From f62633ca2d4c6b3f3e54b56797dd07135571f372 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 27 Apr 2018 22:37:00 -0400 Subject: gnu: gegl: Update to 0.4. * gnu/packages/gimp.scm (gegl): Update to 0.4. [inputs]: Move babl and glib to propagated-inputs. [propagated-inputs]: Add json-glib. [arguments]: Re-enable the tests and remove the obsolete 'pre-build' phase. [source]: Use HTTPS URL. * gnu/packages/patches/gegl-CVE-2012-4433.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/packages/gimp.scm | 36 ++------ gnu/packages/patches/gegl-CVE-2012-4433.patch | 117 -------------------------- 2 files changed, 9 insertions(+), 144 deletions(-) delete mode 100644 gnu/packages/patches/gegl-CVE-2012-4433.patch (limited to 'gnu/packages') diff --git a/gnu/packages/gimp.scm b/gnu/packages/gimp.scm index 0f27ceb44e..64fe04b4f9 100644 --- a/gnu/packages/gimp.scm +++ b/gnu/packages/gimp.scm @@ -77,43 +77,25 @@ provided, as well as a framework to add new color models and data types.") (define-public gegl (package (name "gegl") - (version "0.2.0") + (version "0.4.0") (source (origin (method url-fetch) - (uri (list (string-append "http://download.gimp.org/pub/gegl/" + (uri (list (string-append "https://download.gimp.org/pub/gegl/" (string-take version 3) "/" name "-" version ".tar.bz2"))) (sha256 (base32 - "09nlv06li9nrn74ifpm7223mxpg0s7cii702z72cpbwrjh6nlbnz")) - (patches (search-patches "gegl-CVE-2012-4433.patch")))) + "1ighk4z8nlqrzyj8w97s140hzj59564l3xv6fpzbr97m1zx2nkfh")))) (build-system gnu-build-system) (arguments - '(;; More than just the one test disabled below now fails; disable them - ;; all according to the rationale given below. - #:tests? #f - #:configure-flags '("LDFLAGS=-lm") - #:phases - (modify-phases %standard-phases - (add-before 'build 'pre-build - (lambda _ - ;; This test program seems to crash on exit. Specifically, whilst - ;; g_object_unreffing bufferA and bufferB - This seems to be a bug - ;; in the destructor. This is just a test program so will not have - ;; any wider effect, although might be hiding another problem. - ;; According to advice received on irc.gimp.org#gegl although 0.2.0 - ;; is the latest released version, any bug reports against it will - ;; be ignored. So we are on our own. - (substitute* "tools/img_cmp.c" - (("g_object_unref \\(buffer.\\);") "")) - - (substitute* "tests/compositions/Makefile" - (("/bin/sh") (which "sh"))) - #t))))) - (inputs + '(#:configure-flags '("LDFLAGS=-lm"))) + ;; These are propagated to satisfy 'gegl-0.4.pc'. + (propagated-inputs `(("babl" ,babl) ("glib" ,glib) - ("cairo" ,cairo) + ("json-glib" ,json-glib))) + (inputs + `(("cairo" ,cairo) ("pango" ,pango) ("libpng" ,libpng) ("libjpeg" ,libjpeg-8))) diff --git a/gnu/packages/patches/gegl-CVE-2012-4433.patch b/gnu/packages/patches/gegl-CVE-2012-4433.patch deleted file mode 100644 index 7352b78dba..0000000000 --- a/gnu/packages/patches/gegl-CVE-2012-4433.patch +++ /dev/null @@ -1,117 +0,0 @@ -From: Michael Gilbert -Date: Mon, 9 Sep 2013 17:34:32 +0200 -Subject: Fix_CVE-2012-4433 - -Multiple buffer overflow issues. - -Closes: #692435 ---- - operations/external/ppm-load.c | 62 ++++++++++++++++++++++++++++++++++++------ - 1 file changed, 53 insertions(+), 9 deletions(-) - -diff --git a/operations/external/ppm-load.c b/operations/external/ppm-load.c -index efe6d56..465096d 100644 ---- a/operations/external/ppm-load.c -+++ b/operations/external/ppm-load.c -@@ -36,6 +36,7 @@ gegl_chant_file_path (path, _("File"), "", _("Path of file to load.")) - #include "gegl-chant.h" - #include - #include -+#include - - typedef enum { - PIXMAP_ASCII = 51, -@@ -44,8 +45,8 @@ typedef enum { - - typedef struct { - map_type type; -- gint width; -- gint height; -+ glong width; -+ glong height; - gsize numsamples; /* width * height * channels */ - gsize bpc; /* bytes per channel */ - guchar *data; -@@ -82,12 +83,33 @@ ppm_load_read_header(FILE *fp, - } - - /* Get Width and Height */ -- img->width = strtol (header,&ptr,0); -- img->height = atoi (ptr); -- img->numsamples = img->width * img->height * CHANNEL_COUNT; -+ errno = 0; -+ img->width = strtol (header,&ptr,10); -+ if (errno) -+ { -+ g_warning ("Error reading width: %s", strerror(errno)); -+ return FALSE; -+ } -+ else if (img->width < 0) -+ { -+ g_warning ("Error: width is negative"); -+ return FALSE; -+ } -+ -+ img->height = strtol (ptr,&ptr,10); -+ if (errno) -+ { -+ g_warning ("Error reading height: %s", strerror(errno)); -+ return FALSE; -+ } -+ else if (img->width < 0) -+ { -+ g_warning ("Error: height is negative"); -+ return FALSE; -+ } - - fgets (header,MAX_CHARS_IN_ROW,fp); -- maxval = strtol (header,&ptr,0); -+ maxval = strtol (header,&ptr,10); - - if ((maxval != 255) && (maxval != 65535)) - { -@@ -109,6 +131,16 @@ ppm_load_read_header(FILE *fp, - g_warning ("%s: Programmer stupidity error", G_STRLOC); - } - -+ /* Later on, img->numsamples is multiplied with img->bpc to allocate -+ * memory. Ensure it doesn't overflow. */ -+ if (!img->width || !img->height || -+ G_MAXSIZE / img->width / img->height / CHANNEL_COUNT < img->bpc) -+ { -+ g_warning ("Illegal width/height: %ld/%ld", img->width, img->height); -+ return FALSE; -+ } -+ img->numsamples = img->width * img->height * CHANNEL_COUNT; -+ - return TRUE; - } - -@@ -229,12 +261,24 @@ process (GeglOperation *operation, - if (!ppm_load_read_header (fp, &img)) - goto out; - -- rect.height = img.height; -- rect.width = img.width; -- - /* Allocating Array Size */ -+ -+ /* Should use g_try_malloc(), but this causes crashes elsewhere because the -+ * error signalled by returning FALSE isn't properly acted upon. Therefore -+ * g_malloc() is used here which aborts if the requested memory size can't be -+ * allocated causing a controlled crash. */ - img.data = (guchar*) g_malloc (img.numsamples * img.bpc); - -+ /* No-op without g_try_malloc(), see above. */ -+ if (! img.data) -+ { -+ g_warning ("Couldn't allocate %" G_GSIZE_FORMAT " bytes, giving up.", ((gsize)img.numsamples * img.bpc)); -+ goto out; -+ } -+ -+ rect.height = img.height; -+ rect.width = img.width; -+ - switch (img.bpc) - { - case 1: -- cgit v1.2.3