summaryrefslogtreecommitdiff
path: root/media-libs/jbig2dec
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-12-15 17:25:28 +0000
committerV3n3RiX <venerix@redcorelinux.org>2017-12-15 17:25:28 +0000
commit6b933047f46efec1aa747570f945344254227457 (patch)
treea12a4b87b38f954c4de435272cf4b90d721df5e8 /media-libs/jbig2dec
parentf45955e60d4da9b7f4a1088c98042f9c06669039 (diff)
gentoo resync : 15.12.2017
Diffstat (limited to 'media-libs/jbig2dec')
-rw-r--r--media-libs/jbig2dec/Manifest14
-rw-r--r--media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch897
-rw-r--r--media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch29
-rw-r--r--media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch31
-rw-r--r--media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch29
-rw-r--r--media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch31
-rw-r--r--media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild11
7 files changed, 11 insertions, 1031 deletions
diff --git a/media-libs/jbig2dec/Manifest b/media-libs/jbig2dec/Manifest
index 1ea0dba3e472..5492f522fd98 100644
--- a/media-libs/jbig2dec/Manifest
+++ b/media-libs/jbig2dec/Manifest
@@ -1,11 +1,7 @@
-AUX jbig2dec-0.13-CVE-2016-9601.patch 33203 BLAKE2B ee6fcd68aae67b482f1c12034635331e062955371796676ca4f1acdc1df1744b14a4b63ff5be3e3471fa1ae238c3a9165bfbf212a1239e77290a35a5646b45d3 SHA512 cf7098a08d4113d6d22e76dfd0d0f6d49c41fcd4a743bb7825ac8e526ec5ee1d469d336f238118ceeb3bbd360a6a3729d2cf1cbcafb2087d0fdff940f2131875
-AUX jbig2dec-0.13-CVE-2017-7885.patch 1309 BLAKE2B 35edd433bf7bc9094399af62cfbd321963d4cba0b6faafd8c770c3d7926dd375cc03e8f018b6de573e9f182fd96867a638ab00e4ee42cbb1a7bc2eac47672154 SHA512 5363c3a56ea961ce5831fd25de8d7d64a1c1465fd8a62a3ae7c6680a37d7805103b07fe015f44221c3e467f1db74d2912a18334bf6c8ad66ff08b229b8093117
-AUX jbig2dec-0.13-CVE-2017-7975.patch 1117 BLAKE2B dc56b22fd6901e5a654c2848579096c225e4cd9967b9c490c26725017034afde65af97bc9cf0dd1256330314b47ca107f9644ea4f97d276dd996d325ab39e090 SHA512 787ebdb6f4af6d70337d74573ef34b45161825033163c040242aa9712bacd564411d0b0dc997a03cc23ddd25053a3bf0a463bd7e36a71ab2578c33a10364dbdc
-AUX jbig2dec-0.13-CVE-2017-7976.patch 1359 BLAKE2B 04315e7b446b5c8e1de51bc1e6c9b7e56f918804752acf479cf904424842d6abb5529868644945065e6493fa2993c8036d4b7aaed565430192c1e21556436094 SHA512 2a6aaab26591a94eb698019f86f40a160986711483511991c0f382155b1ff585bccc91f64200ef0cd526307f96e4c360fb6f82cd329984bd5779dfc98e2fd837
-AUX jbig2dec-0.13-CVE-2017-9216.patch 1443 BLAKE2B 8c32427da3ea686f098f446c8e93006dee8a1763f90f5be520ef1a176e0eaee6b1d87006dfd86f62da28137013c12eda2a4f4715f05fd6358da49a58eb94241f SHA512 4254856b7e4ad997ca0395115220ce4911585396969b298b2059126d5fa916af20641c362403f0cfbffb934b3a95e149ddb4def6ec8f0b24c305a0827b875079
-DIST jb2streams.zip 1285838 SHA256 3d1e5c79054b59d061cabdb1d7ba2d1b3f84700f5c517ba4306f7047660016f7 SHA512 382890b36345b8aaebb3554e776a53f3276c6d835335ce41f3f41829ff62bba7ae646602544103ba8541a7a824dca92d682b682c254ab2918c7fe45b3e358b45 WHIRLPOOL 0906c736aeeaaecf788d309c450a787f0b780ab932f7a832c47faf4a5b5e15bdd0205b44540cd8cedcdedc9293d48afb6de084a1716bdf5ef4352b90b4998e0f
-DIST jbig2dec-0.13.tar.gz 442571 SHA256 5aaca0070992cc2e971e3bb2338ee749495613dcecab4c868fc547b4148f5311 SHA512 ef64a65c54bec65f61602de7130dc9594aae58aaea7958f7cc987f25d0794511e15a423e86501ace4f40c0364796fb97ceab72edb0b69232926767ba16c1b05d WHIRLPOOL bd0cef3440e3db43af04a319eb9c5ae166679bd03eda642d003e0157a1e723864bc3e18c0aed7b8266ff938e50191d8c3bd698e4fddeead61ecca805b73a2a56
-DIST jbig2dec-0.14.tar.gz 463572 SHA256 21b498c3ba566f283d02946f7e78e12abbad89f12fe4958974e50882c185014c SHA512 066bd880ac0665fc1e42b0ae0e481008b125aab6e173b7f82d61a2a30e72c90085cbded9b2a68c6836f92dea3d8d8d5c2228dba76e0d99c79c922197d215705b WHIRLPOOL 6a54138ca8010d0e09ac5dade5cde862179c8fe751098c3d77230fee3bfb5f4cfc5f50357a86d4ed7d09669ac1fc2e0355596ccef71faed2577baadc7c181cb5
-EBUILD jbig2dec-0.13-r4.ebuild 1351 BLAKE2B 4b6775d3651ebbdd16bed81ace24b0be45f11f28aec785995ca85e5e1df18d35bbd03da3f82799b9ecdc8bd1f8190f957f8fa43be118d534ad652f1d7b493148 SHA512 3250378943c9a8dcac41ec3e325dd7c7913c38984c7212b80fcbe49382be9d105268f9962569450252a18514d63eac149f74ae6cb69f3c449616fe234a51335f
+DIST jb2streams.zip 1285838 BLAKE2B 9a2b6047a7b970439693d6f5fdefb9488019a562e7f831288b27df09bb19dec2f84854cf7fea50b5b041d331e925145f37f2f89848058ecdc074e7d6c238033f SHA512 382890b36345b8aaebb3554e776a53f3276c6d835335ce41f3f41829ff62bba7ae646602544103ba8541a7a824dca92d682b682c254ab2918c7fe45b3e358b45
+DIST jbig2dec-0.13-patchset.tar.bz2 8452 BLAKE2B 473a338b460c8a66991fb50e110f4386944c8d1ea557318bf8c249e3ed64d290ace9112ad713f92bb4c933fd187eae7ec9f2358ca904a1e41e003f9f9e8682e5 SHA512 024cb2a9c12f4c1f603b3379bfc0e190006accd484cea124c41d6663e3d094724f53bcf881650edcef80fc86f004e69423bdcaf60a3962e392685bae88375b9d
+DIST jbig2dec-0.13.tar.gz 442571 BLAKE2B 6a973f91502d8effc00cd49b68bb2f853edd41286fdc5cb159460607db8627c2c959ba1c96e65b2ef1df3d4072c9993ce66c06bc5dc1837c89f87c6da0025550 SHA512 ef64a65c54bec65f61602de7130dc9594aae58aaea7958f7cc987f25d0794511e15a423e86501ace4f40c0364796fb97ceab72edb0b69232926767ba16c1b05d
