.64	2005-09-20 13:45:28.000000000 -0700
+--- giflib-4.1.3/lib/egif_lib.c			2005-09-20 13:45:28.000000000 -0700
-+++ giflib-4.1.3/lib/egif_lib.c	2005-09-20 13:43:39.000000000 -0700
++++ giflib-4.1.3/lib/egif_lib.c.hash64		2005-09-20 13:43:39.000000000 -0700
 @@ -188,6 +188,12 @@
          _GifError = E_GIF_ERR_NOT_ENOUGH_MEM;
          return NULL;

giflib.spec

@@ -1,82 +1,83 @@
-Summary: Library for manipulating GIF format image files
+Summary:	Library for manipulating GIF format image files
-Name: giflib
+Name:		giflib
-Version: 4.1.3
+Version:	4.1.3
-Release: 9
+Release:	10%{?dist}
-License: MIT
+License:	MIT
-URL: http://www.sf.net/projects/libungif/
+Group:		System Environment/Libraries
-Source0: http://dl.sf.net/libungif/%{name}-%{version}.tar.bz2
+URL:		http://www.sourceforge.net/projects/%{name}/
-Patch0: giflib-hash64.patch
+Source:		http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2
-Group: System Environment/Libraries
+Patch0:		giflib-4.1.3-hash64.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch1:		giflib-4.1.3-colormap.patch
-BuildRequires: libX11-devel, libICE-devel, libSM-devel, libXt-devel
+BuildRequires:	libX11-devel, libICE-devel, libSM-devel, libXt-devel
-
+Provides:	libungif = %{version}-%{release}
-Obsoletes: libungif <= %{version}-%{release}
+Obsoletes:	libungif <= %{version}-%{release}
-Provides: libungif <= %{version}-%{release}
+BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %description
-The giflib package contains a shared library of functions for
+The giflib package contains a shared library of functions for loading and
-loading and saving GIF format image files.  It is API and ABI compatible
+saving GIF format image files. It is API and ABI compatible with libungif,
-with libungif, the library which supported uncompressed GIFs while the
+the library which supported uncompressed GIFs while the Unisys LZW patent
-Unisys LZW patent was in effect.
+was in effect.
-
-Install the giflib package if you need to write programs that use GIF files.
-You should also install the giflib-utils package if you need some simple
-utilities to manipulate GIFs.
 
 %package devel
-Summary: Development tools for programs which will use the libungif library
+Summary:	Development tools for programs using the giflib library
-Group: Development/Libraries
+Group:		Development/Libraries
-Requires: %{name} = %{version}-%{release}
+Requires:	%{name} = %{version}-%{release}
-Provides: libungif-devel <= %{version}-%{release}
+Provides:	libungif-devel = %{version}-%{release}
-Obsoletes: libungif-devel <= %{version}-%{release}
+Obsoletes:	libungif-devel <= %{version}-%{release}
 
 %description devel
-This package contains the static libraries, header files and
+The giflib-devel package includes header files, libraries necessary for
-documentation necessary for development of programs that will use the
+developing programs which use the giflib library to load and save GIF format
-giflib library to load and save GIF format image files.
+image files. It contains the documentation of the giflib library, too.
-
-You should install this package if you need to develop programs which
-will use giflib library functions.  You'll also need to install the
-giflib package.
 
 %package utils
-Summary: Programs for manipulating GIF format image files
+Summary:	Programs for manipulating GIF format image files
-Group: Applications/Multimedia
+Group:		Applications/Multimedia
-Requires: %{name} = %{version}-%{release}
+Requires:	%{name} = %{version}-%{release}
-Obsoletes: libungif-progs <= %{version}-%{release}
+Provides:	libungif-progs = %{version}-%{release}
+Obsoletes:	libungif-progs <= %{version}-%{release}
 
 %description utils
-The giflib-utils package contains various programs for manipulating
+The giflib-utils package contains various programs for manipulating GIF
-GIF format image files.
+format image files. Install it if you need to manipulate GIF format image
-
+files.
-Install this package if you need to manipulate GIF format image files.
-You'll also need to install the giflib package.
 
 %prep
 %setup -q
-%patch0 -p1 -b .amd64
+%patch0 -p1 -b .hash64
-%{__sed} -i 's/\r//' doc/lzgif.txt
+%patch1 -p1 -b .colormap
 
 %build
 %configure
 make %{?_smp_mflags} all
 
-MAJOR=`echo '%{version}' | sed 's/\([0-9]\+\)\..*/\1/'`
+# Handling of libungif compatibility
+MAJOR=`echo '%{version}' | sed -e 's/\([0-9]\+\)\..*/\1/'`
 %{__cc} $RPM_OPT_FLAGS -shared -Wl,-soname,libungif.so.$MAJOR -Llib/.libs -lgif -o libungif.so.%{version}
 
 %install
-rm -rf ${RPM_BUILD_ROOT}
+rm -rf $RPM_BUILD_ROOT
+make DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p' install
 
-make install DESTDIR=$RPM_BUILD_ROOT
+# Handling of libungif compatibility
+install -p -m 755 libungif.so.%{version} $RPM_BUILD_ROOT%{_libdir}
+ln -sf libungif.so.%{version} $RPM_BUILD_ROOT%{_libdir}/libungif.so.4
+ln -sf libungif.so.4 $RPM_BUILD_ROOT%{_libdir}/libungif.so
 
-install -m 0755 -p libungif.so.%{version} $RPM_BUILD_ROOT%{_libdir}
+# Don't install any static .a and libtool .la files
-ln -sf libungif.so.%{version} ${RPM_BUILD_ROOT}%{_libdir}/libungif.so.4
+rm -f $RPM_BUILD_ROOT%{_libdir}/*.{a,la}
-ln -sf libungif.so.4 ${RPM_BUILD_ROOT}%{_libdir}/libungif.so
 
-rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
+# Remove makefile relics from documentation
+rm -f doc/Makefile*
+
+# Correct wrong line ending
+sed -e 's/\r//' doc/lzgif.txt > doc/lzgif.txt.new
+touch -c -r doc/lzgif.txt doc/lzgif.txt.new
+mv -f doc/lzgif.txt.new doc/lzgif.txt
 
 %clean
-rm -rf ${RPM_BUILD_ROOT}
+rm -rf $RPM_BUILD_ROOT
 
 %post -p /sbin/ldconfig
 
@@ -84,14 +85,12 @@ rm -rf ${RPM_BUILD_ROOT}
 
 %files 
 %defattr(-,root,root,-)
-%doc COPYING README NEWS ONEWS
+%doc AUTHORS ChangeLog COPYING NEWS README
-%doc ChangeLog TODO BUGS AUTHORS
 %{_libdir}/lib*.so.*
 
 %files devel
 %defattr(-,root,root,-)
 %doc doc/* util/giffiltr.c util/gifspnge.c
-%{_libdir}/lib*.a
 %{_libdir}/lib*.so
 %{_includedir}/*.h
 
@@ -100,6 +99,12 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_bindir}/*
 
 %changelog
+* Sat May 16 2009 Robert Scheck <robert@fedoraproject.org> 4.1.3-10
+- CVE-2005-2974: NULL pointer dereference crash (#494826)
+- CVE-2005-3350: Memory corruption via a crafted GIF (#494823)
+- Solved multilib problems with documentation (#465208, #474538)
+- Removed static library from giflib-devel package (#225796 #c1)
+
 * Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 4.1.3-9
 - Autorebuild for GCC 4.3