diff options
Diffstat (limited to 'abs/core-testing/sdl_image')
-rw-r--r-- | abs/core-testing/sdl_image/PKGBUILD | 27 | ||||
-rw-r--r-- | abs/core-testing/sdl_image/SDL_image-IMG_lbm.patch | 28 | ||||
-rw-r--r-- | abs/core-testing/sdl_image/SDL_image-buffer-overflow.patch | 13 |
3 files changed, 68 insertions, 0 deletions
diff --git a/abs/core-testing/sdl_image/PKGBUILD b/abs/core-testing/sdl_image/PKGBUILD new file mode 100644 index 0000000..c9d29f2 --- /dev/null +++ b/abs/core-testing/sdl_image/PKGBUILD @@ -0,0 +1,27 @@ +# $Id: PKGBUILD 356 2008-04-18 22:56:27Z aaron $ +# Maintainer: Jan de Groot <jgc@archlinux.org> +# Contributor: Tom Newsom <Jeepster@gmx.co.uk> +pkgname=sdl_image +pkgver=1.2.6 +pkgrel=2 +pkgdesc="A simple library to load images of various formats as SDL surfaces" +arch=(i686 x86_64) +license=('LGPL') +depends=('sdl>=1.2.13' 'libpng' 'libjpeg' 'libtiff' 'zlib') +options=('!libtool') +url="http://www.libsdl.org/projects/SDL_image/" +source=(http://www.libsdl.org/projects/SDL_image/release/SDL_image-${pkgver}.tar.gz + SDL_image-IMG_lbm.patch + SDL_image-buffer-overflow.patch) +md5sums=('b866dc4f647517bdaf57f6ffdefd013e' + '81424f716513845f27e1b69459343327' + 'e774a12d1a07b788233f6c15aca05780') + +build() { + cd ${startdir}/src/SDL_image-${pkgver} + patch -Np2 -i ${startdir}/src/SDL_image-IMG_lbm.patch || return 1 + patch -Np2 -i ${startdir}/src/SDL_image-buffer-overflow.patch || return 1 + ./configure --prefix=/usr + make || return 1 + make DESTDIR=${startdir}/pkg install +} diff --git a/abs/core-testing/sdl_image/SDL_image-IMG_lbm.patch b/abs/core-testing/sdl_image/SDL_image-IMG_lbm.patch new file mode 100644 index 0000000..cc4a29b --- /dev/null +++ b/abs/core-testing/sdl_image/SDL_image-IMG_lbm.patch @@ -0,0 +1,28 @@ +--- trunk/SDL_image/IMG_lbm.c 2007/07/20 04:37:11 3341 ++++ trunk/SDL_image/IMG_lbm.c 2008/01/03 20:05:34 3521 +@@ -28,6 +28,7 @@ + EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain + (http://www.multimania.com/mavati) in December 2003. + Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004. ++ Buffer overflow fix in RLE decompression by David Raulo in January 2008. + */ + + #include <stdio.h> +@@ -328,7 +329,7 @@ + count ^= 0xFF; + count += 2; /* now it */ + +- if ( !SDL_RWread( src, &color, 1, 1 ) ) ++ if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) ) + { + error="error reading BODY chunk"; + goto done; +@@ -339,7 +340,7 @@ + { + ++count; + +- if ( !SDL_RWread( src, ptr, count, 1 ) ) ++ if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) ) + { + error="error reading BODY chunk"; + goto done; diff --git a/abs/core-testing/sdl_image/SDL_image-buffer-overflow.patch b/abs/core-testing/sdl_image/SDL_image-buffer-overflow.patch new file mode 100644 index 0000000..0be82dc --- /dev/null +++ b/abs/core-testing/sdl_image/SDL_image-buffer-overflow.patch @@ -0,0 +1,13 @@ +--- trunk/SDL_image/IMG_gif.c 2007/12/28 08:17:23 3461 ++++ trunk/SDL_image/IMG_gif.c 2007/12/28 16:43:56 3462 +@@ -418,6 +418,10 @@ + static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp; + register int i; + ++ /* Fixed buffer overflow found by Michael Skladnikiewicz */ ++ if (input_code_size > MAX_LWZ_BITS) ++ return -1; ++ + if (flag) { + set_code_size = input_code_size; + code_size = set_code_size + 1; |