+DIST jbig2dec-0.14.tar.gz 463572 BLAKE2B 91351a3879bd1906fabe2620cf5379fbbc32eaae808a8c2754c661d6dc592d3c9da13c558c8f7ced30c48b73fbd9ed4631f2817298f959b59ad4dff5fce9ac1a SHA512 066bd880ac0665fc1e42b0ae0e481008b125aab6e173b7f82d61a2a30e72c90085cbded9b2a68c6836f92dea3d8d8d5c2228dba76e0d99c79c922197d215705b
+EBUILD jbig2dec-0.13-r4.ebuild 1475 BLAKE2B aff0a9e2c556f5341c53da0c438a2991057224d47fce4c0473322cfdbdd33613c3518b37e8c68adeafde42d0190b1e02671d779cee7cf888d437a15b22b4a7ac SHA512 826b33198d369ae8aee3782157c3262c65158261aadbfb649e133a0db6ca8d723be1968e0897f12fcaa792460b3d5a20e43c9a4e32ee82824d8e5c1d74ba46ad
EBUILD jbig2dec-0.14.ebuild 1149 BLAKE2B bae8910b3fa05fd25146e1027ef9cabb9560f8b7114ac563f5ef5f0e5309888571a1ec4246b4eda40740ef3d1a332f99d2958e8474910c22dce5ac135c385538 SHA512 04a834292637546648e94efaddc001512b7a67f5d001d17beb22bda8723f1c72f882261c9cc98dd981e68655c427f802bf9fa96d6e8d6e11f9793d97cd643090
MISC metadata.xml 473 BLAKE2B 6d374023a106375c7f5500968ed4ea2f4dd5584fb0db8f85b042844d08afb6196b7d7c019ae69b35917f43e496c9a25212aec328f0c3cf78aaa94b963de65c15 SHA512 501077ac27f5c6f8a616fa32cec23d28cb16dc0e0c19ce933cbc067494117c9c55fc3e00dfc21270892d57478a9e268f99215c8d074d6cc4114916f55a571a6f
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch
deleted file mode 100644
index 4ce96ae5d3c0..000000000000
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch
+++ /dev/null
@@ -1,897 +0,0 @@
-From e698d5c11d27212aa1098bc5b1673a3378563092 Mon Sep 17 00:00:00 2001
-From: Robin Watts <robin.watts@artifex.com>
-Date: Mon, 12 Dec 2016 17:47:17 +0000
-Subject: [PATCH] Squash signed/unsigned warnings in MSVC jbig2 build.
-
-Also rename "new" to "new_dict", because "new" is a bad
-variable name.
----
- jbig2.c | 4 +--
- jbig2.h | 8 +++---
- jbig2_generic.c | 2 +-
- jbig2_halftone.c | 24 ++++++++----------
- jbig2_huffman.c | 10 ++++----
- jbig2_huffman.h | 2 +-
- jbig2_image.c | 32 +++++++++++------------
- jbig2_mmr.c | 66 +++++++++++++++++++++++++-----------------------
- jbig2_page.c | 6 ++---
- jbig2_priv.h | 4 +--
- jbig2_segment.c | 10 ++++----
- jbig2_symbol_dict.c | 73 +++++++++++++++++++++++++++--------------------------
- jbig2_symbol_dict.h | 6 ++---
- jbig2_text.c | 16 ++++++------
- jbig2_text.h | 2 +-
- 15 files changed, 134 insertions(+), 131 deletions(-)
-
-diff --git a/jbig2.c b/jbig2.c
-index f729e29..e51380f 100644
---- a/jbig2.c
-+++ b/jbig2.c
-@@ -379,7 +379,7 @@ typedef struct {
- } Jbig2WordStreamBuf;
-
- static int
--jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, int offset, uint32_t *word)
-+jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, size_t offset, uint32_t *word)
- {
- Jbig2WordStreamBuf *z = (Jbig2WordStreamBuf *) self;
- const byte *data = z->data;
-@@ -390,7 +390,7 @@ jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, int offset, uint32_t
- else if (offset > z->size)
- return -1;
- else {
-- int i;
-+ size_t i;
-
- result = 0;
- for (i = 0; i < z->size - offset; i++)
-diff --git a/jbig2.h b/jbig2.h
-index d5aa52f..624e0ed 100644
---- a/jbig2.h
-+++ b/jbig2.h
-@@ -56,17 +56,19 @@ typedef struct _Jbig2SymbolDictionary Jbig2SymbolDictionary;
- */
-
- struct _Jbig2Image {
-- int width, height, stride;
-+ uint32_t width;
-+ uint32_t height;
-+ uint32_t stride;
- uint8_t *data;
- int refcount;
- };
-
--Jbig2Image *jbig2_image_new(Jbig2Ctx *ctx, int width, int height);
-+Jbig2Image *jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height);
- Jbig2Image *jbig2_image_clone(Jbig2Ctx *ctx, Jbig2Image *image);
- void jbig2_image_release(Jbig2Ctx *ctx, Jbig2Image *image);
- void jbig2_image_free(Jbig2Ctx *ctx, Jbig2Image *image);
- void jbig2_image_clear(Jbig2Ctx *ctx, Jbig2Image *image, int value);
--Jbig2Image *jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height);
-+Jbig2Image *jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, uint32_t width, uint32_t height);
-
- /* errors are returned from the library via a callback. If no callback
- is provided (a NULL argument is passed ot jbig2_ctx_new) a default
-diff --git a/jbig2_generic.c b/jbig2_generic.c
-index 02fdbfb..9656198 100644
---- a/jbig2_generic.c
-+++ b/jbig2_generic.c
-@@ -718,7 +718,7 @@ jbig2_immediate_generic_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte
- byte seg_flags;
- int8_t gbat[8];
- int offset;
-- int gbat_bytes = 0;
-+ uint32_t gbat_bytes = 0;
- Jbig2GenericRegionParams params;
- int code = 0;
- Jbig2Image *image = NULL;
-diff --git a/jbig2_halftone.c b/jbig2_halftone.c
-index aeab576..acfbc56 100644
---- a/jbig2_halftone.c
-+++ b/jbig2_halftone.c
-@@ -257,8 +257,8 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment,
- {
- uint8_t **GSVALS = NULL;
- size_t consumed_bytes = 0;
-- int i, j, code, stride;
-- int x, y;
-+ uint32_t i, j, stride, x, y;
-+ int code;
- Jbig2Image **GSPLANES;
- Jbig2GenericRegionParams rparams;
- Jbig2WordStream *ws = NULL;
-@@ -276,9 +276,8 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment,
- if (GSPLANES[i] == NULL) {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate %dx%d image for GSPLANES", GSW, GSH);
- /* free already allocated */
-- for (j = i - 1; j >= 0; --j) {
