From 3fcb9e3eb9d375eee2bbcf9cb16501efaf980cfc Mon Sep 17 00:00:00 2001 From: "Michael Mair-Keimberger (asterix)" Date: Tue, 20 Dec 2016 20:13:25 +0100 Subject: media-gfx/gimp: remove unused patches --- media-gfx/gimp/files/gimp-2.6.11-file-uri.patch | 79 ---- .../gimp/files/gimp-2.6.12-CVE-2012-2763.patch | 20 - .../gimp/files/gimp-2.6.12-CVE-2012-3236.patch | 39 -- .../gimp/files/gimp-2.6.12-CVE-2012-3403.patch | 511 --------------------- .../gimp/files/gimp-2.6.12-CVE-2012-3481.patch | 56 --- .../gimp/files/gimp-2.6.12-potfiles-skip.patch | 17 - .../gimp/files/gimp-2.8.10-CVE-2013-1913.patch | 31 -- .../gimp/files/gimp-2.8.10-CVE-2013-1978.patch | 151 ------ media-gfx/gimp/files/gimp-2.8.10-freetype251.patch | 26 -- media-gfx/gimp/files/gimp-curl-headers.diff | 12 - 10 files changed, 942 deletions(-) delete mode 100644 media-gfx/gimp/files/gimp-2.6.11-file-uri.patch delete mode 100644 media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch delete mode 100644 media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch delete mode 100644 media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3403.patch delete mode 100644 media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3481.patch delete mode 100644 media-gfx/gimp/files/gimp-2.6.12-potfiles-skip.patch delete mode 100644 media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1913.patch delete mode 100644 media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1978.patch delete mode 100644 media-gfx/gimp/files/gimp-2.8.10-freetype251.patch delete mode 100644 media-gfx/gimp/files/gimp-curl-headers.diff (limited to 'media-gfx') diff --git a/media-gfx/gimp/files/gimp-2.6.11-file-uri.patch b/media-gfx/gimp/files/gimp-2.6.11-file-uri.patch deleted file mode 100644 index 2d3f161e064b..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.11-file-uri.patch +++ /dev/null @@ -1,79 +0,0 @@ ---- plug-ins/file-uri/uri-backend-libcurl.c.orig 2011-09-01 09:06:13.307741499 -0500 -+++ plug-ins/file-uri/uri-backend-libcurl.c 2011-09-01 09:09:09.066152187 -0500 -@@ -62,7 +62,7 @@ - - vinfo = curl_version_info (CURLVERSION_NOW); - -- protocols = g_string_new ("http:,ftp:"); -+ protocols = g_string_new ("http:,ftp:,gopher:"); - - if (vinfo->features & CURL_VERSION_SSL) - { -@@ -153,6 +153,11 @@ - CURL *curl_handle; - CURLcode result; - gint response_code; -+ gchar *eff_url = NULL; -+ gchar *proto = NULL; -+ gboolean is_http = FALSE; -+ gboolean is_ftp = FALSE; -+ gboolean is_gopher = FALSE; - - gimp_progress_init (_("Connecting to server")); - -@@ -194,13 +199,52 @@ - - curl_easy_getinfo (curl_handle, CURLINFO_RESPONSE_CODE, &response_code); - -- if (response_code != 200) -+ /* protocol could be not specified in provided uri -+ get complete url guessed by curl */ -+ curl_easy_getinfo (curl_handle, CURLINFO_EFFECTIVE_URL, &eff_url); -+ -+ /* detect uri protocol */ -+ if (! g_ascii_strncasecmp (eff_url, "http://", 7)) -+ { -+ is_http = TRUE; -+ proto = "HTTP"; -+ } -+ else -+ if (! g_ascii_strncasecmp (eff_url, "https://", 8)) -+ { -+ is_http = TRUE; -+ proto = "HTTPS"; -+ } -+ else -+ if (! g_ascii_strncasecmp (eff_url, "ftp://", 6)) -+ { -+ is_ftp = TRUE; -+ proto = "FTP"; -+ } -+ else -+ if (! g_ascii_strncasecmp (eff_url, "ftps://", 7)) -+ { -+ is_ftp = TRUE; -+ proto = "FTPS"; -+ } -+ else -+ if (! g_ascii_strncasecmp (eff_url ,"gopher://", 9)) -+ { -+ is_gopher = TRUE; -+ proto = "GOPHER"; -+ } -+ else -+ { -+ proto = "UNKNOWN"; -+ } -+ -+ if (! ((is_http && response_code == 200) || (is_ftp && response_code == 226) || (is_gopher))) - { - fclose (out_file); - g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -- _("Opening '%s' for reading resulted in HTTP " -+ _("Opening '%s' for reading resulted in %s " - "response code: %d"), -- uri, response_code); -+ uri, proto, response_code); - curl_easy_cleanup (curl_handle); - return FALSE; - } diff --git a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch deleted file mode 100644 index c922b6399cc8..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch +++ /dev/null @@ -1,20 +0,0 @@ -Fix for CVE-2012-2763 for GIMP 2.6.x by mancha. Based on commit -76155d79df8d497. Thanks to muks, Kevin, and Ankh for identifying -the relevant code change. - -Ref: Fixed potential buffer overflow in readstr_upto(). - -================================================ - ---- a/plug-ins/script-fu/tinyscheme/scheme.c.orig 2012-06-30 -+++ b/plug-ins/script-fu/tinyscheme/scheme.c 2012-06-30 -@@ -1727,7 +1727,8 @@ static char *readstr_upto(scheme *sc, ch - c = inchar(sc); - len = g_unichar_to_utf8(c, p); - p += len; -- } while (c && !is_one_of(delim, c)); -+ } while ((p - sc->strbuff < sizeof(sc->strbuff)) && -+ (c && !is_one_of(delim, c))); - - if(p==sc->strbuff+2 && c_prev=='\\') - *p = '\0'; diff --git a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch deleted file mode 100644 index e4d3a9f96fb4..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch +++ /dev/null @@ -1,39 +0,0 @@ -From ace45631595e8781a1420842582d67160097163c Mon Sep 17 00:00:00 2001 -From: Michael Natterer -Date: Wed, 06 Jun 2012 19:21:10 +0000 -Subject: Bug 676804 - file handling DoS for fit file format - -Apply patch from joe@reactionis.co.uk which fixes a buffer overflow on -broken/malicious fits files. ---- -(limited to 'plug-ins/file-fits/fits-io.c') - -diff --git a/plug-ins/file-fits/fits-io.c b/plug-ins/file-fits/fits-io.c -index 03d9652..ed77318 100644 ---- a/plug-ins/file-fits/fits-io.c -+++ b/plug-ins/file-fits/fits-io.c -@@ -1054,10 +1054,18 @@ static FITS_HDU_LIST *fits_decode_header (FITS_RECORD_LIST *hdr, - hdulist->used.simple = (strncmp (hdr->data, "SIMPLE ", 8) == 0); - hdulist->used.xtension = (strncmp (hdr->data, "XTENSION", 8) == 0); - if (hdulist->used.xtension) -- { -- fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring); -- strcpy (hdulist->xtension, fdat->fstring); -- } -+ { -+ fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring); -+ if (fdat != NULL) -+ { -+ strcpy (hdulist->xtension, fdat->fstring); -+ } -+ else -+ { -+ strcpy (errmsg, "No valid XTENSION header found."); -+ goto err_return; -+ } -+ } - - FITS_DECODE_CARD (hdr, "NAXIS", fdat, typ_flong); - hdulist->naxis = fdat->flong; --- -cgit v0.9.0.2 diff --git a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3403.patch b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3403.patch deleted file mode 100644 index f7d0b3766a60..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3403.patch +++ /dev/null @@ -1,511 +0,0 @@ -From 65ac6cda675fafd57bc182175f685e5d8c1a9cc9 Mon Sep 17 00:00:00 2001 -From: Nils Philippsen -Date: Mon, 20 Aug 2012 15:28:44 +0200 -Subject: [PATCH] patch: CVE-2012-3403 - -Squashed commit of the following: - -commit d002e513039a9667a06d3e2ba180f9c18785cc5f -Author: Nils Philippsen -Date: Fri Jul 13 15:47:16 2012 +0200 - - file-cel: close file on error - -commit ec3f1fe7586527ea7e2735b5c8548b925f622d5b -Author: Nils Philippsen -Date: Fri Jul 13 15:33:27 2012 +0200 - - file-cel: use g_set_error() for errors instead of g_message() - (cherry picked from commit 86f4cd39bd493c88a7a19b56d1827d8b911e07f6) - - Conflicts: - plug-ins/common/file-cel.c - -commit 79bd89bc39195974d5cae2c2b06c829dd90c36ee -Author: Nils Philippsen -Date: Fri Jul 13 15:30:44 2012 +0200 - - file-cel: use statically allocated palette buffer - (cherry picked from commit 69b98191cf315bcf0f7b8878896c01600e67c124) - -commit 52d85468980b5947cfd3e84f9a256769158210cc -Author: Nils Philippsen -Date: Fri Jul 13 15:20:06 2012 +0200 - - file-cel: validate header data (CVE-2012-3403) - (cherry picked from commit b772d1b84c9272bb46ab9a21db4390e6263c9892) - -commit 62da97876070839097671e83eb8f5d408515396f -Author: Nils Philippsen -Date: Thu Jul 12 15:50:02 2012 +0200 - - file-cel: check fread()/g_fopen() return values and pass on errors - (cherry picked from commit 797db58b94c64f418c35d38b7a608d933c8cebef) ---- - plug-ins/common/file-cel.c | 283 +++++++++++++++++++++++++++++++++++++-------- - 1 file changed, 234 insertions(+), 49 deletions(-) - -diff --git a/plug-ins/common/file-cel.c b/plug-ins/common/file-cel.c -index a94671c..3357561 100644 ---- a/plug-ins/common/file-cel.c -+++ b/plug-ins/common/file-cel.c -@@ -44,8 +44,10 @@ static void run (const gchar *name, - gint *nreturn_vals, - GimpParam **return_vals); - --static gint load_palette (FILE *fp, -- guchar palette[]); -+static gint load_palette (const gchar *file, -+ FILE *fp, -+ guchar palette[], -+ GError **error); - static gint32 load_image (const gchar *file, - const gchar *brief, - GError **error); -@@ -55,7 +57,8 @@ static gboolean save_image (const gchar *file, - gint32 layer, - GError **error); - static void palette_dialog (const gchar *title); --static gboolean need_palette (const gchar *file); -+static gboolean need_palette (const gchar *file, -+ GError **error); - - - /* Globals... */ -@@ -150,6 +153,7 @@ run (const gchar *name, - gint32 image; - GimpExportReturn export = GIMP_EXPORT_CANCEL; - GError *error = NULL; -+ gint needs_palette = 0; - - run_mode = param[0].data.d_int32; - -@@ -187,20 +191,32 @@ run (const gchar *name, - else if (run_mode == GIMP_RUN_INTERACTIVE) - { - /* Let user choose KCF palette (cancel ignores) */ -- if (need_palette (param[1].data.d_string)) -- palette_dialog (_("Load KISS Palette")); -+ needs_palette = need_palette (param[1].data.d_string, &error); - -- gimp_set_data (SAVE_PROC, palette_file, data_length); -- } -+ if (! error) -+ { -+ if (needs_palette) -+ palette_dialog (_("Load KISS Palette")); - -- image = load_image (param[1].data.d_string, param[2].data.d_string, -- &error); -+ gimp_set_data (SAVE_PROC, palette_file, data_length); -+ } -+ } - -- if (image != -1) -+ if (! error) - { -- *nreturn_vals = 2; -- values[1].type = GIMP_PDB_IMAGE; -- values[1].data.d_image = image; -+ image = load_image (param[1].data.d_string, param[2].data.d_string, -+ &error); -+ -+ if (image != -1) -+ { -+ *nreturn_vals = 2; -+ values[1].type = GIMP_PDB_IMAGE; -+ values[1].data.d_image = image; -+ } -+ else -+ { -+ status = GIMP_PDB_EXECUTION_ERROR; -+ } - } - else - { -@@ -263,18 +279,33 @@ run (const gchar *name, - - /* Peek into the file to determine whether we need a palette */ - static gboolean --need_palette (const gchar *file) -+need_palette (const gchar *file, -+ GError **error) - { - FILE *fp; - guchar header[32]; -+ size_t n_read; - - fp = g_fopen (file, "rb"); -- if (!fp) -- return FALSE; -+ if (fp == NULL) -+ { -+ g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno), -+ _("Could not open '%s' for reading: %s"), -+ gimp_filename_to_utf8 (file), g_strerror (errno)); -+ return FALSE; -+ } -+ -+ n_read = fread (header, 32, 1, fp); - -- fread (header, 32, 