[Midnightbsd-cvs] mports: x11-fonts/libXfont: Security patch.

ctriv at midnightbsd.org ctriv at midnightbsd.org
Fri Mar 28 04:06:23 EDT 2008 

Log Message:
-----------
Security patch.

Modified Files:
--------------
    mports/x11-fonts/libXfont:
        Makefile (r1.1 -> r1.2)

Added Files:
-----------
    mports/x11-fonts/libXfont/files:
        patch-pcf-parser.diff (r1.1)

-------------- next part --------------
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/x11-fonts/libXfont/Makefile,v
retrieving revision 1.1
retrieving revision 1.2
diff -L x11-fonts/libXfont/Makefile -L x11-fonts/libXfont/Makefile -u -r1.1 -r1.2
--- x11-fonts/libXfont/Makefile
+++ x11-fonts/libXfont/Makefile
@@ -8,6 +8,7 @@
 
 PORTNAME=	libXfont
 PORTVERSION=	1.3.1
+PORTREVISION=	1
 CATEGORIES=	x11-fonts
 
 MAINTAINER=	ports at MidnightBSD.org
--- /dev/null
+++ x11-fonts/libXfont/files/patch-pcf-parser.diff
@@ -0,0 +1,24 @@
+diff --git src/bitmap/pcfread.c b/src/bitmap/pcfread.c
+index fd41849..c5db255 100644
+--- src/bitmap/pcfread.c
++++ src/bitmap/pcfread.c
+@@ -588,6 +588,9 @@ pcfReadFont(FontPtr pFont, FontFilePtr file,
+     pFont->info.lastRow = pcfGetINT16(file, format);
+     pFont->info.defaultCh = pcfGetINT16(file, format);
+     if (IS_EOF(file)) goto Bail;
++    if (pFont->info.firstCol > pFont->info.lastCol ||
++       pFont->info.firstRow > pFont->info.lastRow ||
++       pFont->info.lastCol-pFont->info.firstCol > 255) goto Bail;
+ 
+     nencoding = (pFont->info.lastCol - pFont->info.firstCol + 1) *
+ 	(pFont->info.lastRow - pFont->info.firstRow + 1);
+@@ -726,6 +729,9 @@ pcfReadFontInfo(FontInfoPtr pFontInfo, FontFilePtr file)
+     pFontInfo->lastRow = pcfGetINT16(file, format);
+     pFontInfo->defaultCh = pcfGetINT16(file, format);
+     if (IS_EOF(file)) goto Bail;
++    if (pFontInfo->firstCol > pFontInfo->lastCol ||
++       pFontInfo->firstRow > pFontInfo->lastRow ||
++       pFontInfo->lastCol-pFontInfo->firstCol > 255) goto Bail;
+ 
+     nencoding = (pFontInfo->lastCol - pFontInfo->firstCol + 1) *
+ 	(pFontInfo->lastRow - pFontInfo->firstRow + 1);

More information about the Midnightbsd-cvs mailing list