-- jbig2_image_release(ctx, GSPLANES[j]);
-- }
-+ for (j = i; j > 0;)
-+ jbig2_image_release(ctx, GSPLANES[--j]);
- jbig2_free(ctx->allocator, GSPLANES);
- return NULL;
- }
-@@ -323,9 +322,10 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment,
- }
-
- /* C.5 step 2. Set j = GSBPP-2 */
-- j = GSBPP - 2;
-+ j = GSBPP - 1;
- /* C.5 step 3. decode loop */
-- while (j >= 0) {
-+ while (j > 0) {
-+ j--;
- /* C.5 step 3. (a) */
- if (GSMMR) {
- code = jbig2_decode_halftone_mmr(ctx, &rparams, data + consumed_bytes, size - consumed_bytes, GSPLANES[j], &consumed_bytes);
-@@ -345,7 +345,6 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment,
- GSPLANES[j]->data[i] ^= GSPLANES[j + 1]->data[i];
-
- /* C.5 step 3. (c) */
-- --j;
- }
-
- /* allocate GSVALS */
-@@ -359,9 +358,8 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment,
- if (GSVALS[i] == NULL) {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate GSVALS: %d bytes", GSH * GSW);
- /* free already allocated */
-- for (j = i - 1; j >= 0; --j) {
-- jbig2_free(ctx->allocator, GSVALS[j]);
-- }
-+ for (j = i; j > 0;)
-+ jbig2_free(ctx->allocator, GSVALS[--j]);
- jbig2_free(ctx->allocator, GSVALS);
- GSVALS = NULL;
- goto cleanup;
-@@ -450,7 +448,7 @@ jbig2_decode_halftone_region(Jbig2Ctx *ctx, Jbig2Segment *segment,
- uint8_t **GI;
- Jbig2Image *HSKIP = NULL;
- Jbig2PatternDict *HPATS;
-- int i;
-+ uint32_t i;
- uint32_t mg, ng;
- int32_t x, y;
- uint8_t gray_val;
-@@ -476,7 +474,7 @@ jbig2_decode_halftone_region(Jbig2Ctx *ctx, Jbig2Segment *segment,
-
- /* calculate ceil(log2(HNUMPATS)) */
- HBPP = 0;
-- while (HNUMPATS > (1 << ++HBPP));
-+ while (HNUMPATS > (1U << ++HBPP));
-
- /* 6.6.5 point 4. decode gray-scale image as mentioned in annex C */
- GI = jbig2_decode_gray_scale_image(ctx, segment, data, size,
-diff --git a/jbig2_huffman.c b/jbig2_huffman.c
-index 4521b48..f77981b 100644
---- a/jbig2_huffman.c
-+++ b/jbig2_huffman.c
-@@ -47,16 +47,16 @@ struct _Jbig2HuffmanState {
- is (offset + 4) * 8. */
- uint32_t this_word;
- uint32_t next_word;
-- int offset_bits;
-- int offset;
-- int offset_limit;
-+ uint32_t offset_bits;
-+ uint32_t offset;
-+ uint32_t offset_limit;
-
- Jbig2WordStream *ws;
- Jbig2Ctx *ctx;
- };
-
- static uint32_t
--huff_get_next_word(Jbig2HuffmanState *hs, int offset)
-+huff_get_next_word(Jbig2HuffmanState *hs, uint32_t offset)
- {
- uint32_t word = 0;
- Jbig2WordStream *ws = hs->ws;
-@@ -213,7 +213,7 @@ jbig2_huffman_advance(Jbig2HuffmanState *hs, int offset)
- /* return the offset of the huffman decode pointer (in bytes)
- * from the beginning of the WordStream
- */
--int
-+uint32_t
- jbig2_huffman_offset(Jbig2HuffmanState *hs)
- {
- return hs->offset + (hs->offset_bits >> 3);
-diff --git a/jbig2_huffman.h b/jbig2_huffman.h
-index 5d1e6e0..cfda9e0 100644
---- a/jbig2_huffman.h
-+++ b/jbig2_huffman.h
-@@ -64,7 +64,7 @@ void jbig2_huffman_skip(Jbig2HuffmanState *hs);
-
- void jbig2_huffman_advance(Jbig2HuffmanState *hs, int offset);
-
--int jbig2_huffman_offset(Jbig2HuffmanState *hs);
-+uint32_t jbig2_huffman_offset(Jbig2HuffmanState *hs);
-
- int32_t jbig2_huffman_get(Jbig2HuffmanState *hs, const Jbig2HuffmanTable *table, bool *oob);
-
-diff --git a/jbig2_image.c b/jbig2_image.c
-index 1ae614e..94e5a4c 100644
---- a/jbig2_image.c
-+++ b/jbig2_image.c
-@@ -32,10 +32,10 @@
-
- /* allocate a Jbig2Image structure and its associated bitmap */
- Jbig2Image *
--jbig2_image_new(Jbig2Ctx *ctx, int width, int height)
-+jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height)
- {
- Jbig2Image *image;
-- int stride;
-+ uint32_t stride;
- int64_t check;
-
- image = jbig2_new(ctx, Jbig2Image, 1);
-@@ -99,7 +99,7 @@ jbig2_image_free(Jbig2Ctx *ctx, Jbig2Image *image)
-
- /* resize a Jbig2Image */
- Jbig2Image *
--jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height)
-+jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, uint32_t width, uint32_t height)
- {
- if (width == image->width) {
- /* check for integer multiplication overflow */
-@@ -133,11 +133,11 @@ jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height)
- static int
- jbig2_image_compose_unopt(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int y, Jbig2ComposeOp op)
- {
-- int i, j;
-- int sw = src->width;
-- int sh = src->height;
-- int sx = 0;
-- int sy = 0;
-+ uint32_t i, j;
-+ uint32_t sw = src->width;
-+ uint32_t sh = src->height;
-+ uint32_t sx = 0;
-+ uint32_t sy = 0;
-
- /* clip to the dst image boundaries */
- if (x < 0) {
-@@ -200,10 +200,10 @@ jbig2_image_compose_unopt(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x
- int
- jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int y, Jbig2ComposeOp op)
- {
-- int i, j;
-- int w, h;
-- int leftbyte, rightbyte;
-- int shift;
-+ uint32_t i, j;
-+ uint32_t w, h;
-+ uint32_t leftbyte, rightbyte;
-+ uint32_t shift;
- uint8_t *s, *ss;
- uint8_t *d, *dd;
- uint8_t mask, rightmask;
-@@ -226,8 +226,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int
- h += y;
- y = 0;
- }
-- w = (x + w < dst->width) ? w : dst->width - x;
-- h = (y + h < dst->height) ? h : dst->height - y;