1, fp); - fclose (fp); - -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("EOF or error while reading image header")); -+ return FALSE; -+ } -+ - return (header[5] < 32); - } - -@@ -286,11 +317,12 @@ load_image (const gchar *file, - GError **error) - { - FILE *fp; /* Read file pointer */ -- guchar header[32]; /* File header */ -+ guchar header[32], /* File header */ -+ file_mark, /* KiSS file type */ -+ bpp; /* Bits per pixel */ - gint height, width, /* Dimensions of image */ - offx, offy, /* Layer offets */ -- colours, /* Number of colours */ -- bpp; /* Bits per pixel */ -+ colours; /* Number of colours */ - - gint32 image, /* Image */ - layer; /* Layer */ -@@ -301,6 +333,7 @@ load_image (const gchar *file, - GimpPixelRgn pixel_rgn; /* Pixel region for layer */ - - gint i, j, k; /* Counters */ -+ size_t n_read; /* Number of items read from file */ - - - /* Open the file for reading */ -@@ -319,7 +352,14 @@ load_image (const gchar *file, - - /* Get the image dimensions and create the image... */ - -- fread (header, 4, 1, fp); -+ n_read = fread (header, 4, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("EOF or error while reading image header")); -+ return -1; -+ } - - if (strncmp ((const gchar *) header, "KiSS", 4)) - { -@@ -332,18 +372,53 @@ load_image (const gchar *file, - } - else - { /* New-style image file, read full header */ -- fread (header, 28, 1, fp); -+ n_read = fread (header, 28, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("EOF or error while reading image header")); -+ return -1; -+ } -+ -+ file_mark = header[0]; -+ if (file_mark != 0x20 && file_mark != 0x21) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("is not a CEL image file")); -+ return -1; -+ } -+ - bpp = header[1]; -- if (bpp == 24) -- colours = -1; -- else -- colours = (1 << header[1]); -+ switch (bpp) -+ { -+ case 4: -+ case 8: -+ case 32: -+ colours = (1 << bpp); -+ break; -+ default: -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("illegal bpp value in image: %hhu"), bpp); -+ return -1; -+ } -+ - width = header[4] + (256 * header[5]); - height = header[6] + (256 * header[7]); - offx = header[8] + (256 * header[9]); - offy = header[10] + (256 * header[11]); - } - -+ if ((width == 0) || (height == 0) || (width + offx > GIMP_MAX_IMAGE_SIZE) || -+ (height + offy > GIMP_MAX_IMAGE_SIZE)) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("illegal image dimensions: width: %d, horizontal offset: " -+ "%d, height: %d, vertical offset: %d"), -+ width, offx, height, offy); -+ return -1; -+ } -+ - if (bpp == 32) - image = gimp_image_new (width + offx, height + offy, GIMP_RGB); - else -@@ -351,7 +426,8 @@ load_image (const gchar *file, - - if (image == -1) - { -- g_message (_("Can't create a new image")); -+ g_set_error (error, 0, 0, _("Can't create a new image")); -+ fclose (fp); - return -1; - } - -@@ -383,7 +459,15 @@ load_image (const gchar *file, - switch (bpp) - { - case 4: -- fread (buffer, (width+1)/2, 1, fp); -+ n_read = fread (buffer, (width+1)/2, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("EOF or error while reading image data")); -+ return -1; -+ } -+ - for (j = 0, k = 0; j < width*2; j+= 4, ++k) - { - if (buffer[k] / 16 == 0) -@@ -410,7 +494,15 @@ load_image (const gchar *file, - break; - - case 8: -- fread (buffer, width, 1, fp); -+ n_read = fread (buffer, width, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("EOF or error while reading image data")); -+ return -1; -+ } -+ - for (j = 0, k = 0; j < width*2; j+= 2, ++k) - { - if (buffer[k] == 0) -@@ -427,7 +519,15 @@ load_image (const gchar *file, - break; - - case 32: -- fread (line, width*4, 1, fp); -+ n_read = fread (line, width*4, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("EOF or error while reading image data")); -+ return -1; -+ } -+ - /* The CEL file order is BGR so we need to swap B and R - * to get the Gimp RGB order. - */ -@@ -440,7 +540,8 @@ load_image (const gchar *file, - break; - - default: -- g_message (_("Unsupported bit depth (%d)!"), bpp); -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("Unsupported bit depth (%d)!"), bpp); - return -1; - } - -@@ -457,7 +558,7 @@ load_image (const gchar *file, - if (bpp != 32) - { - /* Use palette from file or otherwise default grey palette */ -- palette = g_new (guchar, colours*3); -+ guchar palette[256*3]; - - /* Open the file for reading if user picked one */ - if (palette_file == NULL) -@@ -467,12 +568,23 @@ load_image (const gchar *file, - else - { - fp = g_fopen (palette_file, "r"); -+ -+ if (fp == NULL) -+ { -+ g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno), -+ _("Could not open '%s' for reading: %s"), -+ gimp_filename_to_utf8 (palette_file), -+ g_strerror (errno)); -+ return -1; -+ } - } - - if (fp != NULL) - { -- colours = load_palette (fp, palette); -+ colours = load_palette (palette_file, fp, palette, error); - fclose (fp); -+ if (colours < 0 || *error) -+ return -1; - } - else - { -@@ -483,10 +595,6 @@ load_image (const gchar *file, - } - - gimp_image_set_colormap (image, palette + 3, colours - 1); -- -- /* Close palette file, give back allocated memory */ -- -- g_free (palette); - } - - /* Now get everything redrawn and hand back the finished image */ -@@ -498,32 +606,100 @@ load_image (const gchar *file, - } - - static gint --load_palette (FILE *fp, -- guchar palette[]) -+load_palette (const gchar *file, -+ FILE *fp, -+ guchar palette[], -+ GError **error) - { - guchar header[32]; /* File header */ - guchar buffer[2]; -- int i, bpp, colours= 0; -+ guchar file_mark, bpp; -+ gint i, colours = 0; -+ size_t n_read; -+ -+ n_read = fread (header, 4, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': EOF or error while reading palette header"), -+ gimp_filename_to_utf8 (file)); -+ return -1; -+ } - -- fread (header, 4, 1, fp); - if (!strncmp ((const gchar *) header, "KiSS", 4)) - { -- fread (header+4, 28, 1, fp); -+ n_read = fread (header+4, 28, 1, fp); -+ -+ if (n_read < 1) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': EOF or error while reading palette header"), -+ gimp_filename_to_utf8 (file)); -+ return -1; -+ } -+ -+ file_mark = header[4]; -+ if (file_mark != 0x10) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': is not a KCF palette file"), -+ gimp_filename_to_utf8 (file)); -+ return -1; -+ } -+ - bpp = header[5]; -+ if (bpp != 12 && bpp != 24) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': illegal bpp value in palette: %hhu"), -+ gimp_filename_to_utf8 (file), bpp); -+ return -1; -+ } -+ - colours = header[8] + header[9] * 256; -- if (bpp == 12) -+ if (colours != 16 && colours != 256) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': illegal number of colors: %u"), -+ gimp_filename_to_utf8 (file), colours); -+ return -1; -+ } -+ -+ switch (bpp) - { -+ case 12: - for (i = 0; i < colours; ++i) - { -- fread (buffer, 1, 2, fp); -+ n_read = fread (buffer, 1, 2, fp); -+ -+ if (n_read < 2) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': EOF or error while reading " -+ "palette data"), -+ gimp_filename_to_utf8 (file)); -+ return -1; -+ } -+ - palette[i*3]= buffer[0] & 0xf0; - palette[i*3+1]= (buffer[1] & 