public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download mbox.gz: |
* [gentoo-commits] repo/gentoo:master commit in: media-gfx/fontforge/, media-gfx/fontforge/files/
@ 2020-01-27 22:02 99% Mike Gilbert
  0 siblings, 0 replies; 1+ results
From: Mike Gilbert @ 2020-01-27 22:02 UTC (permalink / raw
  To: gentoo-commits

commit:     6c1824fd0b6c245566175dfcc56b61b03471d510
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 27 21:52:40 2020 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Mon Jan 27 21:52:40 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c1824fd

media-gfx/fontforge: bump to 20190801

Package-Manager: Portage-2.3.85_p2, Repoman-2.3.20_p36
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 media-gfx/fontforge/Manifest                  |   1 +
 media-gfx/fontforge/files/CVE-2020-5395.patch |  78 +++++++++++++++++++
 media-gfx/fontforge/fontforge-20190801.ebuild | 106 ++++++++++++++++++++++++++
 3 files changed, 185 insertions(+)

diff --git a/media-gfx/fontforge/Manifest b/media-gfx/fontforge/Manifest
index 6a5907bce02..50996083639 100644
--- a/media-gfx/fontforge/Manifest
+++ b/media-gfx/fontforge/Manifest
@@ -1,2 +1,3 @@
 DIST fontforge-20190317.tar.gz 22762120 BLAKE2B 5cb85d2fb9a2a08fe64548f2667c026e916dd0239d17d8f8d7d2fe8ecb51f2106cf3dc6e6298014c0deadffbfe91925327b483ed4750a171fb621aea8bdee60b SHA512 55f9b0f7cafb1aa5a1461dbf39b52ca6b69a2baa6b761c8c28f86a0bb99e090d9ecc981294f51dadd9297b5ebd3036f01cb4f17b9a97a737eb567b4ae6522f20
+DIST fontforge-20190801.tar.gz 20766334 BLAKE2B c3206e77da4a966b9e513c41c90e19522f3d1aad990cd3035d7c8a8cc009239811743c12c02df3b02fd91fa5a7738913dba43df14523a738a2232cd2d1a91700 SHA512 78f3e1e94e38e26dcf52c6a0e038753033dc47052b7492f0ac0aaf1b8962e4e4bbf07c2550ef6014ea7290a6429bf669acb0691735efe0aee368480b4b7e6236
 DIST fontforge-dist-20170731.tar.xz 13985256 BLAKE2B 7bc49a3b7747de419e4fafb445062873cf9bf56aa73fd7499509b787a1c0fd6c47b0b5d7bfeb2a69d9237f9f66f989af968b0d00e9d5e57030906394f042f29c SHA512 26f7a40714460716a24dd0229fdb027f3766bcc48db64b8993436ddcb6277898f9f3b67ad4fc0be515b2b38e01370d1c7d9ee3c6ece1be862b7d8c9882411f11