-+ w = ((uint32_t)x + w < dst->width) ? w : ((dst->width >= (uint32_t)x) ? dst->width - (uint32_t)x : 0);
-+ h = ((uint32_t)y + h < dst->height) ? h : ((dst->height >= (uint32_t)y) ? dst->height - (uint32_t)y : 0);
- #ifdef JBIG2_DEBUG
- jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "compositing %dx%d at (%d, %d) after clipping\n", w, h, x, y);
- #endif
-@@ -249,8 +249,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int
- }
- #endif
-
-- leftbyte = x >> 3;
-- rightbyte = (x + w - 1) >> 3;
-+ leftbyte = (uint32_t)x >> 3;
-+ rightbyte = ((uint32_t)x + w - 1) >> 3;
- shift = x & 7;
-
- /* general OR case */
-diff --git a/jbig2_mmr.c b/jbig2_mmr.c
-index d4cd3a2..390e27c 100644
---- a/jbig2_mmr.c
-+++ b/jbig2_mmr.c
-@@ -38,19 +38,21 @@
- #include "jbig2_mmr.h"
-
- typedef struct {
-- int width;
-- int height;
-+ uint32_t width;
-+ uint32_t height;
- const byte *data;
- size_t size;
-- int data_index;
-- int bit_index;
-+ uint32_t data_index;
-+ uint32_t bit_index;
- uint32_t word;
- } Jbig2MmrCtx;
-
-+#define MINUS1 ((uint32_t)-1)
-+
- static void
- jbig2_decode_mmr_init(Jbig2MmrCtx *mmr, int width, int height, const byte *data, size_t size)
- {
-- int i;
-+ size_t i;
- uint32_t word = 0;
-
- mmr->width = width;
-@@ -732,14 +734,14 @@ const mmr_table_node jbig2_mmr_black_decode[] = {
- #define getbit(buf, x) ( ( buf[x >> 3] >> ( 7 - (x & 7) ) ) & 1 )
-
- static int
--jbig2_find_changing_element(const byte *line, int x, int w)
-+jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
- {
- int a, b;
-
- if (line == 0)
-- return w;
-+ return (int)w;
-
-- if (x == -1) {
-+ if (x == MINUS1) {
- a = 0;
- x = 0;
- } else {
-@@ -758,7 +760,7 @@ jbig2_find_changing_element(const byte *line, int x, int w)
- }
-
- static int
--jbig2_find_changing_element_of_color(const byte *line, int x, int w, int color)
-+jbig2_find_changing_element_of_color(const byte *line, uint32_t x, uint32_t w, int color)
- {
- if (line == 0)
- return w;
-@@ -772,9 +774,9 @@ static const byte lm[8] = { 0xFF, 0x7F, 0x3F, 0x1F, 0x0F, 0x07, 0x03, 0x01 };
- static const byte rm[8] = { 0x00, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
-
- static void
--jbig2_set_bits(byte *line, int x0, int x1)
-+jbig2_set_bits(byte *line, uint32_t x0, uint32_t x1)
- {
-- int a0, a1, b0, b1, a;
-+ uint32_t a0, a1, b0, b1, a;
-
- a0 = x0 >> 3;
- a1 = x1 >> 3;
-@@ -831,8 +833,8 @@ jbig2_decode_get_run(Jbig2MmrCtx *mmr, const mmr_table_node *table, int initial_
- static int
- jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- {
-- int a0 = -1;
-- int a1, a2, b1, b2;
-+ uint32_t a0 = MINUS1;
-+ uint32_t a1, a2, b1, b2;
- int c = 0; /* 0 is white, black is 1 */
-
- while (1) {
-@@ -840,7 +842,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
-
- /* printf ("%08x\n", word); */
-
-- if (a0 >= mmr->width)
-+ if (a0 != MINUS1 && a0 >= mmr->width)
- break;
-
- if ((word >> (32 - 3)) == 1) {
-@@ -848,7 +850,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
-
- jbig2_decode_mmr_consume(mmr, 3);
-
-- if (a0 == -1)
-+ if (a0 == MINUS1)
- a0 = 0;
-
- if (c == 0) {
-@@ -860,7 +862,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- a1 = mmr->width;
- if (a2 > mmr->width)
- a2 = mmr->width;
-- if (a2 < a1 || a1 < 0)
-+ if (a1 == MINUS1 || a2 < a1)
- return -1;
- jbig2_set_bits(dst, a1, a2);
- a0 = a2;
-@@ -874,7 +876,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- a1 = mmr->width;
- if (a2 > mmr->width)
- a2 = mmr->width;
-- if (a1 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || a1 < a0)
- return -1;
- jbig2_set_bits(dst, a0, a1);
- a0 = a2;
-@@ -888,7 +890,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
- b2 = jbig2_find_changing_element(ref, b1, mmr->width);
- if (c) {
-- if (b2 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b2 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b2);
- }
-@@ -900,7 +902,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- jbig2_decode_mmr_consume(mmr, 1);
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
- if (c) {
-- if (b1 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b1 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b1);
- }
-@@ -915,7 +917,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- if (b1 + 1 > mmr->width)
- break;
- if (c) {
-- if (b1 + 1 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b1 + 1 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b1 + 1);
- }
-@@ -930,7 +932,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- if (b1 + 2 > mmr->width)
- break;
- if (c) {
-- if (b1 + 2 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b1 + 2 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b1 + 2);
- }
-@@ -942,10 +944,10 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- /* printf ("VR(3)\n"); */
- jbig2_decode_mmr_consume(mmr, 7);
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
-- if (b1 + 3 > mmr->width)
-+ if (b1 + 3 > (int)mmr->width)
- break;
- if (c) {
-- if (b1 + 3 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b1 + 3 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b1 + 3);
- }
-@@ -957,10 +959,10 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- /* printf ("VL(1)\n"); */
- jbig2_decode_mmr_consume(mmr, 3);
