From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 2D10E1581D3 for ; Thu, 30 May 2024 03:54:22 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2A43CE29EE; Thu, 30 May 2024 03:54:21 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 09568E29EE for ; Thu, 30 May 2024 03:54:21 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E8AC2343067 for ; Thu, 30 May 2024 03:54:19 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 20F811BF2 for ; Thu, 30 May 2024 03:54:18 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1717041233.033629cddfc22d7bcead70daa7b6eaa76f0bc623.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: media-libs/giflib/files/, media-libs/giflib/ X-VCS-Repository: repo/gentoo X-VCS-Files: media-libs/giflib/Manifest media-libs/giflib/files/giflib-5.2.2-fortify.patch media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch media-libs/giflib/giflib-5.2.2.ebuild X-VCS-Directories: media-libs/giflib/files/ media-libs/giflib/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 033629cddfc22d7bcead70daa7b6eaa76f0bc623 X-VCS-Branch: master Date: Thu, 30 May 2024 03:54:18 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: c35bc84d-d708-4ba1-8ecb-860d672fe341 X-Archives-Hash: b55664cda868f9a54ff1a2582f8bac81 commit: 033629cddfc22d7bcead70daa7b6eaa76f0bc623 Author: Sam James gentoo org> AuthorDate: Thu May 30 03:50:58 2024 +0000 Commit: Sam James gentoo org> CommitDate: Thu May 30 03:53:53 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=033629cd media-libs/giflib: add 5.2.2 The release notes mention CVE-2023-48161 and CVE-2022-28506 by CVE but there's a bunch of other security fixes in the list of fixes. The documentation in this release also adds: """ +Bugs + +Feeding this utility a GIF with an invalid colormap, or other +kinds of malformations, index will produce invalid output and may +core-dump the tool. Don't do that. + + """ Anyway, on the ebuild side: * Replace Makefile patch for doc building conditionally with a sed * Make tests more verbose (needed it when debugging bug #848807) * Cleanup reallocarray hack (bug #677956) * Add LFS support (bug #915316) Bug: https://bugs.gentoo.org/677956 Bug: https://bugs.gentoo.org/785664 Bug: https://bugs.gentoo.org/851945 Bug: https://bugs.gentoo.org/918539 Closes: https://bugs.gentoo.org/848807 Closes: https://bugs.gentoo.org/915316 Signed-off-by: Sam James gentoo.org> media-libs/giflib/Manifest | 1 + media-libs/giflib/files/giflib-5.2.2-fortify.patch | 27 ++++++++ .../giflib/files/giflib-5.2.2-verbose-tests.patch | 74 +++++++++++++++++++++ media-libs/giflib/giflib-5.2.2.ebuild | 76 ++++++++++++++++++++++ 4 files changed, 178 insertions(+) diff --git a/media-libs/giflib/Manifest b/media-libs/giflib/Manifest index 9f17d63b72cf..f68f61543f81 100644 --- a/media-libs/giflib/Manifest +++ b/media-libs/giflib/Manifest @@ -1 +1,2 @@ DIST giflib-5.2.1.tar.gz 444187 BLAKE2B 8c1e105bbb65dc7ab103976caed70834356440f381ec5118311882fb1c558bb65f6c1081e5767f9835087860de44df5dfcd2826f89744dded548d535736f27f0 SHA512 4550e53c21cb1191a4581e363fc9d0610da53f7898ca8320f0d3ef6711e76bdda2609c2df15dc94c45e28bff8de441f1227ec2da7ea827cb3c0405af4faa4736 +DIST giflib-5.2.2.tar.gz 447175 BLAKE2B 5729628044f1bd9227856c76f67b673760c7c93860d9131ab0f67d900b8090fa24693ce16555ff65cfd839c6c960630d49a19ee26e03bdc9d2b4626f9efac393 SHA512 0865ab2b1904fa14640c655fdb14bb54244ad18a66e358565c00287875d00912343f9be8bfac7658cc0146200d626f7ec9160d7a339f20ba3be6b9941d73975f diff --git a/media-libs/giflib/files/giflib-5.2.2-fortify.patch b/media-libs/giflib/files/giflib-5.2.2-fortify.patch new file mode 100644 index 000000000000..24fc50059aed --- /dev/null +++ b/media-libs/giflib/files/giflib-5.2.2-fortify.patch @@ -0,0 +1,27 @@ +https://bugs.gentoo.org/848807 + +Fix incorrect length args to snprintf. + +Upstream bug: https://sourceforge.net/p/giflib/bugs/170/ + +--- a/giftext.c ++++ b/giftext.c +@@ -442,7 +442,7 @@ + for (i = 1; i <= Len; i++) { + (void)snprintf(&HexForm[CrntPlace * 3], 3, " %02x", + Extension[i]); +- (void)snprintf(&AsciiForm[CrntPlace], 3, "%c", ++ (void)snprintf(&AsciiForm[CrntPlace], 2, "%c", + MAKE_PRINTABLE(Extension[i])); + if (++CrntPlace == 16) { + HexForm[CrntPlace * 3] = 0; +@@ -488,7 +488,7 @@ + for (i = 0; i < Len; i++) { + (void)snprintf(&HexForm[CrntPlace * 3], 3, " %02x", + PixelBlock[i]); +- (void)snprintf(&AsciiForm[CrntPlace], 3, "%c", ++ (void)snprintf(&AsciiForm[CrntPlace], 