fig2dev: add CVE-2019-19555 patch
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
This commit is contained in:
Nathan Owens
Helmut Pozimski
parent
12dd3d4796
commit
28e3cae483
2 changed files with 45 additions and 3 deletions
42
srcpkgs/fig2dev/patches/CVE-2019-19555.patch
Normal file
42
srcpkgs/fig2dev/patches/CVE-2019-19555.patch
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
-- fig2dev/read.c
|
||||
+++fig2dev/read.c
|
||||
@@ -3,7 +3,7 @@
|
||||
* Copyright (c) 1991 by Micah Beck
|
||||
* Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
|
||||
* Parts Copyright (c) 1989-2015 by Brian V. Smith
|
||||
- * Parts Copyright (c) 2015-2018 by Thomas Loimer
|
||||
+ * Parts Copyright (c) 2015-2019 by Thomas Loimer
|
||||
*
|
||||
* Any party obtaining a copy of these files is granted, free of charge, a
|
||||
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
|
||||
@@ -1328,7 +1328,7 @@
|
||||
If we do not find the CONTROL-A on this line then this must
|
||||
be a multi-line text object and we will have to read more. */
|
||||
|
||||
- n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%[\1]",
|
||||
+ n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%1[\1]",
|
||||
&t->type, &t->font, &t->size, &t->pen,
|
||||
&t->color, &t->depth, &t->angle,
|
||||
&t->flags, &t->height, &t->length,
|
||||
--- fig2dev/tests/read.at
|
||||
+++ fig2dev/tests/read.at
|
||||
@@ -359,6 +359,17 @@
|
||||
], 0, ignore)
|
||||
AT_CLEANUP
|
||||
|
||||
+AT_SETUP([allow text ending with multiple ^A, ticket #55])
|
||||
+AT_KEYWORDS([read.c])
|
||||
+AT_CHECK([fig2dev -L box <<EOF
|
||||
+#FIG 2
|
||||
+1200 2
|
||||
+4 2 0 0 1 0 0 390 306 110 376 639 5 Text
|
||||
+EOF
|
||||
+], 1, ignore, [Invalid text object at line 2.
|
||||
+])
|
||||
+AT_CLEANUP
|
||||
+
|
||||
AT_BANNER([Dynamically allocate picture file name.])
|
||||
|
||||
AT_SETUP([prepend fig file path to picture file name])
|
||||
|
||||
|
||||
|
|
@ -1,18 +1,18 @@
|
|||
# Template file for 'fig2dev'
|
||||
pkgname=fig2dev
|
||||
version=3.2.7b
|
||||
revision=1
|
||||
revision=2
|
||||
build_style=gnu-configure
|
||||
configure_args="--enable-transfig"
|
||||
hostmakedepends="ghostscript"
|
||||
makedepends="libpng-devel libXpm-devel"
|
||||
replaces="transfig>=0"
|
||||
short_desc="Export .xfig to various output formats"
|
||||
maintainer="Leah Neukirchen <leah@vuxu.org>"
|
||||
license="MIT-like"
|
||||
license="custom:MIT-like"
|
||||
homepage="http://www.xfig.org/"
|
||||
distfiles="${SOURCEFORGE_SITE}/mcj/${pkgname}-${version}.tar.xz"
|
||||
checksum=47dc1b4420a1bc503b3771993e19cdaf75120d38be6548709f7d84f7b07d68b2
|
||||
replaces="transfig>=0"
|
||||
|
||||
post_install() {
|
||||
sed '/^$/q' <fig2dev/fig2dev.c >LICENSE
|
||||
|
|
|
|||
Loading…
Reference in a new issue