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
-- if (b1 - 1 < 0)
-+ if (b1 < 1)
- break;
- if (c) {
-- if (b1 - 1 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b1 - 1 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b1 - 1);
- }
-@@ -972,7 +974,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- /* printf ("VL(2)\n"); */
- jbig2_decode_mmr_consume(mmr, 6);
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
-- if (b1 - 2 < 0)
-+ if (b1 < 2)
- break;
- if (c) {
- if (b1 - 2 < a0 || a0 < 0)
-@@ -987,10 +989,10 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
- /* printf ("VL(3)\n"); */
- jbig2_decode_mmr_consume(mmr, 7);
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
-- if (b1 - 3 < 0)
-+ if (b1 < 3)
- break;
- if (c) {
-- if (b1 - 3 < a0 || a0 < 0)
-+ if (a0 == MINUS1 || b1 - 3 < a0)
- return -1;
- jbig2_set_bits(dst, a0, b1 - 3);
- }
-@@ -1009,10 +1011,10 @@ int
- jbig2_decode_generic_mmr(Jbig2Ctx *ctx, Jbig2Segment *segment, const Jbig2GenericRegionParams *params, const byte *data, size_t size, Jbig2Image *image)
- {
- Jbig2MmrCtx mmr;
-- const int rowstride = image->stride;
-+ const uint32_t rowstride = image->stride;
- byte *dst = image->data;
- byte *ref = NULL;
-- int y;
-+ uint32_t y;
- int code = 0;
-
- jbig2_decode_mmr_init(&mmr, image->width, image->height, data, size);
-@@ -1047,10 +1049,10 @@ int
- jbig2_decode_halftone_mmr(Jbig2Ctx *ctx, const Jbig2GenericRegionParams *params, const byte *data, size_t size, Jbig2Image *image, size_t *consumed_bytes)
- {
- Jbig2MmrCtx mmr;
-- const int rowstride = image->stride;
-+ const uint32_t rowstride = image->stride;
- byte *dst = image->data;
- byte *ref = NULL;
-- int y;
-+ uint32_t y;
- int code = 0;
- const uint32_t EOFB = 0x001001;
-
-diff --git a/jbig2_page.c b/jbig2_page.c
-index 110ff7c..1ed1c8a 100644
---- a/jbig2_page.c
-+++ b/jbig2_page.c
-@@ -155,9 +155,9 @@ int
- jbig2_end_of_stripe(Jbig2Ctx *ctx, Jbig2Segment *segment, const uint8_t *segment_data)
- {
- Jbig2Page page = ctx->pages[ctx->current_page];
-- int end_row;
-+ uint32_t end_row;
-
-- end_row = jbig2_get_int32(segment_data);
-+ end_row = jbig2_get_uint32(segment_data);
- if (end_row < page.end_row) {
- jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number,
- "end of stripe segment with non-positive end row advance" " (new end row %d vs current end row %d)", end_row, page.end_row);
-@@ -248,7 +248,7 @@ jbig2_page_add_result(Jbig2Ctx *ctx, Jbig2Page *page, Jbig2Image *image, int x,
-
- /* grow the page to accomodate a new stripe if necessary */
- if (page->striped) {
-- int new_height = y + image->height + page->end_row;
-+ uint32_t new_height = y + image->height + page->end_row;
-
- if (page->image->height < new_height) {
- jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "growing page buffer to %d rows " "to accomodate new stripe", new_height);
-diff --git a/jbig2_priv.h b/jbig2_priv.h
-index 42ba496..3d44b42 100644
---- a/jbig2_priv.h
-+++ b/jbig2_priv.h
-@@ -132,7 +132,7 @@ struct _Jbig2Page {
- uint32_t x_resolution, y_resolution; /* in pixels per meter */
- uint16_t stripe_size;
- bool striped;
-- int end_row;
-+ uint32_t end_row;
- uint8_t flags;
- Jbig2Image *image;
- };
-@@ -182,7 +182,7 @@ int jbig2_halftone_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segm
- typedef struct _Jbig2WordStream Jbig2WordStream;
-
- struct _Jbig2WordStream {
-- int (*get_next_word)(Jbig2WordStream *self, int offset, uint32_t *word);
-+ int (*get_next_word)(Jbig2WordStream *self, size_t offset, uint32_t *word);
- };
-
- Jbig2WordStream *jbig2_word_stream_buf_new(Jbig2Ctx *ctx, const byte *data, size_t size);
-diff --git a/jbig2_segment.c b/jbig2_segment.c
-index 2e0db67..5b63706 100644
---- a/jbig2_segment.c
-+++ b/jbig2_segment.c
-@@ -39,10 +39,10 @@ jbig2_parse_segment_header(Jbig2Ctx *ctx, uint8_t *buf, size_t buf_size, size_t
- uint8_t rtscarf;
- uint32_t rtscarf_long;
- uint32_t *referred_to_segments;
-- int referred_to_segment_count;
-- int referred_to_segment_size;
-- int pa_size;
-- int offset;
-+ uint32_t referred_to_segment_count;
-+ uint32_t referred_to_segment_size;
-+ uint32_t pa_size;
-+ uint32_t offset;
-
- /* minimum possible size of a jbig2 segment header */
- if (buf_size < 11)
-@@ -83,7 +83,7 @@ jbig2_parse_segment_header(Jbig2Ctx *ctx, uint8_t *buf, size_t buf_size, size_t
-
- /* 7.2.5 */
- if (referred_to_segment_count) {
-- int i;
-+ uint32_t i;
-
- referred_to_segments = jbig2_new(ctx, uint32_t, referred_to_segment_count * referred_to_segment_size);
- if (referred_to_segments == NULL) {
-diff --git a/jbig2_symbol_dict.c b/jbig2_symbol_dict.c
-index 2c71a4c..11a2252 100644
---- a/jbig2_symbol_dict.c
-+++ b/jbig2_symbol_dict.c
-@@ -88,40 +88,40 @@ jbig2_dump_symbol_dict(Jbig2Ctx *ctx, Jbig2Segment *segment)
-
- /* return a new empty symbol dict */
- Jbig2SymbolDict *
--jbig2_sd_new(Jbig2Ctx *ctx, int n_symbols)
-+jbig2_sd_new(Jbig2Ctx *ctx, uint32_t n_symbols)
- {
-- Jbig2SymbolDict *new = NULL;
-+ Jbig2SymbolDict *new_dict = NULL;
-
- if (n_symbols < 0) {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "Negative number of symbols in symbol dict: %d", n_symbols);
