summaryrefslogtreecommitdiffstats
path: root/abs/extra-testing/sdl_image
diff options
context:
space:
mode:
Diffstat (limited to 'abs/extra-testing/sdl_image')
-rw-r--r--abs/extra-testing/sdl_image/PKGBUILD27
-rw-r--r--abs/extra-testing/sdl_image/SDL_image-IMG_lbm.patch28
-rw-r--r--abs/extra-testing/sdl_image/SDL_image-buffer-overflow.patch13
3 files changed, 68 insertions, 0 deletions
diff --git a/abs/extra-testing/sdl_image/PKGBUILD b/abs/extra-testing/sdl_image/PKGBUILD
new file mode 100644
index 0000000..c9d29f2
--- /dev/null
+++ b/abs/extra-testing/sdl_image/PKGBUILD
@@ -0,0 +1,27 @@
+# $Id: PKGBUILD 356 2008-04-18 22:56:27Z aaron $
+# Maintainer: Jan de Groot <jgc@archlinux.org>
+# Contributor: Tom Newsom <Jeepster@gmx.co.uk>
+pkgname=sdl_image
+pkgver=1.2.6
+pkgrel=2
+pkgdesc="A simple library to load images of various formats as SDL surfaces"
+arch=(i686 x86_64)
+license=('LGPL')
+depends=('sdl>=1.2.13' 'libpng' 'libjpeg' 'libtiff' 'zlib')
+options=('!libtool')
+url="http://www.libsdl.org/projects/SDL_image/"
+source=(http://www.libsdl.org/projects/SDL_image/release/SDL_image-${pkgver}.tar.gz
+ SDL_image-IMG_lbm.patch
+ SDL_image-buffer-overflow.patch)
+md5sums=('b866dc4f647517bdaf57f6ffdefd013e'
+ '81424f716513845f27e1b69459343327'
+ 'e774a12d1a07b788233f6c15aca05780')
+
+build() {
+ cd ${startdir}/src/SDL_image-${pkgver}
+ patch -Np2 -i ${startdir}/src/SDL_image-IMG_lbm.patch || return 1
+ patch -Np2 -i ${startdir}/src/SDL_image-buffer-overflow.patch || return 1
+ ./configure --prefix=/usr
+ make || return 1
+ make DESTDIR=${startdir}/pkg install
+}
diff --git a/abs/extra-testing/sdl_image/SDL_image-IMG_lbm.patch b/abs/extra-testing/sdl_image/SDL_image-IMG_lbm.patch
new file mode 100644
index 0000000..cc4a29b
--- /dev/null
+++ b/abs/extra-testing/sdl_image/SDL_image-IMG_lbm.patch
@@ -0,0 +1,28 @@
+--- trunk/SDL_image/IMG_lbm.c 2007/07/20 04:37:11 3341
++++ trunk/SDL_image/IMG_lbm.c 2008/01/03 20:05:34 3521
+@@ -28,6 +28,7 @@
+ EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain
+ (http://www.multimania.com/mavati) in December 2003.
+ Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004.
++ Buffer overflow fix in RLE decompression by David Raulo in January 2008.
+ */
+
+ #include <stdio.h>
+@@ -328,7 +329,7 @@
+ count ^= 0xFF;
+ count += 2; /* now it */
+
+- if ( !SDL_RWread( src, &color, 1, 1 ) )
++ if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) )
+ {
+ error="error reading BODY chunk";
+ goto done;
+@@ -339,7 +340,7 @@
+ {
+ ++count;
+
+- if ( !SDL_RWread( src, ptr, count, 1 ) )
++ if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) )
+ {
+ error="error reading BODY chunk";
+ goto done;
diff --git a/abs/extra-testing/sdl_image/SDL_image-buffer-overflow.patch b/abs/extra-testing/sdl_image/SDL_image-buffer-overflow.patch
new file mode 100644
index 0000000..0be82dc
--- /dev/null
+++ b/abs/extra-testing/sdl_image/SDL_image-buffer-overflow.patch
@@ -0,0 +1,13 @@
+--- trunk/SDL_image/IMG_gif.c 2007/12/28 08:17:23 3461
++++ trunk/SDL_image/IMG_gif.c 2007/12/28 16:43:56 3462
+@@ -418,6 +418,10 @@
+ static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
+ register int i;
+
++ /* Fixed buffer overflow found by Michael Skladnikiewicz */
++ if (input_code_size > MAX_LWZ_BITS)
++ return -1;
++
+ if (flag) {
+ set_code_size = input_code_size;
+ code_size = set_code_size + 1;