diff --git a/media-gfx/fontforge/files/CVE-2020-5395.patch b/media-gfx/fontforge/files/CVE-2020-5395.patch
new file mode 100644
index 00000000000..51b52450376
--- /dev/null
+++ b/media-gfx/fontforge/files/CVE-2020-5395.patch
@@ -0,0 +1,78 @@
+From 048a91e2682c1a8936ae34dbc7bd70291ec05410 Mon Sep 17 00:00:00 2001
+From: Skef Iterum <unknown>
+Date: Mon, 6 Jan 2020 03:05:06 -0800
+Subject: [PATCH] Fix for #4084 Use-after-free (heap) in the
+ SFD_GetFontMetaData() function Fix for #4086 NULL pointer dereference in the
+ SFDGetSpiros() function Fix for #4088 NULL pointer dereference in the
+ SFD_AssignLookups() function Add empty sf->fontname string if it isn't set,
+ fixing #4089 #4090 and many   other potential issues (many downstream calls
+ to strlen() on the value).
+
+---
+ fontforge/sfd.c  | 19 ++++++++++++++-----
+ fontforge/sfd1.c |  2 +-
+ 2 files changed, 15 insertions(+), 6 deletions(-)
+
+diff --git a/fontforge/sfd.c b/fontforge/sfd.c
+index 731be201e0..e8ca39ba83 100644
+--- a/fontforge/sfd.c
++++ b/fontforge/sfd.c
+@@ -4032,13 +4032,16 @@ static void SFDGetSpiros(FILE *sfd,SplineSet *cur) {
+     while ( fscanf(sfd,"%lg %lg %c", &cp.x, &cp.y, &cp.ty )==3 ) {
+ 	if ( cur!=NULL ) {
+ 	    if ( cur->spiro_cnt>=cur->spiro_max )
+-		cur->spiros = realloc(cur->spiros,(cur->spiro_max+=10)*sizeof(spiro_cp));
++		cur->spiros = realloc(cur->spiros,
++		                      (cur->spiro_max+=10)*sizeof(spiro_cp));
+ 	    cur->spiros[cur->spiro_cnt++] = cp;
+ 	}
+     }
+-    if ( cur!=NULL && (cur->spiros[cur->spiro_cnt-1].ty&0x7f)!=SPIRO_END ) {
++    if (    cur!=NULL && cur->spiro_cnt>0
++         && (cur->spiros[cur->spiro_cnt-1].ty&0x7f)!=SPIRO_END ) {
+ 	if ( cur->spiro_cnt>=cur->spiro_max )
+-	    cur->spiros = realloc(cur->spiros,(cur->spiro_max+=1)*sizeof(spiro_cp));
++	    cur->spiros = realloc(cur->spiros,
++	                          (cur->spiro_max+=1)*sizeof(spiro_cp));
+ 	memset(&cur->spiros[cur->spiro_cnt],0,sizeof(spiro_cp));
+ 	cur->spiros[cur->spiro_cnt++].ty = SPIRO_END;
+     }
+@@ -7992,10 +7995,12 @@ bool SFD_GetFontMetaData( FILE *sfd,
+     else if ( strmatch(tok,"LayerCount:")==0 )
+     {
+ 	d->had_layer_cnt = true;
+-	getint(sfd,&sf->layer_cnt);
+-	if ( sf->layer_cnt>2 ) {
++	int layer_cnt_tmp;
++	getint(sfd,&layer_cnt_tmp);
++	if ( layer_cnt_tmp>2 ) {
+ 	    sf->layers = realloc(sf->layers,sf->layer_cnt*sizeof(LayerInfo));
+ 	    memset(sf->layers+2,0,(sf->layer_cnt-2)*sizeof(LayerInfo));
++	    sf->layer_cnt = layer_cnt_tmp;
+ 	}
+     }
+     else if ( strmatch(tok,"Layer:")==0 )
+@@ -8948,6 +8953,10 @@ exit( 1 );
+ 	}
+     }
+ 
++    // Many downstream functions assume this isn't NULL (use strlen, etc.)
++    if ( sf->fontname==NULL)
++	sf->fontname = copy("");
++
+     if ( fromdir )
+ 	sf = SFD_FigureDirType(sf,tok,dirname,enc,remap,had_layer_cnt);
+     else if ( sf->subfontcnt!=0 ) {
+diff --git a/fontforge/sfd1.c b/fontforge/sfd1.c
+index cf931059d0..b42f832678 100644
+--- a/fontforge/sfd1.c
++++ b/fontforge/sfd1.c
+@@ -674,7 +674,7 @@ void SFD_AssignLookups(SplineFont1 *sf) {
+ 
+     /* Fix up some gunk from really old versions of the sfd format */
+     SFDCleanupAnchorClasses(&sf->sf);
+-    if ( sf->sf.uni_interp==ui_unset )
++    if ( sf->sf.uni_interp==ui_unset && sf->sf.map!=NULL )
+ 	sf->sf.uni_interp = interp_from_encoding(sf->sf.map->enc,ui_none);
+ 
+     /* Fixup for an old bug */