- return NULL;
- }
-
-- new = jbig2_new(ctx, Jbig2SymbolDict, 1);
-- if (new != NULL) {
-- new->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols);
-- new->n_symbols = n_symbols;
-+ new_dict = jbig2_new(ctx, Jbig2SymbolDict, 1);
-+ if (new_dict != NULL) {
-+ new_dict->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols);
-+ new_dict->n_symbols = n_symbols;
- } else {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "unable to allocate new empty symbol dict");
- return NULL;
- }
-
-- if (new->glyphs != NULL) {
-- memset(new->glyphs, 0, n_symbols * sizeof(Jbig2Image *));
-+ if (new_dict->glyphs != NULL) {
-+ memset(new_dict->glyphs, 0, n_symbols * sizeof(Jbig2Image *));
- } else {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "unable to allocate glyphs for new empty symbol dict");
-- jbig2_free(ctx->allocator, new);
-+ jbig2_free(ctx->allocator, new_dict);
- return NULL;
- }
-
-- return new;
-+ return new_dict;
- }
-
- /* release the memory associated with a symbol dict */
- void
- jbig2_sd_release(Jbig2Ctx *ctx, Jbig2SymbolDict *dict)
- {
-- int i;
-+ uint32_t i;
-
- if (dict == NULL)
- return;
-@@ -142,12 +142,12 @@ jbig2_sd_glyph(Jbig2SymbolDict *dict, unsigned int id)
- }
-
- /* count the number of dictionary segments referred to by the given segment */
--int
-+uint32_t
- jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment)
- {
- int index;
- Jbig2Segment *rsegment;
-- int n_dicts = 0;
-+ uint32_t n_dicts = 0;
-
- for (index = 0; index < segment->referred_to_segment_count; index++) {
- rsegment = jbig2_find_segment(ctx, segment->referred_to_segments[index]);
-@@ -166,8 +166,8 @@ jbig2_sd_list_referred(Jbig2Ctx *ctx, Jbig2Segment *segment)
- int index;
- Jbig2Segment *rsegment;
- Jbig2SymbolDict **dicts;
-- int n_dicts = jbig2_sd_count_referred(ctx, segment);
-- int dindex = 0;
-+ uint32_t n_dicts = jbig2_sd_count_referred(ctx, segment);
-+ uint32_t dindex = 0;
-
- dicts = jbig2_new(ctx, Jbig2SymbolDict *, n_dicts);
- if (dicts == NULL) {
-@@ -195,10 +195,10 @@ jbig2_sd_list_referred(Jbig2Ctx *ctx, Jbig2Segment *segment)
- /* generate a new symbol dictionary by concatenating a list of
- existing dictionaries */
- Jbig2SymbolDict *
--jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts)
-+jbig2_sd_cat(Jbig2Ctx *ctx, uint32_t n_dicts, Jbig2SymbolDict **dicts)
- {
-- int i, j, k, symbols;
-- Jbig2SymbolDict *new = NULL;
-+ uint32_t i, j, k, symbols;
-+ Jbig2SymbolDict *new_dict = NULL;
-
- /* count the imported symbols and allocate a new array */
- symbols = 0;
-@@ -206,17 +206,17 @@ jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts)
- symbols += dicts[i]->n_symbols;
-
- /* fill a new array with cloned glyph pointers */
-- new = jbig2_sd_new(ctx, symbols);
-- if (new != NULL) {
-+ new_dict = jbig2_sd_new(ctx, symbols);
-+ if (new_dict != NULL) {
- k = 0;
- for (i = 0; i < n_dicts; i++)
- for (j = 0; j < dicts[i]->n_symbols; j++)
-- new->glyphs[k++] = jbig2_image_clone(ctx, dicts[i]->glyphs[j]);
-+ new_dict->glyphs[k++] = jbig2_image_clone(ctx, dicts[i]->glyphs[j]);
- } else {
- jbig2_error(ctx, JBIG2_SEVERITY_WARNING, -1, "failed to allocate new symbol dictionary");
- }
-
-- return new;
-+ return new_dict;
- }
-
- /* Decoding routines */
-@@ -431,7 +431,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
-
- if (REFAGGNINST > 1) {
- Jbig2Image *image;
-- int i;
-+ uint32_t i;
-
- if (tparams == NULL) {
- /* First time through, we need to initialise the */
-@@ -512,7 +512,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
- uint32_t ID;
- int32_t RDX, RDY;
- int BMSIZE = 0;
-- int ninsyms = params->SDNUMINSYMS;
-+ uint32_t ninsyms = params->SDNUMINSYMS;
- int code1 = 0;
- int code2 = 0;
- int code3 = 0;
-@@ -609,8 +609,9 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
- if (params->SDHUFF && !params->SDREFAGG) {
- /* 6.5.9 */
- Jbig2Image *image;
-- int BMSIZE = jbig2_huffman_get(hs, params->SDHUFFBMSIZE, &code);
-- int j, x;
-+ uint32_t BMSIZE = jbig2_huffman_get(hs, params->SDHUFFBMSIZE, &code);
-+ uint32_t j;
-+ int x;
-
- if (code || (BMSIZE < 0)) {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "error decoding size of collective bitmap!");
-@@ -700,22 +701,22 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate symbols exported from symbols dictionary");
- goto cleanup4;
- } else {
-- int i = 0;
-- int j = 0;
-- int k;
-+ uint32_t i = 0;
-+ uint32_t j = 0;
-+ uint32_t k;
- int exflag = 0;
-- int64_t limit = params->SDNUMINSYMS + params->SDNUMNEWSYMS;
-- int32_t exrunlength;
-+ uint32_t limit = params->SDNUMINSYMS + params->SDNUMNEWSYMS;
-+ uint32_t exrunlength;
- int zerolength = 0;
-
- while (i < limit) {
- if (params->SDHUFF)
- exrunlength = jbig2_huffman_get(hs, SBHUFFRSIZE, &code);
- else
-- code = jbig2_arith_int_decode(IAEX, as, &exrunlength);
-+ code = jbig2_arith_int_decode(IAEX, as, (int32_t *)&exrunlength);
- /* prevent infinite loop */
- zerolength = exrunlength > 0 ? 0 : zerolength + 1;
-- if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength > params->SDNUMEXSYMS - j))) {
-+ if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength + j > params->SDNUMEXSYMS))) {
