graphics/sdl_image: backport XCF vulnerability fix

Obtained from: upstream (SDL_image-2.0.2) Security: CVE-2017-2887 Tested by: Debian
svn path=/head/; revision=452943
2025-01-29 10:18:30 +00:00 · 2017-10-26 19:04:42 +00:00 · 2017-10-26 19:04:42 +00:00 · d27f57c7d2 · 2021-03-31 03:12:20 +00:00
commit d27f57c7d2
parent 8039bbc3c5
2 changed files with 28 additions and 1 deletions
--- a/graphics/sdl_image/Makefile
+++ b/graphics/sdl_image/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	sdl_image
 PORTVERSION=	1.2.12
-PORTREVISION=	10
+PORTREVISION=	11
 CATEGORIES=	graphics
 MASTER_SITES=	http://www.libsdl.org/projects/SDL_image/release/
 DISTNAME=	SDL_image-${PORTVERSION}
--- a/graphics/sdl_image/files/patch-IMG__xcf.c
+++ b/graphics/sdl_image/files/patch-IMG__xcf.c
@ -0,0 +1,27 @@
+Fixed security vulnerability in XCF image loader (thanks Yves!)
+https://hg.libsdl.org/SDL_image/rev/318484db0705
+
+--- IMG_xcf.c.orig	2012-01-21 01:51:33 UTC
+++ IMG_xcf.c
+@@ -251,6 +251,7 @@ static Uint32 Swap32 (Uint32 v) {
+ }
+ 
+ static void xcf_read_property (SDL_RWops * src, xcf_prop * prop) {
+  Uint32 len;
+   prop->id = SDL_ReadBE32 (src);
+   prop->length = SDL_ReadBE32 (src);
+ 
+@@ -274,7 +275,12 @@ static void xcf_read_property (SDL_RWops * src, xcf_pr
+     break;
+   case PROP_COMPRESSION:
+   case PROP_COLOR:
+-    SDL_RWread (src, &prop->data, prop->length, 1);
+    if (prop->length > sizeof(prop->data)) {
+        len = sizeof(prop->data);
+    } else {
+        len = prop->length;
+    }
+    SDL_RWread(src, &prop->data, len, 1);
+     break;
+   case PROP_VISIBLE:
+     prop->data.visible = SDL_ReadBE32 (src);