diff --git a/media-gfx/fontforge/fontforge-20190801.ebuild b/media-gfx/fontforge/fontforge-20190801.ebuild
new file mode 100644
index 00000000000..31b62099c78
--- /dev/null
+++ b/media-gfx/fontforge/fontforge-20190801.ebuild
@@ -0,0 +1,106 @@
+# Copyright 2004-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python{2_7,3_{6,7}} )
+
+inherit python-single-r1 xdg
+
+DESCRIPTION="postscript font editor and converter"
+HOMEPAGE="http://fontforge.github.io/"
+SRC_URI="https://github.com/fontforge/fontforge/releases/download/${PV}/fontforge-${PV}.tar.gz"
+
+LICENSE="BSD GPL-3+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
+IUSE="cairo truetype-debugger gif gtk jpeg png +python readline test tiff svg unicode X"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+	cairo? ( png )
+	gtk? ( cairo )
+	python? ( ${PYTHON_REQUIRED_USE} )
+	test? ( png python )
+"
+
+RDEPEND="
+	dev-libs/glib
+	dev-libs/libltdl:0
+	dev-libs/libxml2:2=
+	>=media-libs/freetype-2.3.7:2=
+	cairo? (
+		>=x11-libs/cairo-1.6:0=
+		x11-libs/pango:0=
+	)
+	gif? ( media-libs/giflib:0= )
+	jpeg? ( virtual/jpeg:0 )
+	png? ( media-libs/libpng:0= )
+	tiff? ( media-libs/tiff:0= )
+	truetype-debugger? ( >=media-libs/freetype-2.3.8:2[fontforge,-bindist(-)] )
+	gtk? ( >=x11-libs/gtk+-3.10:3 )
+	python? ( ${PYTHON_DEPS} )
+	readline? ( sys-libs/readline:0= )
+	unicode? ( media-libs/libuninameslist:0= )
+	X? (
+		x11-libs/libX11:0=
+		x11-libs/libXi:0=
+		>=x11-libs/pango-1.10:0=[X]
+	)
+	!media-gfx/pfaedit
+"
+DEPEND="${RDEPEND}
+	X? ( x11-base/xorg-proto )
+"
+BDEPEND="
+	sys-devel/gettext
+	virtual/pkgconfig
+"
+
+# Needs keywording on many arches.
+#	zeromq? (
+#		>=net-libs/czmq-2.2.0:0=
+#		>=net-libs/zeromq-4.0.4:0=
+#	)
+
+PATCHES=(
+	"${FILESDIR}"/20170731-gethex-unaligned.patch
+	"${FILESDIR}"/CVE-2020-5395.patch
+)
+
+pkg_setup() {
+	use python && python-single-r1_pkg_setup
+}
+
+src_configure() {
+	local myeconfargs=(
+		--disable-static
+		$(use_enable truetype-debugger freetype-debugger "${EPREFIX}/usr/include/freetype2/internal4fontforge")
+		$(use_enable python python-extension)
+		$(use_enable python python-scripting)
+		--enable-tile-path
+		$(use_with cairo)
+		$(use_with gif giflib)
+		$(use_with jpeg libjpeg)
+		$(use_with png libpng)
+		$(use_with readline libreadline)
+		--without-libspiro
+		$(use_with tiff libtiff)
+		$(use_with unicode libuninameslist)
+		$(use_with X x)
+	)
+	if use gtk; then
+		# broken AC_ARG_ENABLE usage
+		# https://bugs.gentoo.org/681550
+		myeconfargs+=( --enable-gdk=gdk3 )
+	fi
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	docompress -x /usr/share/doc/${PF}/html
+	einstalldocs
+	find "${ED}" -name '*.la' -type f -delete || die
+}


^ permalink raw reply related	[relevance 99%]

Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2020-01-27 22:02 99% [gentoo-commits] repo/gentoo:master commit in: media-gfx/fontforge/, media-gfx/fontforge/files/ Mike Gilbert

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox