From e6decbe98ab7a98ea1c8c59c8e371d1701c9f05b Mon Sep 17 00:00:00 2001 From: Nishant Limbachia Date: Fri, 11 Aug 2017 08:23:36 +0100 Subject: graphics/ufraw: Patched. Signed-off-by: David Spencer --- .../patches/05_fix_build_due_to_unsigned_char.patch | 14 ++++++++++++++ graphics/ufraw/patches/CVE-2015-8366.patch | 17 +++++++++++++++++ graphics/ufraw/patches/gcc7.patch | 15 +++++++++++++++ graphics/ufraw/patches/no-gimp-remote.patch | 12 ++++++++++++ graphics/ufraw/ufraw.SlackBuild | 15 +++++++++++---- 5 files changed, 69 insertions(+), 4 deletions(-) create mode 100644 graphics/ufraw/patches/05_fix_build_due_to_unsigned_char.patch create mode 100644 graphics/ufraw/patches/CVE-2015-8366.patch create mode 100644 graphics/ufraw/patches/gcc7.patch create mode 100644 graphics/ufraw/patches/no-gimp-remote.patch (limited to 'graphics') diff --git a/graphics/ufraw/patches/05_fix_build_due_to_unsigned_char.patch b/graphics/ufraw/patches/05_fix_build_due_to_unsigned_char.patch new file mode 100644 index 0000000000..9b634b69a2 --- /dev/null +++ b/graphics/ufraw/patches/05_fix_build_due_to_unsigned_char.patch @@ -0,0 +1,14 @@ +Author: Philip Rinn +Description: Fix build with C++11 as char is unsigned on some architectures +Last-update: 2015-11-04 +--- a/dcraw.cc ++++ b/dcraw.cc +@@ -2054,7 +2054,7 @@ + + void CLASS kodak_radc_load_raw() + { +- static const char src[] = { ++ static const signed char src[] = { + 1,1, 2,3, 3,4, 4,2, 5,7, 6,5, 7,6, 7,8, + 1,0, 2,1, 3,3, 4,4, 5,2, 6,7, 7,6, 8,5, 8,8, + 2,1, 2,3, 3,0, 3,2, 3,4, 4,6, 5,5, 6,7, 6,8, diff --git a/graphics/ufraw/patches/CVE-2015-8366.patch b/graphics/ufraw/patches/CVE-2015-8366.patch new file mode 100644 index 0000000000..9d59ca413f --- /dev/null +++ b/graphics/ufraw/patches/CVE-2015-8366.patch @@ -0,0 +1,17 @@ +Fix a buffer overflow bug. See +https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2 + +--- a/dcraw.cc ++++ b/dcraw.cc +@@ -3013,7 +3013,10 @@ + diff = diff ? -diff : 0x80; + if (ftell(ifp) + 12 >= (int) seg[1][1]) + diff = 0; +- raw_image[pix] = pred[pix & 1] += diff; ++ if(pix>=raw_width*raw_height) ++ derror(); ++ else ++ raw_image[pix] = pred[pix & 1] += diff; + if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2; + } + maximum = 0xff; diff --git a/graphics/ufraw/patches/gcc7.patch b/graphics/ufraw/patches/gcc7.patch new file mode 100644 index 0000000000..2a77b06e62 --- /dev/null +++ b/graphics/ufraw/patches/gcc7.patch @@ -0,0 +1,15 @@ +diff --git a/dcraw.cc b/dcraw.cc +index 88c8068..d78c66b 100644 +--- a/dcraw.cc ++++ b/dcraw.cc +@@ -8766,8 +8766,8 @@ void CLASS identify() + "Nikon", "Nokia", "Olympus", "Pentax", "Phase One", "Ricoh", + "Samsung", "Sigma", "Sinar", "Sony" }; + char head[32], *cp; +- unsigned fsize, i, c; +- int hlen, flen, zero_fsize=1; ++ unsigned fsize; ++ int hlen, flen, zero_fsize=1, i, c; + struct jhead jh; + + tiff_flip = flip = filters = UINT_MAX; /* unknown */ \ No newline at end of file diff --git a/graphics/ufraw/patches/no-gimp-remote.patch b/graphics/ufraw/patches/no-gimp-remote.patch new file mode 100644 index 0000000000..ca4f4beb62 --- /dev/null +++ b/graphics/ufraw/patches/no-gimp-remote.patch @@ -0,0 +1,12 @@ +Don't use gimp-remote since gimp 2.4 already includes gimp-remote functionality +--- a/ufraw_conf.c ++++ b/ufraw_conf.c +@@ -137,7 +137,7 @@ + #elif HAVE_GIMP_2_4 + "gimp", /* remoteGimpCommand */ + #else +- "gimp-remote", /* remoteGimpCommand */ ++ "gimp", /* remoteGimpCommand */ + #endif + + /* EXIF data */ diff --git a/graphics/ufraw/ufraw.SlackBuild b/graphics/ufraw/ufraw.SlackBuild index 6a77d6f771..35408d8af8 100644 --- a/graphics/ufraw/ufraw.SlackBuild +++ b/graphics/ufraw/ufraw.SlackBuild @@ -27,12 +27,12 @@ PRGNAM="ufraw" VERSION=${VERSION:-0.22} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) ARCH=i486 ;; + i?86) ARCH=i586 ;; arm*) ARCH=arm ;; *) ARCH=$( uname -m ) ;; esac @@ -49,8 +49,8 @@ else gtk_option="--without-gtk" fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" @@ -77,6 +77,13 @@ find -L . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +# patched from: https://sourceforge.net/p/ufraw/bugs/417/ +patch -p1 < $CWD/patches/05_fix_build_due_to_unsigned_char.patch +# Patches below courtesy of Arch Linux +patch -p1 < $CWD/patches/gcc7.patch +patch -p1 < $CWD/patches/CVE-2015-8366.patch +patch -p1 < $CWD/patches/no-gimp-remote.patch + CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ -- cgit v1.2.3