From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57440) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fDFZj-0001By-Os for guix-patches@gnu.org; Mon, 30 Apr 2018 16:39:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fDFZg-0005gD-Ee for guix-patches@gnu.org; Mon, 30 Apr 2018 16:39:07 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:36422) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fDFZg-0005g7-AL for guix-patches@gnu.org; Mon, 30 Apr 2018 16:39:04 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fDFZg-0008O9-3P for guix-patches@gnu.org; Mon, 30 Apr 2018 16:39:04 -0400 Subject: [bug#31322] [PATCH 4/6] gnu: gegl: Update to 0.4. Resent-Message-ID: From: Leo Famulari Date: Mon, 30 Apr 2018 16:38:36 -0400 Message-Id: In-Reply-To: <0a0b7de7e941986f0d1d6ce65c6ea7aaaa8d5952.1525120717.git.leo@famulari.name> References: <0a0b7de7e941986f0d1d6ce65c6ea7aaaa8d5952.1525120717.git.leo@famulari.name> In-Reply-To: <0a0b7de7e941986f0d1d6ce65c6ea7aaaa8d5952.1525120717.git.leo@famulari.name> References: <0a0b7de7e941986f0d1d6ce65c6ea7aaaa8d5952.1525120717.git.leo@famulari.name> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 31322@debbugs.gnu.org * gnu/packages/gimp.scm (gegl): Update to 0.4. [inputs]: Move babl and glib to propagated-inputs. [propagated-inputs]: Add json-glib. [arguments]: Re-enable the tests and remove the obsolete 'pre-build' phase. [source]: Use HTTPS URL. * gnu/packages/patches/gegl-CVE-2012-4433.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/gimp.scm | 36 ++---- gnu/packages/patches/gegl-CVE-2012-4433.patch | 117 ------------------ 3 files changed, 9 insertions(+), 145 deletions(-) delete mode 100644 gnu/packages/patches/gegl-CVE-2012-4433.patch diff --git a/gnu/local.mk b/gnu/local.mk index ec11b2663..78358d983 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -696,7 +696,6 @@ dist_patch_DATA = \ %D%/packages/patches/gd-CVE-2018-5711.patch \ %D%/packages/patches/gd-fix-tests-on-i686.patch \ %D%/packages/patches/gd-freetype-test-failure.patch \ - %D%/packages/patches/gegl-CVE-2012-4433.patch \ %D%/packages/patches/gemma-intel-compat.patch \ %D%/packages/patches/geoclue-config.patch \ %D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \ diff --git a/gnu/packages/gimp.scm b/gnu/packages/gimp.scm index 9b63d56e0..8bd7bd845 100644 --- a/gnu/packages/gimp.scm +++ b/gnu/packages/gimp.scm @@ -77,43 +77,25 @@ provided, as well as a framework to add new color models and data types.") (define-public gegl (package (name "gegl") - (version "0.2.0") + (version "0.4.0") (source (origin (method url-fetch) - (uri (list (string-append "http://download.gimp.org/pub/gegl/" + (uri (list (string-append "https://download.gimp.org/pub/gegl/" (string-take version 3) "/" name "-" version ".tar.bz2"))) (sha256 (base32 - "09nlv06li9nrn74ifpm7223mxpg0s7cii702z72cpbwrjh6nlbnz")) - (patches (search-patches "gegl-CVE-2012-4433.patch")))) + "1ighk4z8nlqrzyj8w97s140hzj59564l3xv6fpzbr97m1zx2nkfh")))) (build-system gnu-build-system) (arguments - '(;; More than just the one test disabled below now fails; disable them - ;; all according to the rationale given below. - #:tests? #f - #:configure-flags '("LDFLAGS=-lm") - #:phases - (modify-phases %standard-phases - (add-before 'build 'pre-build - (lambda _ - ;; This test program seems to crash on exit. Specifically, whilst - ;; g_object_unreffing bufferA and bufferB - This seems to be a bug - ;; in the destructor. This is just a test program so will not have - ;; any wider effect, although might be hiding another problem. - ;; According to advice received on irc.gimp.org#gegl although 0.2.0 - ;; is the latest released version, any bug reports against it will - ;; be ignored. So we are on our own. - (substitute* "tools/img_cmp.c" - (("g_object_unref \\(buffer.\\);") "")) - - (substitute* "tests/compositions/Makefile" - (("/bin/sh") (which "sh"))) - #t))))) - (inputs + '(#:configure-flags '("LDFLAGS=-lm"))) + ;; These are propagated to satisfy 'gegl-0.4.pc'. + (propagated-inputs `(("babl" ,babl) ("glib" ,glib) - ("cairo" ,cairo) + ("json-glib" ,json-glib))) + (inputs + `(("cairo" ,cairo) ("pango" ,pango) ("libpng" ,libpng) ("libjpeg" ,libjpeg-8))) diff --git a/gnu/packages/patches/gegl-CVE-2012-4433.patch b/gnu/packages/patches/gegl-CVE-2012-4433.patch deleted file mode 100644 index 7352b78db..000000000 --- a/gnu/packages/patches/gegl-CVE-2012-4433.patch +++ /dev/null @@ -1,117 +0,0 @@ -From: Michael Gilbert -Date: Mon, 9 Sep 2013 17:34:32 +0200 -Subject: Fix_CVE-2012-4433 - -Multiple buffer overflow issues. - -Closes: #692435 ---- - operations/external/ppm-load.c | 62 ++++++++++++++++++++++++++++++++++++------ - 1 file changed, 53 insertions(+), 9 deletions(-) - -diff --git a/operations/external/ppm-load.c b/operations/external/ppm-load.c -index efe6d56..465096d 100644 ---- a/operations/external/ppm-load.c -+++ b/operations/external/ppm-load.c -@@ -36,6 +36,7 @@ gegl_chant_file_path (path, _("File"), "", _("Path of file to load.")) - #include "gegl-chant.h" - #include - #include -+#include - - typedef enum { - PIXMAP_ASCII = 51, -@@ -44,8 +45,8 @@ typedef enum { - - typedef struct { - map_type type; -- gint width; -- gint height; -+ glong width; -+ glong height; - gsize numsamples; /* width * height * channels */ - gsize bpc; /* bytes per channel */ - guchar *data; -@@ -82,12 +83,33 @@ ppm_load_read_header(FILE *fp, - } - - /* Get Width and Height */ -- img->width = strtol (header,&ptr,0); -- img->height = atoi (ptr); -- img->numsamples = img->width * img->height * CHANNEL_COUNT; -+ errno = 0; -+ img->width = strtol (header,&ptr,10); -+ if (errno) -+ { -+ g_warning ("Error reading width: %s", strerror(errno)); -+ return FALSE; -+ } -+ else if (img->width < 0) -+ { -+ g_warning ("Error: width is negative"); -+ return FALSE; -+ } -+ -+ img->height = strtol (ptr,&ptr,10); -+ if (errno) -+ { -+ g_warning ("Error reading height: %s", strerror(errno)); -+ return FALSE; -+ } -+ else if (img->width < 0) -+ { -+ g_warning ("Error: height is negative"); -+ return FALSE; -+ } - - fgets (header,MAX_CHARS_IN_ROW,fp); -- maxval = strtol (header,&ptr,0); -+ maxval = strtol (header,&ptr,10); - - if ((maxval != 255) && (maxval != 65535)) - { -@@ -109,6 +131,16 @@ ppm_load_read_header(FILE *fp, - g_warning ("%s: Programmer stupidity error", G_STRLOC); - } - -+ /* Later on, img->numsamples is multiplied with img->bpc to allocate -+ * memory. Ensure it doesn't overflow. */ -+ if (!img->width || !img->height || -+ G_MAXSIZE / img->width / img->height / CHANNEL_COUNT < img->bpc) -+ { -+ g_warning ("Illegal width/height: %ld/%ld", img->width, img->height); -+ return FALSE; -+ } -+ img->numsamples = img->width * img->height * CHANNEL_COUNT; -+ - return TRUE; - } - -@@ -229,12 +261,24 @@ process (GeglOperation *operation, - if (!ppm_load_read_header (fp, &img)) - goto out; - -- rect.height = img.height; -- rect.width = img.width; -- - /* Allocating Array Size */ -+ -+ /* Should use g_try_malloc(), but this causes crashes elsewhere because the -+ * error signalled by returning FALSE isn't properly acted upon. Therefore -+ * g_malloc() is used here which aborts if the requested memory size can't be -+ * allocated causing a controlled crash. */ - img.data = (guchar*) g_malloc (img.numsamples * img.bpc); - -+ /* No-op without g_try_malloc(), see above. */ -+ if (! img.data) -+ { -+ g_warning ("Couldn't allocate %" G_GSIZE_FORMAT " bytes, giving up.", ((gsize)img.numsamples * img.bpc)); -+ goto out; -+ } -+ -+ rect.height = img.height; -+ rect.width = img.width; -+ - switch (img.bpc) - { - case 1: -- 2.17.0