From feb0daf81d888e9160f9f94502de09b66f2a63fd Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sun, 21 Jun 2020 17:50:24 +0100
Subject: gentoo resync : 21.06.2020

---
 media-gfx/graphicsmagick/Manifest                  |   4 +
 .../graphicsmagick-1.3.35-CVE-2020-12672.patch     |  67 ++++++++++
 ...smagick-1.3.35-oss-fuzz-20045-20318-21956.patch |  38 ++++++
 .../graphicsmagick-1.3.35-oss-fuzz-23042.patch     |  42 +++++++
 .../graphicsmagick/graphicsmagick-1.3.35-r1.ebuild | 135 +++++++++++++++++++++
 5 files changed, 286 insertions(+)
 create mode 100644 media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-CVE-2020-12672.patch
 create mode 100644 media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-20045-20318-21956.patch
 create mode 100644 media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-23042.patch
 create mode 100644 media-gfx/graphicsmagick/graphicsmagick-1.3.35-r1.ebuild

(limited to 'media-gfx/graphicsmagick')

diff --git a/media-gfx/graphicsmagick/Manifest b/media-gfx/graphicsmagick/Manifest
index bdbabb7027a0..5aad2e1930e6 100644
--- a/media-gfx/graphicsmagick/Manifest
+++ b/media-gfx/graphicsmagick/Manifest
@@ -1,6 +1,10 @@
 AUX graphicsmagick-1.3.19-flags.patch 1800 BLAKE2B 50f4f0de0cb3842fb84e136038bc0c9714a776868303bda17af26cca8f3c4160d7f9060d0a8a116ad30a17b416ddd2963da0e66d4ca76fdc351507c51ae30998 SHA512 fa1bdbe718ae8ae49a58f6fc1728f1bb6b869a907f77e41eec92c452f86e05cf821548409f2a5d55dcdb38b8a80d7ef2b1d37d2111c3fd5088a118626479ad2c
 AUX graphicsmagick-1.3.19-perl.patch 491 BLAKE2B 6a6465162d9a4d7d09b1edb425cc7114cd4e0fc65e48f15c8c2a854fe835fd1fe94c56611c6d2744d9e26884c57b1f67353bfd32abe2f25a145dd7abbf5479f0 SHA512 da114b891ec923253048d90ee14f136742072bcb70e512e8d2838bbcac57b5fe6ea580cdccfd1bba5156777623c43e946ce2a8661f88612d4c24849bef0fb865
+AUX graphicsmagick-1.3.35-CVE-2020-12672.patch 2753 BLAKE2B 864a77b650f5cec350d83bc5eec289736171a141e8609c41d4c66f49a58b2d332cb2ab343f557879a547e6a291665d16c5707ab7573bf48263a838ba24940475 SHA512 57387a3f1e2e07fdf4617b0fc73106b4f00fe1a7dc0d88919b39490213d42180a4617653b48e54749f7d2807dca4d1b052f14389c30b7a059f841c012ca2b1a6
+AUX graphicsmagick-1.3.35-oss-fuzz-20045-20318-21956.patch 988 BLAKE2B 4906fffe43150ef209c4d2f87d433cf78cd5e3c03a9db22426e3c3455028a5ff63c189ace1f46f47e1fa04fe8d78388b76dcabc288a9a75e57b7ebbb68f8c90d SHA512 95776534891eed617b09873fd70af020c6d6370a6765ba7aaf8185268e8b73b774ce2aeb1b284641fb12260ca0047c4543b17a18ed4ef28db725b75f988c7215
+AUX graphicsmagick-1.3.35-oss-fuzz-23042.patch 1350 BLAKE2B 415bd540a7aa194235ce1e6482035dd9b8ee4d4f5192f4d898e178875d453fd8b481efcbe139db602d411f788e3067a95106ba128ab14af63d3848f92c035405 SHA512 d345b54570e3396db81f0f60980633e139f90a54b579ad953a36aa5e16c1edfe7a5186b4e2d5a2e02f759544b372981278b06d2b688324e6b091c841a5bae133
 DIST GraphicsMagick-1.3.35.tar.xz 5543224 BLAKE2B 8a284d85341c10939fdece5c565d5b881276afb9b4c5dfb2221b780a01b99f78ee62761722c372baf9155c63f7ef176b67310aeedcab0368f4f26f5b0150bcce SHA512 baae92089d52147ef961f93495abc8a9d8b1a963af61d87a650c1ab105d46816aa38c83f654edcb5a0e1b7f07ccc06eaeaa443b9bde3a63a0b9bfb45f3ae144c
+EBUILD graphicsmagick-1.3.35-r1.ebuild 3223 BLAKE2B 2e61401a1673a4a093eb8cefb1bb95b26ddffe581cf808a0e7927cb62a5cf41ef4e74e68ae3b4dcc03850ee2992e2470631907a1e87b9df6ecb15b892f28980e SHA512 13e27a919eb6e2d04837015e6641eb3d8041772b033f3e1e38833a7b875237ea8c6acda2d1e7dacb126005383c4d96e03370c0be4d0b92f93073552787689419