0x0f) * 16; - palette[i*3+2]= (buffer[0] & 0x0f) * 16; - } -- } -- else -- { -- fread (palette, colours, 3, fp); -+ break; -+ case 24: -+ n_read = fread (palette, colours, 3, fp); -+ -+ if (n_read < 3) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': EOF or error while reading palette data"), -+ gimp_filename_to_utf8 (file)); -+ return -1; -+ } -+ break; -+ default: -+ g_assert_not_reached (); - } - } - else -@@ -532,7 +708,16 @@ load_palette (FILE *fp, - fseek (fp, 0, SEEK_SET); - for (i= 0; i < colours; ++i) - { -- fread (buffer, 1, 2, fp); -+ n_read = fread (buffer, 1, 2, fp); -+ -+ if (n_read < 2) -+ { -+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, -+ _("'%s': EOF or error while reading palette data"), -+ gimp_filename_to_utf8 (file)); -+ return -1; -+ } -+ - palette[i*3] = buffer[0] & 0xf0; - palette[i*3+1] = (buffer[1] & 0x0f) * 16; - palette[i*3+2] = (buffer[0] & 0x0f) * 16; --- -1.7.11.4 - diff --git a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3481.patch b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3481.patch deleted file mode 100644 index a5aee6a34473..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3481.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 26b208c5aef5f7801bf0538f8df549f0bf8dcb92 Mon Sep 17 00:00:00 2001 -From: Nils Philippsen -Date: Mon, 20 Aug 2012 15:30:33 +0200 -Subject: [PATCH] patch: CVE-2012-3481 - -Squashed commit of the following: - -commit c56f3dc25cd4941f465e88bd91a0e107a4ac1b5e -Author: Nils Philippsen -Date: Tue Aug 14 15:27:39 2012 +0200 - - file-gif-load: fix type overflow (CVE-2012-3481) - - Cast variables properly to avoid overflowing when computing how much - memory to allocate. - (cherry picked from commit 43fc9dbd8e2196944c8a71321e525b89b7df9f5c) - -commit 11e922a8cee5c9bb532e2a996d2db3beab6da6cb -Author: Jan Lieskovsky -Date: Tue Aug 14 12:18:22 2012 +0200 - - file-gif-load: limit len and height (CVE-2012-3481) - - Ensure values of len and height can't overflow g_malloc() argument type. - (cherry picked from commit d95c2f0bcb6775bdee2bef35b7d84f6dfd490783) ---- - plug-ins/common/file-gif-load.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/plug-ins/common/file-gif-load.c b/plug-ins/common/file-gif-load.c -index 8460ec0..295c351 100644 ---- a/plug-ins/common/file-gif-load.c -+++ b/plug-ins/common/file-gif-load.c -@@ -1028,10 +1028,17 @@ ReadImage (FILE *fd, - cur_progress = 0; - max_progress = height; - -+ if (len > (G_MAXSIZE / height / (alpha_frame ? (promote_to_rgb ? 4 : 2) : 1))) -+ { -+ g_message ("'%s' has a larger image size than GIMP can handle.", -+ gimp_filename_to_utf8 (filename)); -+ return -1; -+ } -+ - if (alpha_frame) -- dest = (guchar *) g_malloc (len * height * (promote_to_rgb ? 4 : 2)); -+ dest = (guchar *) g_malloc ((gsize)len * (gsize)height * (promote_to_rgb ? 4 : 2)); - else -- dest = (guchar *) g_malloc (len * height); -+ dest = (guchar *) g_malloc ((gsize)len * (gsize)height); - - #ifdef GIFDEBUG - g_print ("GIF: reading %d by %d%s GIF image, ncols=%d\n", --- -1.7.11.4 - diff --git a/media-gfx/gimp/files/gimp-2.6.12-potfiles-skip.patch b/media-gfx/gimp/files/gimp-2.6.12-potfiles-skip.patch deleted file mode 100644 index ee1b89adc5b6..