From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: media-libs/giflib/files/, media-libs/giflib/
Date: Thu, 30 May 2024 03:54:18 +0000 (UTC) [thread overview]
Message-ID: <1717041233.033629cddfc22d7bcead70daa7b6eaa76f0bc623.sam@gentoo> (raw)
commit: 033629cddfc22d7bcead70daa7b6eaa76f0bc623
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Thu May 30 03:50:58 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu May 30 03:53:53 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=033629cd
media-libs/giflib: add 5.2.2
The release notes mention CVE-2023-48161 and CVE-2022-28506 by CVE but
there's a bunch of other security fixes in the list of fixes.
The documentation in this release also adds:
"""
+<refsect1><title>Bugs</title>
+
+<para>Feeding this utility a GIF with an invalid colormap, or other
+kinds of malformations, index will produce invalid output and may
+core-dump the tool. Don't do that.</para>
+
+</refsect1>
"""
Anyway, on the ebuild side:
* Replace Makefile patch for doc building conditionally with a sed
* Make tests more verbose (needed it when debugging bug #848807)
* Cleanup reallocarray hack (bug #677956)
* Add LFS support (bug #915316)
Bug: https://bugs.gentoo.org/677956
Bug: https://bugs.gentoo.org/785664
Bug: https://bugs.gentoo.org/851945
Bug: https://bugs.gentoo.org/918539
Closes: https://bugs.gentoo.org/848807
Closes: https://bugs.gentoo.org/915316
Signed-off-by: Sam James <sam <AT> gentoo.org>
media-libs/giflib/Manifest | 1 +
media-libs/giflib/files/giflib-5.2.2-fortify.patch | 27 ++++++++
.../giflib/files/giflib-5.2.2-verbose-tests.patch | 74 +++++++++++++++++++++
media-libs/giflib/giflib-5.2.2.ebuild | 76 ++++++++++++++++++++++
4 files changed, 178 insertions(+)
diff --git a/media-libs/giflib/Manifest b/media-libs/giflib/Manifest
index 9f17d63b72cf..f68f61543f81 100644
--- a/media-libs/giflib/Manifest
+++ b/media-libs/giflib/Manifest
@@ -1 +1,2 @@
DIST giflib-5.2.1.tar.gz 444187 BLAKE2B 8c1e105bbb65dc7ab103976caed70834356440f381ec5118311882fb1c558bb65f6c1081e5767f9835087860de44df5dfcd2826f89744dded548d535736f27f0 SHA512 4550e53c21cb1191a4581e363fc9d0610da53f7898ca8320f0d3ef6711e76bdda2609c2df15dc94c45e28bff8de441f1227ec2da7ea827cb3c0405af4faa4736
+DIST giflib-5.2.2.tar.gz 447175 BLAKE2B 5729628044f1bd9227856c76f67b673760c7c93860d9131ab0f67d900b8090fa24693ce16555ff65cfd839c6c960630d49a19ee26e03bdc9d2b4626f9efac393 SHA512 0865ab2b1904fa14640c655fdb14bb54244ad18a66e358565c00287875d00912343f9be8bfac7658cc0146200d626f7ec9160d7a339f20ba3be6b9941d73975f
diff --git a/media-libs/giflib/files/giflib-5.2.2-fortify.patch b/media-libs/giflib/files/giflib-5.2.2-fortify.patch
new file mode 100644
index 000000000000..24fc50059aed
--- /dev/null
+++ b/media-libs/giflib/files/giflib-5.2.2-fortify.patch
@@ -0,0 +1,27 @@
+https://bugs.gentoo.org/848807
+
+Fix incorrect length args to snprintf.
+
+Upstream bug: https://sourceforge.net/p/giflib/bugs/170/
+
+--- a/giftext.c
++++ b/giftext.c
+@@ -442,7 +442,7 @@
+ for (i = 1; i <= Len; i++) {
+ (void)snprintf(&HexForm[CrntPlace * 3], 3, " %02x",
+ Extension[i]);
+- (void)snprintf(&AsciiForm[CrntPlace], 3, "%c",
++ (void)snprintf(&AsciiForm[CrntPlace], 2, "%c",
+ MAKE_PRINTABLE(Extension[i]));
+ if (++CrntPlace == 16) {
+ HexForm[CrntPlace * 3] = 0;
+@@ -488,7 +488,7 @@
+ for (i = 0; i < Len; i++) {
+ (void)snprintf(&HexForm[CrntPlace * 3], 3, " %02x",
+ PixelBlock[i]);
+- (void)snprintf(&AsciiForm[CrntPlace], 3, "%c",
++ (void)snprintf(&AsciiForm[CrntPlace], 2, "%c",
+ MAKE_PRINTABLE(PixelBlock[i]));
+ if (++CrntPlace == 16) {
+ HexForm[CrntPlace * 3] = 0;
+
diff --git a/media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch b/media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch
new file mode 100644
index 000000000000..bc114e212f52
--- /dev/null
+++ b/media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch
@@ -0,0 +1,74 @@
+--- a/tests/makefile
++++ b/tests/makefile
+@@ -32,7 +32,7 @@ GIFS := $(shell ls ../pic/*.gif)
+ # Test decompression and rendering by unpacking images,
+ # converting them to RGB, and comparing that result to a check file.