 EBUILD graphicsmagick-1.3.35.ebuild 3085 BLAKE2B c0e6b0a3eae4087a3aa5130866629037ddeae03fb63dc0914b117ac9f7345f1f18c0ba2e41a9fe06fc80fe206013636f75d1a44c62e300487763bab2ed8f58ad SHA512 eeab4b3a5b8a8ffc5ee810125d5161b18339f06e10883a692592b9ec1f7c4296de9a56459f57f033d378a8638da4d8b30f1d04c5d16cff9d108ff99c8e2dc763
 EBUILD graphicsmagick-9999.ebuild 3079 BLAKE2B 5683335f38a7d90554e705f65bc84ea44643bd6c18b5d7f48f2608d949efc4ecd8f562a6f7f989ee0dbc4e208efbc4a1190154f88baf69c89ad17da1d70ad5ae SHA512 13f6d72eb95a1be93d70d685fc3296885c7084536a951e9158e989169e5e5768c98591af22b0221bcb951ce4b4bbdeb90b21b93f3fa8589026316880d1dbe8cd
 MISC metadata.xml 1057 BLAKE2B ced303553eccbba9ae91f30b3700b331149127c5a17a66bb166bff4139600cf208f3b15f8fa6fdb02594f3278ce7acd2bf6972df42c04dcb4f695710bb3870bf SHA512 9ac680de061b6dc0acd0d3a31587e0b53d3d7bcea7425909a3a4ef074fa0e32a999ecb1f48a64bb2ab55249fb5bbdc72974681fb26a879c4e5a4c9f3a04d0e82
diff --git a/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-CVE-2020-12672.patch b/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-CVE-2020-12672.patch
new file mode 100644
index 000000000000..b314ea288e43
--- /dev/null
+++ b/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-CVE-2020-12672.patch
@@ -0,0 +1,67 @@
+diff -r 4917a4242fc0 -r 50395430a371 coders/png.c
+--- a/coders/png.c	Fri May 01 13:49:13 2020 -0500
++++ b/coders/png.c	Sat May 30 10:18:16 2020 -0500
+@@ -5304,7 +5304,7 @@
+               if (logging)
+                 (void) LogMagickEvent(CoderEvent,GetMagickModule(),
+                                       "MAGN chunk (%lu bytes): "
+-                                      "First_magnified_object_id=%u, Last_magnified_object_id=%u, "
++                                      "First_magnified_object_id=%u, Las t_magnified_object_id=%u, "
+                                       "MB=%u, ML=%u, MR=%u, MT=%u, MX=%u, MY=%u, "
+                                       "X_method=%u, Y_method=%u",
+                                       length,
+@@ -5679,6 +5679,8 @@
+           /*
+             If magnifying and a supported method is requested then
+             magnify the image.
++
++            http://www.libpng.org/pub/mng/spec/mng-1.0-20010209-pdg.html#mng-MAGN
+           */
+           if (((mng_info->magn_methx > 0) && (mng_info->magn_methx <= 5)) &&
+               ((mng_info->magn_methy > 0) && (mng_info->magn_methy <= 5)))
+@@ -5689,7 +5691,28 @@
+ 
+               if (logging)
+                 (void) LogMagickEvent(CoderEvent,GetMagickModule(),
+-                                      "  Processing MNG MAGN chunk");
++                                      "  Processing MNG MAGN chunk: MB=%u, ML=%u,"
++                                      " MR=%u, MT=%u, MX=%u, MY=%u,"
++                                      " X_method=%u, Y_method=%u",
++                                      mng_info->magn_mb,mng_info->magn_ml,
++                                      mng_info->magn_mr,mng_info->magn_mt,
++                                      mng_info->magn_mx,mng_info->magn_my,
++                                      mng_info->magn_methx,
++                                      mng_info->magn_methy);
++
++              /*
++                If the image width is 1, then X magnification is done
++                by simple pixel replication.
++              */
++              if (image->columns == 1)
++                  mng_info->magn_methx = 1;
++
++              /*
++                If the image height is 1, then Y magnification is done
++                by simple pixel replication.
++              */
++              if (image->rows == 1)
++                  mng_info->magn_methy = 1;
+ 
+               if (mng_info->magn_methx == 1)
+                 {
+@@ -5734,12 +5757,10 @@
+                   Image
+                     *large_image;
+ 
+-                  int
+-                    yy;
+-
+                   long
+                     m,
+-                    y;
++                    y,
++                    yy;
+ 
+                   register long
+                     x;
+
diff --git a/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-20045-20318-21956.patch b/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-20045-20318-21956.patch
new file mode 100644
index 000000000000..c7921dd2e699
--- /dev/null
+++ b/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-20045-20318-21956.patch
@@ -0,0 +1,38 @@
+diff -r 50395430a371 -r 83b4d2b4b873 coders/wpg.c
+--- a/coders/wpg.c	Sat May 30 10:18:16 2020 -0500
++++ b/coders/wpg.c	Sat May 30 17:33:51 2020 -0500
+@@ -403,7 +403,7 @@
+   x++; \
+   if((long) x>=ldblk) \
+   { \
+-    if(InsertRow(BImgBuff,y,image,bpp)==MagickFail) RetVal=-6; \
++    if(InsertRow(BImgBuff,y,image,bpp)==MagickFail) { RetVal=-6; goto unpack_wpg_raser_error; } \
+     x=0; \
+     y++; \
+     if(y>=image->rows) break; \
+@@ -537,6 +537,7 @@
+         }
+       }
+     }
++unpack_wpg_raser_error:;
+   MagickFreeMemory(BImgBuff);
+   return(RetVal);
+ }
+@@ -552,7 +553,7 @@
+   x++; \
+   if((long) x >= ldblk) \
+   { \
+-    if(InsertRow(BImgBuff,(long) y,image,bpp)==MagickFail) RetVal=-6; \
++    if(InsertRow(BImgBuff,(long) y,image,bpp)==MagickFail) { RetVal=-6; goto unpack_wpg2_error; } \
+     x=0; \
+     y++; \
+     XorMe = 0; \
+@@ -729,6 +730,7 @@
+             }
+         }
+     }
++unpack_wpg2_error:;
+   FreeUnpackWPG2RasterAllocs(BImgBuff,UpImgBuff);
+   return(RetVal);
+ }
+
diff --git a/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-23042.patch b/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-23042.patch
new file mode 100644
index 000000000000..197a230a3401
--- /dev/null
+++ b/media-gfx/graphicsmagick/files/graphicsmagick-1.3.35-oss-fuzz-23042.patch
@@ -0,0 +1,42 @@
+diff -r 24ed4812e580 -r b0aa53a5f970 coders/wpg.c
+--- a/coders/wpg.c	Tue Jun 02 07:45:45 2020 -0500
++++ b/coders/wpg.c	Sat Jun 06 14:12:18 2020 -0500
+@@ -413,9 +413,12 @@
+ 
+ /** Call this function to ensure that all data matrix is filled with something. This function
+  * is used only to error recovery. */
+-static void ZeroFillMissingData(unsigned char *BImgBuff,unsigned long x, unsigned long y, Image *image,
+-                                int bpp, long ldblk)
++static MagickPassFail ZeroFillMissingData(unsigned char *BImgBuff,unsigned long x, unsigned long y, Image *image,
++                                          int bpp, long ldblk)
+ {
++  MagickPassFail
++    status = MagickPass;
++
+   while(y<image->rows && image->exception.severity!=UndefinedException)
+   {
+     if((long) x<ldblk) 
+@@ -427,9 +430,13 @@
+         x = 0;		/* Next pass will need to clear whole row */
+     }
+     if(InsertRow(BImgBuff,y,image,bpp) == MagickFail)
+-      break;
++      {
++        status = MagickFail;
++        break;
++      }
+     y++;
+   }
++  return status;
+ }
+ 
+ 
+@@ -528,7 +535,6 @@
+                 }
+               if(InsertRow(BImgBuff,y,image,bpp)==MagickFail)
+                 { 
+-                  ZeroFillMissingData(BImgBuff,x,y,image,bpp,ldblk);
+                   MagickFreeMemory(BImgBuff);
+                   return(-6);
+                 }
+
diff --git a/media-gfx/graphicsmagick/graphicsmagick-1.3.35-r1.ebuild b/media-gfx/graphicsmagick/graphicsmagick-1.3.35-r1.ebuild
new file mode 100644
index 000000000000..39851a6496d1
--- /dev/null
+++ b/media-gfx/graphicsmagick/graphicsmagick-1.3.35-r1.ebuild
@@ -0,0 +1,135 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+inherit autotools toolchain-funcs
+
+MY_P=${P/graphicsm/GraphicsM}
+
+DESCRIPTION="Collection of tools and libraries for many image formats"
+HOMEPAGE="http://www.graphicsmagick.org/"
+LICENSE="MIT"
+SLOT="0/${PV%.*}"
+
+if [[ ${PV} == "9999" ]] ; then
+	inherit mercurial
+	EHG_REPO_URI="http://hg.code.sf.net/p/${PN}/code"
+else
+	SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.xz"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 hppa ~ia64 ~ppc ~ppc64 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos"
+fi
+
+IUSE="bzip2 +cxx debug fpx imagemagick jbig jpeg lcms lzma modules openmp
+	perl png postscript q16 q32 static-libs svg threads tiff truetype
+	webp wmf X zlib"
+
+RDEPEND="dev-libs/libltdl:0
+	bzip2? ( app-arch/bzip2 )
+	fpx? ( media-libs/libfpx )
+	imagemagick? ( !media-gfx/imagemagick )
+	jbig? ( media-libs/jbigkit )
+	jpeg? ( virtual/jpeg:0 )
+	lcms? ( media-libs/lcms:2 )
+	lzma? ( app-arch/xz-utils )
+	perl? ( dev-lang/perl:= )
+	png? ( media-libs/libpng:0= )
+	postscript? ( app-text/ghostscript-gpl )
+	svg? ( dev-libs/libxml2 )
+	tiff? ( media-libs/tiff:0 )
+	truetype? (
+		media-fonts/urw-fonts
+		>=media-libs/freetype-2
+		)
+	webp? ( media-libs/libwebp:= )
+	wmf? ( media-libs/libwmf )
+	X? (
+		x11-libs/libSM
+		x11-libs/libXext
+		)
+	zlib? ( sys-libs/zlib )"
+DEPEND="${RDEPEND}"
+
+S=${WORKDIR}/${MY_P}
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.3.19-flags.patch
+	"${FILESDIR}"/${PN}-1.3.19-perl.patch
+	"${FILESDIR}"/${P}-CVE-2020-12672.patch
+	"${FILESDIR}"/${P}-oss-fuzz-20045-20318-21956.patch
+	"${FILESDIR}"/${P}-oss-fuzz-23042.patch
+)
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	local depth=8
+	use q16 && depth=16
+	use q32 && depth=32
+
+	local openmp=disable
+	if use openmp && tc-has-openmp; then
+		openmp=enable
+	fi
+
+	local myeconfargs=(
+		--${openmp}-openmp
+		--enable-largefile
+		--enable-shared
+		$(use_enable static-libs static)
+		$(use_enable debug prof)
+		$(use_enable debug gcov)
+		$(use_enable imagemagick magick-compat)
+		$(use_with threads)
+		$(use_with modules)
+		--with-quantum-depth=${depth}
+		--without-frozenpaths
+		$(use_with cxx magick-plus-plus)
+		$(use_with perl)
+		--with-perl-options=INSTALLDIRS=vendor
+		$(use_with bzip2 bzlib)
+		$(use_with postscript dps)
+		$(use_with fpx)
+		$(use_with jbig)
+		$(use_with webp)
+		$(use_with jpeg)
+		--without-jp2
+		$(use_with lcms lcms2)
+		$(use_with lzma)
+		$(use_with png)
+		$(use_with tiff)
+		$(use_with truetype ttf)
+		$(use_with wmf)
+		--with-fontpath="${EPREFIX}"/usr/share/fonts
+		--with-gs-font-dir="${EPREFIX}"/usr/share/fonts/urw-fonts
+		--with-windows-font-dir="${EPREFIX}"/usr/share/fonts/corefonts
+		$(use_with svg xml)
+		$(use_with zlib)
+		$(use_with X x)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+	use perl && emake perl-build
+}
+
+src_test() {
+	unset DISPLAY # some perl tests fail when DISPLAY is set
+	default
+}
+
+src_install() {
+	default
+
+	if use perl; then
+		emake -C PerlMagick DESTDIR="${D}" install
+		find "${ED}" -type f -name perllocal.pod -exec rm -f {} + || die
+		find "${ED}" -depth -mindepth 1 -type d -empty -exec rm -rf {} + || die
+	fi
+
+	find "${ED}" -name '*.la' -exec sed -i -e "/^dependency_libs/s:=.*:='':" {} + || die
+}
-- 
cgit v1.2.3