From 0de3f2636e30e26d8fbadf33fa7190019ede198f Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 9 Mar 2016 17:13:49 +0000 Subject: [PATCH] graphics/giflib: Add patch to fix regression There is a regression with the 5.1.2 update to giflib. This affects the ability for applications to render gif images usually ocurring after the first gif image is rendered. Upstream has been notified but has not yet provided feedback. giflib 5.1.2 was a security fix, so reverting is not reasonable. "The removed check look redundant - I couldn't find a code path where Private->RunningBits would exceed that limit after initialization. (Currently Private->RunningBits is checked before it is initialized)." PR: 207849 Submitted by: Stefan Ehmann Approved by: ports-secteam (with hat) MFH: 2016Q1 --- graphics/giflib/Makefile | 2 +- graphics/giflib/files/patch-lib_dgif__lib.c | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 graphics/giflib/files/patch-lib_dgif__lib.c diff --git a/graphics/giflib/Makefile b/graphics/giflib/Makefile index 7f2e2ee91cc0..2fd96693ab7d 100644 --- a/graphics/giflib/Makefile +++ b/graphics/giflib/Makefile @@ -3,7 +3,7 @@ PORTNAME= giflib PORTVERSION= 5.1.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= graphics MASTER_SITES= SF/${PORTNAME} diff --git a/graphics/giflib/files/patch-lib_dgif__lib.c b/graphics/giflib/files/patch-lib_dgif__lib.c new file mode 100644 index 000000000000..7e5060c8e9f8 --- /dev/null +++ b/graphics/giflib/files/patch-lib_dgif__lib.c @@ -0,0 +1,11 @@ +--- lib/dgif_lib.c.orig 2016-03-06 10:52:49.090426000 +0100 ++++ lib/dgif_lib.c 2016-03-06 10:53:00.938584000 +0100 +@@ -764,7 +764,7 @@ + BitsPerPixel = CodeSize; + + /* this can only happen on a severely malformed GIF */ +- if (BitsPerPixel > 8 || Private->RunningBits > 32) { ++ if (BitsPerPixel > 8) { + GifFile->Error = D_GIF_ERR_READ_FAILED; /* somewhat bogus error code */ + return GIF_ERROR; /* Failed to read Code size. */ + }