- if (code)
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to decode exrunlength for exported symbols");
- else if (exrunlength <= 0)
-@@ -797,8 +798,8 @@ jbig2_symbol_dictionary(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segmen
- {
- Jbig2SymbolDictParams params;
- uint16_t flags;
-- int sdat_bytes;
-- int offset;
-+ uint32_t sdat_bytes;
-+ uint32_t offset;
- Jbig2ArithCx *GB_stats = NULL;
- Jbig2ArithCx *GR_stats = NULL;
- int table_index = 0;
-@@ -951,7 +952,7 @@ jbig2_symbol_dictionary(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segmen
-
- /* 7.4.2.2 (2) */
- {
-- int n_dicts = jbig2_sd_count_referred(ctx, segment);
-+ uint32_t n_dicts = jbig2_sd_count_referred(ctx, segment);
- Jbig2SymbolDict **dicts = NULL;
-
- if (n_dicts > 0) {
-diff --git a/jbig2_symbol_dict.h b/jbig2_symbol_dict.h
-index d56d62d..30211d4 100644
---- a/jbig2_symbol_dict.h
-+++ b/jbig2_symbol_dict.h
-@@ -32,18 +32,18 @@ int jbig2_symbol_dictionary(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *se
- Jbig2Image *jbig2_sd_glyph(Jbig2SymbolDict *dict, unsigned int id);
-
- /* return a new empty symbol dict */
--Jbig2SymbolDict *jbig2_sd_new(Jbig2Ctx *ctx, int n_symbols);
-+Jbig2SymbolDict *jbig2_sd_new(Jbig2Ctx *ctx, uint32_t n_symbols);
-
- /* release the memory associated with a symbol dict */
- void jbig2_sd_release(Jbig2Ctx *ctx, Jbig2SymbolDict *dict);
-
- /* generate a new symbol dictionary by concatenating a list of
- existing dictionaries */
--Jbig2SymbolDict *jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts);
-+Jbig2SymbolDict *jbig2_sd_cat(Jbig2Ctx *ctx, uint32_t n_dicts, Jbig2SymbolDict **dicts);
-
- /* count the number of dictionary segments referred
- to by the given segment */
--int jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment);
-+uint32_t jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment);
-
- /* return an array of pointers to symbol dictionaries referred
- to by a segment */
-diff --git a/jbig2_text.c b/jbig2_text.c
-index 5c99640..e77460f 100644
---- a/jbig2_text.c
-+++ b/jbig2_text.c
-@@ -55,7 +55,7 @@
- int
- jbig2_decode_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment,
- const Jbig2TextRegionParams *params,
-- const Jbig2SymbolDict *const *dicts, const int n_dicts,
-+ const Jbig2SymbolDict *const *dicts, const uint32_t n_dicts,
- Jbig2Image *image, const byte *data, const size_t size, Jbig2ArithCx *GR_stats, Jbig2ArithState *as, Jbig2WordStream *ws)
- {
- /* relevent bits of 6.4.4 */
-@@ -476,19 +476,19 @@ cleanup2:
- int
- jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data)
- {
-- int offset = 0;
-+ uint32_t offset = 0;
- Jbig2RegionSegmentInfo region_info;
- Jbig2TextRegionParams params;
- Jbig2Image *image = NULL;
- Jbig2SymbolDict **dicts = NULL;
-- int n_dicts = 0;
-+ uint32_t n_dicts = 0;
- uint16_t flags = 0;
- uint16_t huffman_flags = 0;
- Jbig2ArithCx *GR_stats = NULL;
- int code = 0;
- Jbig2WordStream *ws = NULL;
- Jbig2ArithState *as = NULL;
-- int table_index = 0;
-+ uint32_t table_index = 0;
- const Jbig2HuffmanParams *huffman_params = NULL;
-
- /* 7.4.1 */
-@@ -779,7 +779,7 @@ jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data
- code = jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "unable to retrive symbol dictionaries! previous parsing error?");
- goto cleanup1;
- } else {
-- int index;
-+ uint32_t index;
-
- if (dicts[0] == NULL) {
- code = jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, "unable to find first referenced symbol dictionary!");
-@@ -823,8 +823,8 @@ jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data
- }
-
- if (!params.SBHUFF) {
-- int SBSYMCODELEN, index;
-- int SBNUMSYMS = 0;
-+ uint32_t SBSYMCODELEN, index;
-+ uint32_t SBNUMSYMS = 0;
-
- for (index = 0; index < n_dicts; index++) {
- SBNUMSYMS += dicts[index]->n_symbols;
-@@ -840,7 +840,7 @@ jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data
- }
-
- /* Table 31 */
-- for (SBSYMCODELEN = 0; (1 << SBSYMCODELEN) < SBNUMSYMS; SBSYMCODELEN++) {
-+ for (SBSYMCODELEN = 0; (1U << SBSYMCODELEN) < SBNUMSYMS; SBSYMCODELEN++) {
- }
- params.IAID = jbig2_arith_iaid_ctx_new(ctx, SBSYMCODELEN);
- params.IARI = jbig2_arith_int_ctx_new(ctx);
-diff --git a/jbig2_text.h b/jbig2_text.h
-index aec2732..51d242e 100644
---- a/jbig2_text.h
-+++ b/jbig2_text.h
-@@ -70,5 +70,5 @@ typedef struct {
- int
- jbig2_decode_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment,
- const Jbig2TextRegionParams *params,
-- const Jbig2SymbolDict *const *dicts, const int n_dicts,
-+ const Jbig2SymbolDict *const *dicts, const uint32_t n_dicts,
- Jbig2Image *image, const byte *data, const size_t size, Jbig2ArithCx *GR_stats, Jbig2ArithState *as, Jbig2WordStream *ws);
---
-2.11.1
-
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch
deleted file mode 100644
index e8ffccd45344..000000000000
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From b184e783702246e154294326d03d9abda669fcfa Mon Sep 17 00:00:00 2001
-From: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
-Date: Wed, 3 May 2017 22:06:01 +0100
-Subject: [PATCH] Bug 697703: Prevent integer overflow vulnerability.
-
-Add extra check for the offset being greater than the size
-of the image and hence reading off the end of the buffer.
-
-Thank you to Dai Ge for finding this issue and suggesting a patch.
----
- jbig2dec/jbig2_symbol_dict.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/jbig2dec/jbig2_symbol_dict.c b/jbig2dec/jbig2_symbol_dict.c
-index 4acaba9d0..36225cb1f 100644
---- a/jbig2_symbol_dict.c
-+++ b/jbig2_symbol_dict.c
-@@ -629,7 +629,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
- byte *dst = image->data;
-
- /* SumatraPDF: prevent read access violation */
-- if (size - jbig2_huffman_offset(hs) < image->height * stride) {
-+ if ((size - jbig2_huffman_offset(hs) < image->height * stride) || (size < jbig2_huffman_offset(hs))) {
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "not enough data for decoding (%d/%d)", image->height * stride,
- size - jbig2_huffman_offset(hs));
- jbig2_image_release(ctx, image);
---
-2.13.1
-
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch
deleted file mode 100644
index d5e62762b9a5..000000000000
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 5e57e483298dae8b8d4ec9aab37a526736ac2e97 Mon Sep 17 00:00:00 2001
-From: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
-Date: Wed, 26 Apr 2017 22:12:14 +0100
-Subject: [PATCH] Bug 697693: Prevent SEGV due to integer overflow.
-
-While building a Huffman table, the start and end points were susceptible
-to integer overflow.
-
-Thank you to Jiaqi for finding this issue and suggesting a patch.
----
- jbig2dec/jbig2_huffman.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/jbig2dec/jbig2_huffman.c b/jbig2dec/jbig2_huffman.c
-index 511e46170..b4189a12c 100644
---- a/jbig2_huffman.c
-+++ b/jbig2_huffman.c
-@@ -421,8 +421,8 @@ jbig2_build_huffman_table(Jbig2Ctx *ctx, const Jbig2HuffmanParams *params)
-
- if (PREFLEN == CURLEN) {
- int RANGELEN = lines[CURTEMP].RANGELEN;
-- int start_j = CURCODE << shift;
-- int end_j = (CURCODE + 1) << shift;
-+ uint32_t start_j = CURCODE << shift;
-+ uint32_t end_j = (CURCODE + 1) << shift;
- byte eflags = 0;
-
- if (end_j > max_j) {
---
-2.13.1
-
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch
deleted file mode 100644
index c6dbd182c616..000000000000
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From ed6c5133a1004ce8d38f1b44de85a7186feda95e Mon Sep 17 00:00:00 2001
-From: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
-Date: Wed, 10 May 2017 17:50:39 +0100
-Subject: [PATCH] Bug 697683: Bounds check before reading from image source
- data.
-
-Add extra check to prevent reading off the end of the image source
-data buffer.
-
-Thank you to Dai Ge for finding this issue and suggesting a patch.
----
- jbig2dec/jbig2_image.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-Backported dilfridge@g.o
-
-diff -ruN jbig2dec-0.13.orig/jbig2_image.c jbig2dec-0.13/jbig2_image.c
---- jbig2dec-0.13.orig/jbig2_image.c 2017-06-10 01:41:16.207939489 +0200
-+++ jbig2dec-0.13/jbig2_image.c 2017-06-10 01:46:28.009952461 +0200
-@@ -256,7 +256,8 @@
- /* general OR case */
- s = ss;
- d = dd = dst->data + y * dst->stride + leftbyte;
-- if (d < dst->data || leftbyte > dst->stride || h * dst->stride < 0 || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride) {
-+ if (d < dst->data || leftbyte > dst->stride || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride ||
-+ s - leftbyte + (h - 1) * src->stride + rightbyte > src->data + src->height * src->stride) {
- return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "preventing heap overflow in jbig2_image_compose");
- }
- if (leftbyte == rightbyte) {
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch
deleted file mode 100644
index 789ed6c96568..000000000000
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 3ebffb1d96ba0cacec23016eccb4047dab365853 Mon Sep 17 00:00:00 2001
-From: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
-Date: Wed, 24 May 2017 19:29:57 +0100
-Subject: [PATCH] Bug 697934: Fix SEGV due to error code being ignored.
-
-The return code from jbig2_decode_text_region was being ignored so the
-code continued to try and parse the invalid file using incomplete/empty
-structures.
----
- jbig2dec/jbig2_symbol_dict.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/jbig2_symbol_dict.c b/jbig2_symbol_dict.c
-index 3cc1731..672425d 100644
---- a/jbig2_symbol_dict.c
-+++ b/jbig2_symbol_dict.c
-@@ -493,8 +493,10 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
- }
-
- /* multiple symbols are handled as a text region */
-- jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts,
-+ code = jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts,
- n_refagg_dicts, image, data, size, GR_stats, as, ws);
-+ if (code < 0)
-+ goto cleanup4;
-
- SDNEWSYMS->glyphs[NSYMSDECODED] = image;
- refagg_dicts[0]->glyphs[params->SDNUMINSYMS + NSYMSDECODED] = jbig2_image_clone(ctx, SDNEWSYMS->glyphs[NSYMSDECODED]);
---
-2.9.1
-
diff --git a/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild b/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild
index 38e94e73b33f..387218d0d0f2 100644
--- a/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild
+++ b/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild
@@ -6,6 +6,7 @@ EAPI=6
DESCRIPTION="A decoder implementation of the JBIG2 image compression format"
HOMEPAGE="http://ghostscript.com/jbig2dec.html"
SRC_URI="http://downloads.ghostscript.com/public/${PN}/${P}.tar.gz
+ https://dev.gentoo.org/~mgorny/dist/${P}-patchset.tar.bz2
test? ( http://jbig2dec.sourceforge.net/ubc/jb2streams.zip )"
LICENSE="AGPL-3"
@@ -23,11 +24,11 @@ RESTRICT="test"
DOCS="CHANGES README"
PATCHES=(
- "${FILESDIR}/${P}-CVE-2016-9601.patch"
- "${FILESDIR}/${P}-CVE-2017-9216.patch"
- "${FILESDIR}/${P}-CVE-2017-7885.patch"
- "${FILESDIR}/${P}-CVE-2017-7975.patch"
- "${FILESDIR}/${P}-CVE-2017-7976.patch"
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2016-9601.patch"
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-9216.patch"
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-7885.patch"
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-7975.patch"
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-7976.patch"
)
src_prepare() {