fig2dev: add CVE-2019-19746 patch

Signed-off-by: Nathan Owens <ndowens04@gmail.com>

srcpkgs/fig2dev/patches/CVE-2019-19746.patch

@@ -0,0 +1,57 @@
+--- fig2dev/arrow.c
++++ fig2dev/arrow.c
+@@ -1,9 +1,10 @@
+ /*
+  * Fig2dev: Translate Fig code to various Devices
+- * Copyright (c) 1985 by Supoj Sutantavibul
+  * Copyright (c) 1991 by Micah Beck
+- * Parts Copyright (c) 1989-2002 by Brian V. Smith
+- * Parts Copyright (c) 2015-2018 by Thomas Loimer
++ * Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
++ * Parts Copyright (c) 1989-2015 by Brian V. Smith
++ * Parts Copyright (c) 2015-2019 by Thomas Loimer
++ *
+  *
+  * Any party obtaining a copy of these files is granted, free of charge, a
+  * full and unrestricted irrevocable, world-wide, paid up, royalty-free,
+@@ -78,7 +79,9 @@
+ {
+  F_arrow  *a;
+ 
+- if (style < 0 || style > 1 || type < 0 || (type + 1) * 2 > NUMARROWS)
++ if (style < 0 || style > 1 || type < 0 ||
++   /* beware of int overflow */
++   type > NUMARROWS || (type + 1) * 2 > NUMARROWS)
+   return NULL;
+  if (NULL == (Arrow_malloc(a))) {
+   put_msg(Err_mem);
+@@ -90,7 +93,7 @@
+ 
+  a->type = type;
+  a->style = style;
+- a->thickness = thickness*THICK_SCALE;
++ a->thickness = thickness * THICK_SCALE;
+  a->wid = wid;
+  a->ht = ht;
+  return a;
+--- fig2dev/tests/read.at
++++ fig2dev/tests/read.at
+@@ -135,6 +135,18 @@
+ ])
+ AT_CLEANUP
+ 
++AT_SETUP([reject huge arrow-type, ticket #57])
++AT_KEYWORDS(arrow.c arrow)
++AT_CHECK([fig2dev -L box <<EOF
++FIG_FILE_TOP
++2 1 0 1 -1 -1 50 -1 -1 0. 0 0 0 1 0 2
++ 10000000000000 0 1 60 120
++0 0 600 0
++EOF
++], 1, ignore, [Invalid forward arrow at line 11.
++])
++AT_CLEANUP
++
+ AT_SETUP([reject negative font type])
+ AT_KEYWORDS(read.c font)
+ AT_CHECK([fig2dev -L box <<EOF

srcpkgs/fig2dev/template

@@ -1,7 +1,7 @@
 # Template file for 'fig2dev'
 pkgname=fig2dev
 version=3.2.7b
-revision=2
+revision=3
 build_style=gnu-configure
 configure_args="--enable-transfig"
 hostmakedepends="ghostscript"