From ab3fe00e485981a1a9f6ac9f5c835e4a6b87f75056616e3143d5f652f98d3c71 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Fri, 14 Sep 2012 06:19:47 +0000 Subject: [PATCH] Accepting request 134223 from home:pgajdos:libpng15 - updated to 10.59.2: * transition super-stable --> advanced branch * builds with libpng15 * patches summary: -> dropped unneeded or upstreamed patches: - fixes.patch - libpng14.patch - manpages.patch - pamscale.patch - pnmtopng-CAN-2978.patch -> left patches # make.patch (suse specific) # no-build-time.patch (suse specific) # missing-file-close.patch (should be upstreamed in newer versions) # tmpfile.patch (rewritten) # security-code.patch (taken from fedora, replacement of former security.patch) # security-scripts.patch (taken from fedora, replacement of former security2.patch) OBS-URL: https://build.opensuse.org/request/show/134223 OBS-URL: https://build.opensuse.org/package/show/graphics/netpbm?expand=0&rev=39 --- baselibs.conf | 2 +- netpbm-10.35.86-documentation.tar.bz2 | 3 - netpbm-10.35.86-nohpcdtoppm-nojbig.tar.bz2 | 3 - netpbm-10.59.2-documentation.tar.bz2 | 3 + ...bm-10.59.2-nohpcdtoppm-noppmtompeg.tar.bz2 | 3 + netpbm-fixes.patch | 294 ---- netpbm-libpng14.patch | 115 -- netpbm-make.patch | 27 +- netpbm-manpages.patch | 80 - netpbm-pamscale.patch | 11 - netpbm-pnmtopng-CAN-2978.patch | 20 - ...curity.patch => netpbm-security-code.patch | 1534 ++++++++--------- ...ty2.patch => netpbm-security-scripts.patch | 146 +- netpbm-tmpfile.patch | 78 +- netpbm.changes | 24 + netpbm.spec | 123 +- prepare-src-tarball | 16 +- 17 files changed, 888 insertions(+), 1594 deletions(-) delete mode 100644 netpbm-10.35.86-documentation.tar.bz2 delete mode 100644 netpbm-10.35.86-nohpcdtoppm-nojbig.tar.bz2 create mode 100644 netpbm-10.59.2-documentation.tar.bz2 create mode 100644 netpbm-10.59.2-nohpcdtoppm-noppmtompeg.tar.bz2 delete mode 100644 netpbm-fixes.patch delete mode 100644 netpbm-libpng14.patch delete mode 100644 netpbm-manpages.patch delete mode 100644 netpbm-pamscale.patch delete mode 100644 netpbm-pnmtopng-CAN-2978.patch rename netpbm-security.patch => netpbm-security-code.patch (50%) rename netpbm-security2.patch => netpbm-security-scripts.patch (84%) diff --git a/baselibs.conf b/baselibs.conf index cf218b0..f609137 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1 +1 @@ -libnetpbm10 +libnetpbm11 diff --git a/netpbm-10.35.86-documentation.tar.bz2 b/netpbm-10.35.86-documentation.tar.bz2 deleted file mode 100644 index 68f9a96..0000000 --- a/netpbm-10.35.86-documentation.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cf130302f7742cd7d794246b33bb86feb6391098ef9cb063f23df717b5f1afa9 -size 573221 diff --git a/netpbm-10.35.86-nohpcdtoppm-nojbig.tar.bz2 b/netpbm-10.35.86-nohpcdtoppm-nojbig.tar.bz2 deleted file mode 100644 index 0ef2ec2..0000000 --- a/netpbm-10.35.86-nohpcdtoppm-nojbig.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7ace07f24063e5d22bbeb109dca376b2494c8f4b374ea1b8adfc5a009d9b03a8 -size 1618158 diff --git a/netpbm-10.59.2-documentation.tar.bz2 b/netpbm-10.59.2-documentation.tar.bz2 new file mode 100644 index 0000000..e823b84 --- /dev/null +++ b/netpbm-10.59.2-documentation.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:05430821e11c51ec6bf7b1b4ef5be564db51cecd45c6b669ad655d6fefd5f8e2 +size 573489 diff --git a/netpbm-10.59.2-nohpcdtoppm-noppmtompeg.tar.bz2 b/netpbm-10.59.2-nohpcdtoppm-noppmtompeg.tar.bz2 new file mode 100644 index 0000000..619804d --- /dev/null +++ b/netpbm-10.59.2-nohpcdtoppm-noppmtompeg.