+ render-regress:
+- @for test in $(GIFS); \
++ for test in $(GIFS); \
+ do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ if echo "Testing RGB rendering of $${test}" >&2; \
+@@ -42,7 +42,7 @@ render-regress:
+ done
+ @rm -f $@.*.regress
+ render-rebuild:
+- @for test in $(GIFS); do \
++ for test in $(GIFS); do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ echo "Remaking $${stem}.rgb"; \
+ $(UTILS)/gif2rgb -1 -o $${stem}.rgb $${test}; \
+@@ -68,7 +68,7 @@ gifbuild-regress:
+ @rm -f $@.fire1.ico $@.fire2.ico $@.fire2.gif
+
+ gifclrmp-regress:
+- @for test in $(GIFS); \
++ for test in $(GIFS); \
+ do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ if echo "gifclrmap: Checking colormap of $${test}" >&2; \
+@@ -78,7 +78,7 @@ gifclrmp-regress:
+ done
+ @rm -f $@.*.regress
+ gifclrmp-rebuild:
+- @for test in $(GIFS); do \
++ for test in $(GIFS); do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ echo "Remaking $${stem}.map"; \
+ $(UTILS)/gifclrmp <$${test} >$${stem}.map; \
+@@ -92,7 +92,7 @@ gifecho-regress:
+ @$(UTILS)/gifecho -t "foobar" | $(UTILS)/gifbuild -d | diff -u foobar.ico -
+
+ giffilter-regress:
+- @for test in $(GIFS); \
++ for test in $(GIFS); \
+ do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ if echo "giffiltr: Testing copy of $${test}" >&2; \
+@@ -120,7 +120,7 @@ gifinto-regress:
+ @rm -f $@.giflib.tmp
+
+ gifsponge-regress:
+- @for test in $(GIFS); \
++ for test in $(GIFS); \
+ do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ if echo "gifsponge: Testing copy of $${test}" >&2; \
+@@ -131,7 +131,7 @@ gifsponge-regress:
+ @rm -f $@.*.regress
+
+ giftext-regress:
+- @for test in $(GIFS); \
++ for test in $(GIFS); \
+ do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ if echo "giftext: Checking text dump of $${test}" >&2; \
+@@ -141,7 +141,7 @@ giftext-regress:
+ done
+ @rm -f $@.*.regress
+ giftext-rebuild:
+- @for test in $(GIFS); do \
++ for test in $(GIFS); do \
+ stem=`basename $${test} | sed -e "s/.gif$$//"`; \
+ echo "Remaking $${stem}.dmp"; \
+ $(UTILS)/giftext <$${test} >$${stem}.dmp; \
diff --git a/media-libs/giflib/giflib-5.2.2.ebuild b/media-libs/giflib/giflib-5.2.2.ebuild
new file mode 100644
index 000000000000..fe22c921f716
--- /dev/null
+++ b/media-libs/giflib/giflib-5.2.2.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit flag-o-matic multilib-minimal toolchain-funcs
+
+DESCRIPTION="Library to handle, display and manipulate GIF images"
+HOMEPAGE="https://sourceforge.net/projects/giflib/"
+SRC_URI="https://downloads.sourceforge.net/giflib/${P}.tar.gz"
+
+LICENSE="MIT"
+SLOT="0/7"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~x64-solaris"
+IUSE="doc static-libs"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-5.2.1-fix-missing-quantize-API-symbols.patch
+ "${FILESDIR}"/${PN}-5.2.2-fortify.patch
+ "${FILESDIR}"/${PN}-5.2.2-verbose-tests.patch
+)
+
+src_prepare() {
+ default
+
+ # We don't want docs to be built unconditionally
+ sed -i -e '/$(MAKE) -C doc/d' Makefile || die
+
+ multilib_copy_sources
+}
+
+multilib_src_compile() {
+ append-lfs-flags
+
+ emake \
+ AR="$(tc-getAR)" \
+ CC="$(tc-getCC)" \
+ CFLAGS="${CFLAGS} -std=gnu99 -fPIC" \
+ LDFLAGS="${LDFLAGS}" \
+ OFLAGS="" \
+ all
+
+ if use doc && multilib_is_native_abi; then
+ emake -C doc
+ fi
+}
+
+multilib_src_test() {
+ emake -j1 check
+}
+
+multilib_src_install() {
+ emake \
+ DESTDIR="${D}" \
+ PREFIX="${EPREFIX}/usr" \
+ LIBDIR="${EPREFIX}/usr/$(get_libdir)" \
+ install
+
+ if ! use static-libs ; then
+ find "${ED}" -name "*.a" -delete || die
+ fi
+
+ if use doc && multilib_is_native_abi; then
+ docinto html
+ dodoc doc/*.html
+ fi
+}
+
+multilib_src_install_all() {
+ local DOCS=( ChangeLog NEWS README TODO )
+ einstalldocs
+ if use doc ; then
+ docinto html
+ dodoc -r doc/{gifstandard,whatsinagif}
+ fi
+}
next reply other threads:[~2024-05-30 3:54 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-30 3:54 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2019-12-23 23:20 [gentoo-commits] repo/gentoo:master commit in: media-libs/giflib/files/, media-libs/giflib/ David Seifert
2019-03-29 17:11 Lars Wendler
2019-03-18 7:32 Lars Wendler
2019-03-17 20:07 Lars Wendler
2019-03-17 20:07 Lars Wendler
2018-03-23 23:26 Sebastian Pipping
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1717041233.033629cddfc22d7bcead70daa7b6eaa76f0bc623.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox