From owner-svn-ports-branches@freebsd.org Wed Mar 9 17:14:24 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2B65BAC9330; Wed, 9 Mar 2016 17:14:24 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D80B1BEA; Wed, 9 Mar 2016 17:14:23 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u29HEMe0091714; Wed, 9 Mar 2016 17:14:22 GMT (envelope-from feld@FreeBSD.org) Received: (from feld@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u29HEM0K091712; Wed, 9 Mar 2016 17:14:22 GMT (envelope-from feld@FreeBSD.org) Message-Id: <201603091714.u29HEM0K091712@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: feld set sender to feld@FreeBSD.org using -f From: Mark Felder Date: Wed, 9 Mar 2016 17:14:22 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r410713 - in branches/2016Q1/graphics/giflib: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2016 17:14:24 -0000 Author: feld Date: Wed Mar 9 17:14:22 2016 New Revision: 410713 URL: https://svnweb.freebsd.org/changeset/ports/410713 Log: MFH: r410712 graphics/giflib: Add patch to fix regression There is a regression with the 5.1.2 update to giflib. This affects the ability for applications to render gif images usually ocurring after the first gif image is rendered. Upstream has been notified but has not yet provided feedback. giflib 5.1.2 was a security fix, so reverting is not reasonable. "The removed check look redundant - I couldn't find a code path where Private->RunningBits would exceed that limit after initialization. (Currently Private->RunningBits is checked before it is initialized)." PR: 207849 Submitted by: Stefan Ehmann Approved by: ports-secteam (with hat) Added: branches/2016Q1/graphics/giflib/files/patch-lib_dgif__lib.c - copied unchanged from r410712, head/graphics/giflib/files/patch-lib_dgif__lib.c Modified: branches/2016Q1/graphics/giflib/Makefile Directory Properties: branches/2016Q1/ (props changed) Modified: branches/2016Q1/graphics/giflib/Makefile ============================================================================== --- branches/2016Q1/graphics/giflib/Makefile Wed Mar 9 17:13:49 2016 (r410712) +++ branches/2016Q1/graphics/giflib/Makefile Wed Mar 9 17:14:22 2016 (r410713) @@ -3,7 +3,7 @@ PORTNAME= giflib PORTVERSION= 5.1.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= graphics MASTER_SITES= SF/${PORTNAME} Copied: branches/2016Q1/graphics/giflib/files/patch-lib_dgif__lib.c (from r410712, head/graphics/giflib/files/patch-lib_dgif__lib.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q1/graphics/giflib/files/patch-lib_dgif__lib.c Wed Mar 9 17:14:22 2016 (r410713, copy of r410712, head/graphics/giflib/files/patch-lib_dgif__lib.c) @@ -0,0 +1,11 @@ +--- lib/dgif_lib.c.orig 2016-03-06 10:52:49.090426000 +0100 ++++ lib/dgif_lib.c 2016-03-06 10:53:00.938584000 +0100 +@@ -764,7 +764,7 @@ + BitsPerPixel = CodeSize; + + /* this can only happen on a severely malformed GIF */ +- if (BitsPerPixel > 8 || Private->RunningBits > 32) { ++ if (BitsPerPixel > 8) { + GifFile->Error = D_GIF_ERR_READ_FAILED; /* somewhat bogus error code */ + return GIF_ERROR; /* Failed to read Code size. */ + }