2, "%c", + MAKE_PRINTABLE(PixelBlock[i])); + if (++CrntPlace == 16) { + HexForm[CrntPlace * 3] = 0; + diff --git a/media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch b/media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch new file mode 100644 index 000000000000..bc114e212f52 --- /dev/null +++ b/media-libs/giflib/files/giflib-5.2.2-verbose-tests.patch @@ -0,0 +1,74 @@ +--- a/tests/makefile ++++ b/tests/makefile +@@ -32,7 +32,7 @@ GIFS := $(shell ls ../pic/*.gif) + # Test decompression and rendering by unpacking images, + # converting them to RGB, and comparing that result to a check file. + render-regress: +- @for test in $(GIFS); \ ++ for test in $(GIFS); \ + do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + if echo "Testing RGB rendering of $${test}" >&2; \ +@@ -42,7 +42,7 @@ render-regress: + done + @rm -f $@.*.regress + render-rebuild: +- @for test in $(GIFS); do \ ++ for test in $(GIFS); do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + echo "Remaking $${stem}.rgb"; \ + $(UTILS)/gif2rgb -1 -o $${stem}.rgb $${test}; \ +@@ -68,7 +68,7 @@ gifbuild-regress: + @rm -f $@.fire1.ico $@.fire2.ico $@.fire2.gif + + gifclrmp-regress: +- @for test in $(GIFS); \ ++ for test in $(GIFS); \ + do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + if echo "gifclrmap: Checking colormap of $${test}" >&2; \ +@@ -78,7 +78,7 @@ gifclrmp-regress: + done + @rm -f $@.*.regress + gifclrmp-rebuild: +- @for test in $(GIFS); do \ ++ for test in $(GIFS); do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + echo "Remaking $${stem}.map"; \ + $(UTILS)/gifclrmp <$${test} >$${stem}.map; \ +@@ -92,7 +92,7 @@ gifecho-regress: + @$(UTILS)/gifecho -t "foobar" | $(UTILS)/gifbuild -d | diff -u foobar.ico - + + giffilter-regress: +- @for test in $(GIFS); \ ++ for test in $(GIFS); \ + do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + if echo "giffiltr: Testing copy of $${test}" >&2; \ +@@ -120,7 +120,7 @@ gifinto-regress: + @rm -f $@.giflib.tmp + + gifsponge-regress: +- @for test in $(GIFS); \ ++ for test in $(GIFS); \ + do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + if echo "gifsponge: Testing copy of $${test}" >&2; \ +@@ -131,7 +131,7 @@ gifsponge-regress: + @rm -f $@.*.regress + + giftext-regress: +- @for test in $(GIFS); \ ++ for test in $(GIFS); \ + do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + if echo "giftext: Checking text dump of $${test}" >&2; \ +@@ -141,7 +141,7 @@ giftext-regress: + done + @rm -f $@.*.regress + giftext-rebuild: +- @for test in $(GIFS); do \ ++ for test in $(GIFS); do \ + stem=`basename $${test} | sed -e "s/.gif$$//"`; \ + echo "Remaking $${stem}.dmp"; \ + $(UTILS)/giftext <$${test} >$${stem}.dmp; \ diff --git a/media-libs/giflib/giflib-5.2.2.ebuild b/media-libs/giflib/giflib-5.2.2.ebuild new file mode 100644 index 000000000000..fe22c921f716 --- /dev/null +++ b/media-libs/giflib/giflib-5.2.2.ebuild @@ -0,0 +1,76 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit flag-o-matic multilib-minimal toolchain-funcs + +DESCRIPTION="Library to handle, display and manipulate GIF images" +HOMEPAGE="https://sourceforge.net/projects/giflib/" +SRC_URI="https://downloads.sourceforge.net/giflib/${P}.tar.gz" + +LICENSE="MIT" +SLOT="0/7" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~x64-solaris" +IUSE="doc static-libs" + +PATCHES=( + "${FILESDIR}"/${PN}-5.2.1-fix-missing-quantize-API-symbols.patch + "${FILESDIR}"/${PN}-5.2.2-fortify.patch + "${FILESDIR}"/${PN}-5.2.2-verbose-tests.patch +) + +src_prepare() { + default + + # We don't want docs to be built unconditionally + sed -i -e '/$(MAKE) -C doc/d' Makefile || die + + multilib_copy_sources +} + +multilib_src_compile() { + append-lfs-flags + + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + CFLAGS="${CFLAGS} -std=gnu99 -fPIC" \ + LDFLAGS="${LDFLAGS}" \ + OFLAGS="" \ + all + + if use doc && multilib_is_native_abi; then + emake -C doc + fi +} + +multilib_src_test() { + emake -j1 check +} + +multilib_src_install() { + emake \ + DESTDIR="${D}" \ + PREFIX="${EPREFIX}/usr" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + install + + if ! use static-libs ; then + find "${ED}" -name "*.a" -delete || die + fi + + if use doc && multilib_is_native_abi; then + docinto html + dodoc doc/*.html + fi +} + +multilib_src_install_all() { + local DOCS=( ChangeLog NEWS README TODO ) + einstalldocs + if use doc ; then + docinto html + dodoc -r doc/{gifstandard,whatsinagif} + fi +}