unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* [PATCH] Update gd and php
@ 2017-01-19 21:19 Julien Lepiller
  2017-01-20  5:53 ` Leo Famulari
  0 siblings, 1 reply; 10+ messages in thread
From: Julien Lepiller @ 2017-01-19 21:19 UTC (permalink / raw)
  To: guix-devel

[-- Attachment #1: Type: text/plain, Size: 219 bytes --]

A new version of gd and php were released today. Here are patches to
update them. I could get rid of gd-for-php and use the system one
instead. Two new tests had to be removed, they are related to already
failing tests.

[-- Attachment #2: 0001-gnu-gd-Update-to-2.2.4.patch --]
[-- Type: text/x-patch, Size: 5438 bytes --]

From 502fa6202e8dabed3abdd584f720eb6128fdc127 Mon Sep 17 00:00:00 2001
From: Julien Lepiller <julien@lepiller.eu>
Date: Thu, 19 Jan 2017 22:09:35 +0100
Subject: [PATCH 1/2] gnu: gd: Update to 2.2.4.

* gnu/packages/gd.scm (gd): Update to 2.2.4.
---
 gnu/local.mk                                |  2 --
 gnu/packages/gd.scm                         |  8 ++----
 gnu/packages/patches/gd-CVE-2016-7568.patch | 44 -----------------------------
 gnu/packages/patches/gd-CVE-2016-8670.patch | 38 -------------------------
 4 files changed, 3 insertions(+), 89 deletions(-)
 delete mode 100644 gnu/packages/patches/gd-CVE-2016-7568.patch
 delete mode 100644 gnu/packages/patches/gd-CVE-2016-8670.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 2da8b82db..616e476a1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -568,8 +568,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/gcc-6-arm-none-eabi-multilib.patch	\
   %D%/packages/patches/gcc-6-cross-environment-variables.patch	\
   %D%/packages/patches/gcj-arm-mode.patch			\
-  %D%/packages/patches/gd-CVE-2016-7568.patch			\
-  %D%/packages/patches/gd-CVE-2016-8670.patch			\
   %D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch	\
   %D%/packages/patches/gd-fix-gd2-read-test.patch		\
   %D%/packages/patches/gd-fix-tests-on-i686.patch		\
diff --git a/gnu/packages/gd.scm b/gnu/packages/gd.scm
index 0241a81db..d564955d4 100644
--- a/gnu/packages/gd.scm
+++ b/gnu/packages/gd.scm
@@ -40,7 +40,7 @@
     ;; Note: With libgd.org now pointing to github.com, genuine old
     ;; tarballs are no longer available.  Notably, versions 2.0.x are
     ;; missing.
-    (version "2.2.3")
+    (version "2.2.4")
 