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.12-potfiles-skip.patch +++ /dev/null @@ -1,17 +0,0 @@ -From: Julian Ospald -Date: Fri Mar 2 17:29:14 CET 2012 - -gimp-2.6.11 fails on FEATURES="test" -correctly add "contactsheet.scm" and "test-sphere.scm" to POTFILES.skip - ---- po-script-fu/POTFILES.skip -+++ po-script-fu/POTFILES.skip -@@ -37,6 +37,8 @@ - plug-ins/pagecurl - plug-ins/print - plug-ins/pygimp -+plug-ins/script-fu/scripts/contactsheet.scm -+plug-ins/script-fu/scripts/test-sphere.scm - plug-ins/selection-to-path - plug-ins/twain - plug-ins/win-snap diff --git a/media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1913.patch b/media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1913.patch deleted file mode 100644 index e257c691bb09..000000000000 --- a/media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1913.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 32ae0f83e5748299641cceaabe3f80f1b3afd03e Mon Sep 17 00:00:00 2001 -From: Nils Philippsen -Date: Thu, 14 Nov 2013 14:29:01 +0100 -Subject: file-xwd: sanity check colormap size (CVE-2013-1913) - - -diff --git a/plug-ins/common/file-xwd.c b/plug-ins/common/file-xwd.c -index c8e1a6e..343129a 100644 ---- a/plug-ins/common/file-xwd.c -+++ b/plug-ins/common/file-xwd.c -@@ -466,6 +466,17 @@ load_image (const gchar *filename, - /* Position to start of XWDColor structures */ - fseek (ifp, (long)xwdhdr.l_header_size, SEEK_SET); - -+ /* Guard against insanely huge color maps -- gimp_image_set_colormap() only -+ * accepts colormaps with 0..256 colors anyway. */ -+ if (xwdhdr.l_colormap_entries > 256) -+ { -+ g_message (_("'%s':\nIllegal number of colormap entries: %ld"), -+ gimp_filename_to_utf8 (filename), -+ (long)xwdhdr.l_colormap_entries); -+ fclose (ifp); -+ return -1; -+ } -+ - if (xwdhdr.l_colormap_entries > 0) - { - xwdcolmap = g_new (L_XWDCOLOR, xwdhdr.l_colormap_entries); --- -cgit v0.10.1 - diff --git a/media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1978.patch b/media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1978.patch deleted file mode 100644 index 43b4bcbdc3f3..000000000000 --- a/media-gfx/gimp/files/gimp-2.8.10-CVE-2013-1978.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 23f685931e5f000dd033a45c60c1e60d7f78caf4 Mon Sep 17 00:00:00 2001 -From: Nils Philippsen -Date: Tue, 26 Nov 2013 10:49:42 +0100 -Subject: file-xwd: sanity check # of colors and map entries (CVE-2013-1978) - -The number of colors in an image shouldn't be higher than the number of -colormap entries. Additionally, consolidate post error cleanup in -load_image(). - -diff --git a/plug-ins/common/file-xwd.c b/plug-ins/common/file-xwd.c -index 343129a..4df9ce8 100644 ---- a/plug-ins/common/file-xwd.c -+++ b/plug-ins/common/file-xwd.c -@@ -429,9 +429,9 @@ static gint32 - load_image (const gchar *filename, - GError **error) - { -- FILE *ifp; -+ FILE *ifp = NULL; - gint depth, bpp; -- gint32 image_ID; -+ gint32 image_ID = -1; - L_XWDFILEHEADER xwdhdr; - L_XWDCOLOR *xwdcolmap = NULL; - -@@ -441,7 +441,7 @@ load_image (const gchar *filename, - g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno), - _("Could not open '%s' for reading: %s"), - gimp_filename_to_utf8 (filename), g_strerror (errno)); -- return -1; -+ goto out; - } - - read_xwd_header (ifp, &xwdhdr); -@@ -450,8 +450,7 @@ load_image (const gchar *filename, - g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, - _("Could not read XWD header from '%s'"), - gimp_filename_to_utf8 (filename)); -- fclose (ifp); -- return -1; -+ goto out; - } - - #ifdef XWD_COL_WAIT_DEBUG -@@ -473,12 +472,18 @@ load_image (const gchar *filename, - g_message (_("'%s':\nIllegal number of colormap entries: %ld"), - gimp_filename_to_utf8 (filename), - (long)xwdhdr.l_colormap_entries); -- fclose (ifp); -- return -1; -+ goto out; - } - - if (xwdhdr.l_colormap_entries > 0) - { -+ if (xwdhdr.l_colormap_entries < xwdhdr.l_ncolors) -+ { -+ g_message (_("'%s':\nNumber of colormap entries < number of colors"), -+ gimp_filename_to_utf8 (filename)); -+ goto out; -+ } -+ - xwdcolmap = g_new (L_XWDCOLOR, xwdhdr.l_colormap_entries); - - read_xwd_cols (ifp, &xwdhdr, xwdcolmap); -@@ -498,9 +503,7 @@ load_image (const gchar *filename, - if (xwdhdr.l_file_version != 7) - { - g_message (_("Can't read color entries")); -- g_free (xwdcolmap); -- fclose (ifp); -- return (-1); -+ goto out; - } - } - -@@ -508,9 +511,7 @@ load_image (const gchar *filename, - { - g_message (_("'%s':\nNo image width specified"), - gimp_filename_to_utf8 (filename)); -- g_free (xwdcolmap); -- fclose (ifp); -- return (-1); -+ goto out; - } - - if (xwdhdr.l_pixmap_width > GIMP_MAX_IMAGE_SIZE -@@ -518,27 +519,21 @@ load_image (const gchar *filename, - { - g_message (_("'%s':\nImage width is larger than GIMP can handle"), - gimp_filename_to_utf8 (filename)); -- g_free (xwdcolmap); -- fclose (ifp); -- return (-1); -+ goto out; - } - - if (xwdhdr.l_pixmap_height <= 0) - { - g_message (_("'%s':\nNo image height specified"), - gimp_filename_to_utf8 (filename)); -- g_free (xwdcolmap); -- fclose (ifp); -- return (-1); -+ goto out; - } - - if (xwdhdr.l_pixmap_height > GIMP_MAX_IMAGE_SIZE) - { - g_message (_("'%s':\nImage height is larger than GIMP can handle"), - gimp_filename_to_utf8 (filename)); -- g_free (xwdcolmap); -- fclose (ifp); -- return (-1); -+ goto out; - } - - gimp_progress_init_printf (_("Opening '%s'"), -@@ -591,11 +586,6 @@ load_image (const gchar *filename, - } - gimp_progress_update (1.0); - -- fclose (ifp); -- -- if (xwdcolmap) -- g_free (xwdcolmap); -- - if (image_ID == -1 && ! (error && *error)) - g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, - _("XWD-file %s has format %d, depth %d and bits per pixel %d. " -@@ -603,6 +593,17 @@ load_image (const gchar *filename, - gimp_filename_to_utf8 (filename), - (gint) xwdhdr.l_pixmap_format, depth, bpp); - -+out: -+ if (ifp) -+ { -+ fclose (ifp); -+ } -+ -+ if (xwdcolmap) -+ { -+ g_free (xwdcolmap); -+ } -+ - return image_ID; - } - --- -cgit v0.10.1 - diff --git a/media-gfx/gimp/files/gimp-2.8.10-freetype251.patch b/media-gfx/gimp/files/gimp-2.8.10-freetype251.patch deleted file mode 100644 index c5c20d510cbc..000000000000 --- a/media-gfx/gimp/files/gimp-2.8.10-freetype251.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 6c73f28b6d87a2afd11974552a075bffec52347f Mon Sep 17 00:00:00 2001 -From: Michael Natterer -Date: Fri, 29 Nov 2013 21:57:46 +0100 -Subject: Bug 719560 - Build failure with freetype 2.5.1 - -Apply patch from su-v that fixes the freetype include to -the madness devised and recommended by freetype. - -diff --git a/app/text/gimpfont.c b/app/text/gimpfont.c -index 4045ca9..66c6e52 100644 ---- a/app/text/gimpfont.c -+++ b/app/text/gimpfont.c -@@ -28,7 +28,9 @@ - - #define PANGO_ENABLE_ENGINE 1 /* Argh */ - #include --#include -+ -+#include -+#include FT_TRUETYPE_TABLES_H - - #include "text-types.h" - --- -cgit v0.10.1 - diff --git a/media-gfx/gimp/files/gimp-curl-headers.diff b/media-gfx/gimp/files/gimp-curl-headers.diff deleted file mode 100644 index ea8935d0080c..000000000000 --- a/media-gfx/gimp/files/gimp-curl-headers.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/plug-ins/file-uri/uri-backend-libcurl.c b/plug-ins/file-uri/uri-backend-libcurl.c -index a566966..747dca7 100644 ---- a/plug-ins/file-uri/uri-backend-libcurl.c -+++ b/plug-ins/file-uri/uri-backend-libcurl.c -@@ -24,7 +24,6 @@ - #include - - #include --#include - #include - - #include -- cgit v1.2.3-65-gdbad