     (source (origin
              (method url-fetch)
@@ -49,10 +49,8 @@
                    version "/libgd-" version ".tar.xz"))
              (sha256
               (base32
-               "0g3xz8jpz1pl2zzmssglrpa9nxiaa7rmcmvgpbrjz8k9cyynqsvl"))
-             (patches (search-patches "gd-CVE-2016-7568.patch"
-                                      "gd-CVE-2016-8670.patch"
-                                      "gd-fix-gd2-read-test.patch"
+               "1rp4v7n1dq38b92kl7gkvpvqqkw7nvdfnz6d5kip5klkxfki6zqk"))
+             (patches (search-patches "gd-fix-gd2-read-test.patch"
                                       "gd-fix-tests-on-i686.patch"))))
     (build-system gnu-build-system)
     (native-inputs
diff --git a/gnu/packages/patches/gd-CVE-2016-7568.patch b/gnu/packages/patches/gd-CVE-2016-7568.patch
deleted file mode 100644
index 6a1a63296..000000000
--- a/gnu/packages/patches/gd-CVE-2016-7568.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-Fix CVE-2016-7568 (integer overflow in gdImageWebpCtx()):
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568
-
-Patch copied from upstream source repository:
-
-https://github.com/libgd/libgd/commit/2806adfdc27a94d333199345394d7c302952b95f
-
-From 2806adfdc27a94d333199345394d7c302952b95f Mon Sep 17 00:00:00 2001
-From: trylab <trylab@users.noreply.github.com>
-Date: Tue, 6 Sep 2016 18:35:32 +0800
-Subject: [PATCH] Fix integer overflow in gdImageWebpCtx
-
-Integer overflow can be happened in expression gdImageSX(im) * 4 *
-gdImageSY(im). It could lead to heap buffer overflow in the following
-code. This issue has been reported to the PHP Bug Tracking System. The
-proof-of-concept file will be supplied some days later. This issue was
-discovered by Ke Liu of Tencent's Xuanwu LAB.
----
- src/gd_webp.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/gd_webp.c b/src/gd_webp.c
-index 8eb4dee..9886399 100644
---- a/src/gd_webp.c
-+++ b/src/gd_webp.c
-@@ -199,6 +199,14 @@ BGD_DECLARE(void) gdImageWebpCtx (gdImagePtr im, gdIOCtx * outfile, int quality)
- 		quality = 80;
- 	}
- 
-+	if (overflow2(gdImageSX(im), 4)) {
-+		return;
-+	}
-+
-+	if (overflow2(gdImageSX(im) * 4, gdImageSY(im))) {
-+		return;
-+	}
-+
- 	argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im));
- 	if (!argb) {
- 		return;
--- 
-2.10.0
-
diff --git a/gnu/packages/patches/gd-CVE-2016-8670.patch b/gnu/packages/patches/gd-CVE-2016-8670.patch
deleted file mode 100644
index 39ee99ac3..000000000
--- a/gnu/packages/patches/gd-CVE-2016-8670.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-Fix CVE-2016-8670 (buffer overflow in dynamicGetbuf()):
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670
-http://seclists.org/oss-sec/2016/q4/138
-
-Patch copied from upstream source repository:
-
-https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
-
-From 53110871935244816bbb9d131da0bccff734bfe9 Mon Sep 17 00:00:00 2001
-From: "Christoph M. Becker" <cmbecker69@gmx.de>
-Date: Wed, 12 Oct 2016 11:15:32 +0200
-Subject: [PATCH] Avoid potentially dangerous signed to unsigned conversion
-
-We make sure to never pass a negative `rlen` as size to memcpy(). See
-also <https://bugs.php.net/bug.php?id=73280>.
-
-Patch provided by Emmanuel Law.
----
- src/gd_io_dp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/gd_io_dp.c b/src/gd_io_dp.c
-index 135eda3..228bfa5 100644
---- a/src/gd_io_dp.c
-+++ b/src/gd_io_dp.c
-@@ -276,7 +276,7 @@ static int dynamicGetbuf(gdIOCtxPtr ctx, void *buf, int len)
- 	if(remain >= len) {
- 		rlen = len;
- 	} else {
--		if(remain == 0) {
-+		if(remain <= 0) {
- 			/* 2.0.34: EOF is incorrect. We use 0 for
- 			 * errors and EOF, just like fileGetbuf,
- 			 * which is a simple fread() wrapper.
--- 
-2.10.1
-
-- 
2.11.0


[-- Attachment #3: 0002-gnu-php-Update-to-7.1.1.patch --]
[-- Type: text/x-patch, Size: 10131 bytes --]

From edf980daea884e8d23b8f034ad8b7e8ad4ba8bbb Mon Sep 17 00:00:00 2001
From: Julien Lepiller <julien@lepiller.eu>
Date: Thu, 19 Jan 2017 22:10:22 +0100
Subject: [PATCH 2/2] gnu: php: Update to 7.1.1.

* gnu/packages/php.scm (php): Update to 7.1.1.
---
 gnu/local.mk                                       |   2 -
 .../patches/gd-fix-chunk-size-on-boundaries.patch  | 102 ---------------------
 .../gd-fix-truecolor-format-correction.patch       |  95 -------------------
 gnu/packages/php.scm                               |  19 +---
 4 files changed, 5 insertions(+), 213 deletions(-)
 delete mode 100644 gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch
 delete mode 100644 gnu/packages/patches/gd-fix-truecolor-format-correction.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 616e476a1..5e4a59f49 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -568,10 +568,8 @@ dist_patch_DATA =						\
   %D%/packages/patches/gcc-6-arm-none-eabi-multilib.patch	\
   %D%/packages/patches/gcc-6-cross-environment-variables.patch	\
   %D%/packages/patches/gcj-arm-mode.patch			\
-  %D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch	\
   %D%/packages/patches/gd-fix-gd2-read-test.patch		\
   %D%/packages/patches/gd-fix-tests-on-i686.patch		\
-  %D%/packages/patches/gd-fix-truecolor-format-correction.patch	\
   %D%/packages/patches/gegl-CVE-2012-4433.patch			\
   %D%/packages/patches/geoclue-config.patch			\
   %D%/packages/patches/ghostscript-CVE-2013-5653.patch		\
diff --git a/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch
deleted file mode 100644
index e395c66d8..000000000
--- a/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-This fixes PHP bug #73155: https://bugs.php.net/bug.php?id=73155
-
-Patch adapted from upstream source repository:
-
-https://github.com/libgd/libgd/commit/8067a8ac336dfe0acbe96ec2eb24572209a7f279
-
-(.gitignore change removed)
-
-From 8067a8ac336dfe0acbe96ec2eb24572209a7f279 Mon Sep 17 00:00:00 2001
-From: "Christoph M. Becker" <cmbecker69@gmx.de>
-Date: Fri, 23 Sep 2016 18:29:52 +0200
-Subject: [PATCH] Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
-
-(cherry picked from commit bb1998a16e30d542ab22eba5501911a9aa066edb)
----
- src/gd_gd2.c             |  4 ++--
- tests/gd2/CMakeLists.txt |  1 +
- tests/gd2/Makemodule.am  |  1 +
- tests/gd2/bug00309.c     | 37 +++++++++++++++++++++++++++++++++++++
- 4 files changed, 41 insertions(+), 2 deletions(-)
- create mode 100644 tests/gd2/bug00309.c
-
-diff --git a/src/gd_gd2.c b/src/gd_gd2.c
-index 75e5e1f..b9b2f93 100644
---- a/src/gd_gd2.c
-+++ b/src/gd_gd2.c
-@@ -938,8 +938,8 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
- 	};
- 
- 	/* Work out number of chunks. */
--	ncx = im->sx / cs + 1;
--	ncy = im->sy / cs + 1;
-+	ncx = (im->sx + cs - 1) / cs;
-+	ncy = (im->sy + cs - 1) / cs;
- 
- 	/* Write the standard header. */
- 	_gd2PutHeader (im, out, cs, fmt, ncx, ncy);
-diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt
-index 3b650ad..247b466 100644
---- a/tests/gd2/CMakeLists.txt
-+++ b/tests/gd2/CMakeLists.txt
-@@ -1,5 +1,6 @@
- SET(TESTS_FILES
- 	bug_289
-+	bug00309
- 	gd2_empty_file
- 	gd2_im2im
- 	gd2_null
-diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am
-index b8ee946..d69aee0 100644
---- a/tests/gd2/Makemodule.am
-+++ b/tests/gd2/Makemodule.am
-@@ -1,5 +1,6 @@
- libgd_test_programs += \
- 	gd2/bug_289 \
-+	gd2/bug00309 \
- 	gd2/gd2_empty_file \
- 	gd2/php_bug_72339 \
- 	gd2/gd2_read_corrupt
-diff --git a/tests/gd2/bug00309.c b/tests/gd2/bug00309.c
-new file mode 100644
-index 0000000..b649cdc
---- /dev/null
-+++ b/tests/gd2/bug00309.c
-@@ -0,0 +1,37 @@
-+/**
-+ * Regression test for <https://github.com/libgd/libgd/issues/309>.
-+ *
-+ * We test that an image with 64x64 pixels reports only a single chunk in the
-+ * GD2 image header when the chunk size is 64.
-+ */
-+
-+
-+#include "gd.h"
-+#include "gdtest.h"
-+
-+
-+int main()
-+{
-+    gdImagePtr im;
-+    unsigned char *buf;
-+    int size, word;
-+
-+    im = gdImageCreate(64, 64);
-+    gdImageColorAllocate(im, 0, 0, 0);
-+
-+    buf = gdImageGd2Ptr(im, 64, 1, &size);
-+
-+    gdImageDestroy(im);
-+
-+    word = buf[10] << 8 | buf[11];
-+    gdTestAssertMsg(word == 64, "chunk size is %d, but expected 64\n", word);
-+    word = buf[14] << 8 | buf[15];
-+    gdTestAssertMsg(word == 1, "x chunk count is %d, but expected 1\n", word);
-+    word = buf[16] << 8 | buf[17];
-+    gdTestAssertMsg(word == 1, "y chunk count is %d, but expected 1\n", word);
-+    gdTestAssertMsg(size == 5145, "file size is %d, but expected 5145\n", size);
-+
-+    gdFree(buf);
-+
-+    return gdNumFailures();
-+}
diff --git a/gnu/packages/patches/gd-fix-truecolor-format-correction.patch b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch
deleted file mode 100644
index be3eff932..000000000
--- a/gnu/packages/patches/gd-fix-truecolor-format-correction.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-This fixes PHP bug #73159: https://bugs.php.net/bug.php?id=73159
-
-Patch lifted from upstream source repository:
-
-https://github.com/libgd/libgd/commit/e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5
-
-From e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 Mon Sep 17 00:00:00 2001
-From: "Christoph M. Becker" <cmbecker69@gmx.de>
-Date: Mon, 15 Aug 2016 17:49:40 +0200
-Subject: [PATCH] Fix #289: Passing unrecognized formats to gdImageGd2 results
- in corrupted files
-
-We must not apply the format correction twice for truecolor images.
-
-(cherry picked from commit 09090c125658e23a4ae2a2e002646bb7278bd89e)
----
- src/gd_gd2.c             |  2 +-
- tests/gd2/CMakeLists.txt |  1 +
- tests/gd2/Makemodule.am  |  1 +
- tests/gd2/bug_289.c      | 33 +++++++++++++++++++++++++++++++++
- 4 files changed, 36 insertions(+), 1 deletion(-)
- create mode 100644 tests/gd2/bug_289.c
-
-diff --git a/src/gd_gd2.c b/src/gd_gd2.c
-index 86c881e..75e5e1f 100644
---- a/src/gd_gd2.c
-+++ b/src/gd_gd2.c
-@@ -918,7 +918,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
- 	/* Force fmt to a valid value since we don't return anything. */
- 	/* */
- 	if ((fmt != GD2_FMT_RAW) && (fmt != GD2_FMT_COMPRESSED)) {
--		fmt = im->trueColor ? GD2_FMT_TRUECOLOR_COMPRESSED : GD2_FMT_COMPRESSED;
-+		fmt = GD2_FMT_COMPRESSED;
- 	};
- 	if (im->trueColor) {
- 		fmt += 2;
-diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt
-index 8aecacc..3b650ad 100644
---- a/tests/gd2/CMakeLists.txt
-+++ b/tests/gd2/CMakeLists.txt
-@@ -1,4 +1,5 @@
- SET(TESTS_FILES
-+	bug_289
- 	gd2_empty_file
- 	gd2_im2im
- 	gd2_null
-diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am
-index 754a284..b8ee946 100644
---- a/tests/gd2/Makemodule.am
-+++ b/tests/gd2/Makemodule.am
-@@ -1,4 +1,5 @@
- libgd_test_programs += \
-+	gd2/bug_289 \
- 	gd2/gd2_empty_file \
- 	gd2/php_bug_72339 \
- 	gd2/gd2_read_corrupt
-diff --git a/tests/gd2/bug_289.c b/tests/gd2/bug_289.c
-new file mode 100644
-index 0000000..ad311e9
---- /dev/null
-+++ b/tests/gd2/bug_289.c
-@@ -0,0 +1,33 @@
-+/**
-+ * Passing an unrecognized format to gdImageGd2() should result in
-+ * GD2_FMT_TRUECOLOR_COMPRESSED for truecolor images.
-+ *
-+ * See <https://github.com/libgd/libgd/issues/289>.
-+ */
-+
-+#include "gd.h"
-+#include "gdtest.h"
-+
-+
-+#define GD2_FMT_UNRECOGNIZED 0
-+#define GD2_FMT_TRUECOLOR_COMPRESSED 4
-+
-+#define MSG "expected %s byte to be %d, but got %d\n"
-+
-+
-+int main()
-+{
-+    gdImagePtr im;
-+    char *buffer;
-+    int size;
-+
-+    im = gdImageCreateTrueColor(10, 10);
-+    gdTestAssert(im != NULL);
-+    buffer = (char *) gdImageGd2Ptr(im, 128, GD2_FMT_UNRECOGNIZED, &size);
-+    gdTestAssert(buffer != NULL);
-+    gdImageDestroy(im);
-+    gdTestAssertMsg(buffer[12] == 0, MSG, "1st", 0, buffer[12]);
-+    gdTestAssertMsg(buffer[13] == GD2_FMT_TRUECOLOR_COMPRESSED, MSG, "2nd", GD2_FMT_TRUECOLOR_COMPRESSED, buffer[13]);
-+
-+    return gdNumFailures();
-+}
diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm
index a84ff43d7..94ea8436a 100644
--- a/gnu/packages/php.scm
+++ b/gnu/packages/php.scm
@@ -50,21 +50,10 @@
   #:use-module (guix build-system gnu)
   #:use-module ((guix licenses) #:prefix license:))
 
-;; This fixes PHP bugs 73155 and 73159. Remove when gd
-;; is updated to > 2.2.3.
-(define gd-for-php
-  (package (inherit gd)
-           (source
-            (origin
-              (inherit (package-source gd))
-              (patches (search-patches
-                        "gd-fix-truecolor-format-correction.patch"
-                        "gd-fix-chunk-size-on-boundaries.patch"))))))
-
 (define-public php
   (package
     (name "php")
-    (version "7.0.14")
+    (version "7.1.1")
     (home-page "https://secure.php.net/")
     (source (origin
               (method url-fetch)
@@ -72,7 +61,7 @@
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "12ccgbrfchgvmcfb88rcknq7xmrf19c5ysdr4v8jxk51j9izy78g"))
+                "0w7ybwm2q34hin4qc4l8zymnfwzcy66n08a842x4w1j12h65nmmk"))
               (modules '((guix build utils)))
               (snippet
                '(with-directory-excursion "ext"
@@ -258,8 +247,10 @@
                          "ext/gd/tests/bug43073.phpt"
                          ;; imagettftext() returns wrong coordinates.
                          "ext/gd/tests/bug48732.phpt"
+                         "ext/gd/tests/bug48732-mb.phpt"
                          ;; Similarly for imageftbbox().
                          "ext/gd/tests/bug48801.phpt"
+                         "ext/gd/tests/bug48801-mb.phpt"
                          ;; Different expected output from imagecolorallocate().
                          "ext/gd/tests/bug53504.phpt"
                          ;; Wrong image size after scaling an image.
@@ -291,7 +282,7 @@
        ("curl" ,curl)
        ("cyrus-sasl" ,cyrus-sasl)
        ("freetype" ,freetype)
-       ("gd" ,gd-for-php)
+       ("gd" ,gd)
        ("gdbm" ,gdbm)
        ("glibc" ,glibc)
        ("gmp" ,gmp)
-- 
2.11.0


^ permalink raw reply related	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2017-01-27 23:04 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-19 21:19 [PATCH] Update gd and php Julien Lepiller
2017-01-20  5:53 ` Leo Famulari
2017-01-20 15:33   ` Leo Famulari
2017-01-20 16:12     ` julien lepiller
2017-01-20 17:30       ` Leo Famulari
2017-01-20 21:25         ` Ludovic Courtès
2017-01-21  1:22           ` Leo Famulari
2017-01-26 10:15             ` Ludovic Courtès
2017-01-27 19:43               ` Leo Famulari
2017-01-27 23:04                 ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).