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5db40b9b72218330e226b20076d5120b5f19c621e71c82c240bc43f2332c7003 +size 1705720 diff --git a/netpbm-fixes.patch b/netpbm-fixes.patch deleted file mode 100644 index 8edfef1..0000000 --- a/netpbm-fixes.patch +++ /dev/null @@ -1,294 +0,0 @@ -Index: buildtools/Makefile -=================================================================== ---- buildtools/Makefile.orig -+++ buildtools/Makefile -@@ -34,10 +34,10 @@ libopt.o: libopt.c - -o $@ $< - - typegen.o endiangen.o:%.o:%.c -- $(CC_FOR_BUILD) -c $(CFLAGS_FOR_BUILD) -o $@ $< -+ $(CC_FOR_BUILD) $(CFLAGS) -c $(CFLAGS_FOR_BUILD) -o $@ $< - - $(PROGS):%:%.o -- $(LD_FOR_BUILD) -o $@ $< -+ $(LD_FOR_BUILD) $(LDFLAGS) -o $@ $< - - distclean clean: cleanlocal - .PHONY: cleanlocal -Index: converter/other/fiasco/codec/dfiasco.c -=================================================================== ---- converter/other/fiasco/codec/dfiasco.c.orig -+++ converter/other/fiasco/codec/dfiasco.c -@@ -15,6 +15,7 @@ - */ - - #include -+#include - - #include "config.h" - -Index: converter/other/fiasco/input/basis.c -=================================================================== ---- converter/other/fiasco/input/basis.c.orig -+++ converter/other/fiasco/input/basis.c -@@ -14,6 +14,7 @@ - * $State: Exp $ - */ - -+#include - #include "config.h" - - #include "types.h" -Index: converter/other/fitstopnm.c -=================================================================== ---- converter/other/fitstopnm.c.orig -+++ converter/other/fitstopnm.c -@@ -444,7 +444,7 @@ read_val (fp, bitpix, vp) - c[i] = ich; - } - swapbytes(c, 4); -- *vp = *( (float *) c); -+ memcpy(vp, c, 4); - break; - - case -64: -@@ -455,7 +455,7 @@ read_val (fp, bitpix, vp) - c[i] = ich; - } - swapbytes(c, 8); -- *vp = *( (double *) c); -+ memcpy(vp, c, 8); - break; - - default: -Index: converter/other/jpegtopnm.c -=================================================================== ---- converter/other/jpegtopnm.c.orig -+++ converter/other/jpegtopnm.c -@@ -511,6 +511,7 @@ set_color_spaces(const J_COLOR_SPACE jpe - pm_error("Input JPEG image has 'unknown' color space " - "(JCS_UNKNOWN).\n" - "We cannot interpret this image."); -+ *output_type_p = PPM_TYPE; /* not reached */ - break; - case JCS_GRAYSCALE: - *output_type_p = PGM_TYPE; -@@ -538,6 +539,7 @@ set_color_spaces(const J_COLOR_SPACE jpe - default: - pm_error("Internal error: unknown color space code %d passed " - "to set_color_spaces().", jpeg_color_space); -+ *output_type_p = PPM_TYPE; /* not reached */ - } - pm_message("WRITING %s FILE", - *output_type_p == PPM_TYPE ? "PPM" : "PGM"); -Index: converter/other/pamtopfm.c -=================================================================== ---- converter/other/pamtopfm.c.orig -+++ converter/other/pamtopfm.c -@@ -149,12 +149,12 @@ floatToPfmSample(float const input - Type converter - -----------------------------------------------------------------------------*/ - if (machineEndianness == pfmEndianness) { -- *(float *)outputP->bytes = input; -+ memcpy(outputP->bytes, &input, sizeof(float)); - } else { - unsigned char reversed[sizeof(pfmSample)]; - unsigned int i, j; - -- *(float *)reversed = input; -+ memcpy(reversed, &input, sizeof(float)); - - for (i = 0, j = sizeof(pfmSample)-1; - i < sizeof(pfmSample); -@@ -239,6 +239,7 @@ makePfmHeader(const struct pam * const p - enum endian const endian) { - - struct pfmHeader pfmHeader; -+ memset(&pfmHeader, 0, sizeof(pfmHeader)); - - pfmHeader.width = pamP->width; - pfmHeader.height = pamP->height; -Index: converter/other/pamtosvg/curve.c -=================================================================== ---- converter/other/pamtosvg/curve.c.orig -+++ converter/other/pamtosvg/curve.c -@@ -222,9 +222,7 @@ curve_list_type - new_curve_list (void) - { - curve_list_type curve_list; -- -- curve_list.length = 0; -- curve_list.data = NULL; -+ memset(&curve_list, 0, sizeof(curve_list)); - - return curve_list; - } -Index: converter/other/pamtosvg/pxl-outline.c -=================================================================== ---- converter/other/pamtosvg/pxl-outline.c.orig -+++ converter/other/pamtosvg/pxl-outline.c -@@ -262,6 +262,9 @@ find_one_centerline(bitmap_type const - outline.open = false; - outline.color = getBitmapColor(bitmap, original_row, original_col); - -+ search_dir = original_dir; /* initial value */ -+ row = original_row; /* initial value */ -+ col = original_col; /* initial values */ - /* Add the starting pixel to the output list, changing from bitmap - to Cartesian coordinates and specifying the left edge so that - the coordinates won't be adjusted. -@@ -272,9 +275,6 @@ find_one_centerline(bitmap_type const - LOG2(" (%d,%d)", pos.col, pos.row); - append_outline_pixel(&outline, pos); - } -- search_dir = original_dir; /* initial value */ -- row = original_row; /* initial value */ -- col = original_col; /* initial values */ - - for ( ; ; ) { - unsigned int const prev_row = row; -@@ -527,6 +527,7 @@ new_pixel_outline (void) - { - pixel_outline_type pixel_outline; - -+ memset(&pixel_outline, 0, sizeof(pixel_outline)); - O_LENGTH (pixel_outline) = 0; - pixel_outline.data = NULL; - pixel_outline.open = false; -Index: converter/other/pamtosvg/spline.c -=================================================================== ---- converter/other/pamtosvg/spline.c.orig -+++ converter/other/pamtosvg/spline.c -@@ -80,6 +80,7 @@ spline_list_type - empty_spline_list (void) - { - spline_list_type answer; -+ memset(&answer, 0, sizeof(answer)); - SPLINE_LIST_DATA (answer) = NULL; - SPLINE_LIST_LENGTH (answer) = 0; - return answer; -@@ -153,6 +154,7 @@ spline_list_array_type - new_spline_list_array (void) - { - spline_list_array_type answer; -+ memset(&answer, 0, sizeof(answer)); - - SPLINE_LIST_ARRAY_DATA (answer) = NULL; - SPLINE_LIST_ARRAY_LENGTH (answer) = 0; -Index: converter/other/pamtouil.c -=================================================================== ---- converter/other/pamtouil.c.orig -+++ converter/other/pamtouil.c -@@ -376,11 +376,15 @@ freeCmap(cixel_map cmap[], unsigned int - int i; - - for (i = 0; i < ncolors; ++i) { -- cixel_map const cmapEntry = cmap[i]; -- if (cmapEntry.uilname) -+ cixel_map cmapEntry = cmap[i]; -+ if (cmapEntry.uilname) { - freeString(cmapEntry.uilname); -- if (cmapEntry.rgbname) -+ cmapEntry.uilname = NULL; -+ } -+ if (cmapEntry.rgbname) { - freeString(cmapEntry.rgbname); -+ cmapEntry.rgbname = NULL; -+ } - } - } - -Index: converter/other/pgmtopbm.c -=================================================================== ---- converter/other/pgmtopbm.c.orig -+++ converter/other/pgmtopbm.c -@@ -549,6 +549,8 @@ createDither8Converter(unsigned int cons - converter.cols = cols; - converter.convertRow = &dither8ConvertRow; - converter.destroy = NULL; -+ converter.stateP = NULL; -+ converter.maxval = 0; - - /* Scale dither matrix. */ - for (row = 0; row < 16; ++row) { -@@ -622,6 +624,7 @@ createClusterConverter(unsigned int cons - converter.cols = cols; - converter.convertRow = &clusterConvertRow; - converter.destroy = &clusterDestroy; -+ converter.maxval = 0; - - MALLOCVAR_NOFAIL(stateP); - -Index: converter/other/pnmtopng.c -=================================================================== ---- converter/other/pnmtopng.c.orig -+++ converter/other/pnmtopng.c -@@ -513,6 +513,7 @@ xelToPngColor_16(xel const input, - retval.green = PPM_GETG(scaled); - retval.blue = PPM_GETB(scaled); - retval.gray = PNM_GET1(scaled); -+ retval.index = 0; - - return retval; - } -Index: converter/other/rletopnm.c -=================================================================== ---- converter/other/rletopnm.c.orig -+++ converter/other/rletopnm.c -@@ -101,7 +101,7 @@ parseCommandLine(int argc, char ** argv, - optStruct3 opt; - unsigned int option_def_index; - -- unsigned int alphaoutSpec; -+ unsigned int alphaoutSpec = 0; - - MALLOCARRAY(option_def, 100); - -Index: converter/ppm/ximtoppm.c -=================================================================== ---- converter/ppm/ximtoppm.c.orig -+++ converter/ppm/ximtoppm.c -@@ -44,7 +44,7 @@ parseCommandLine(int argc, char ** argv, - - unsigned int option_def_index; - -- unsigned int alphaoutSpec; -+ unsigned int alphaoutSpec = 0; - - option_def_index = 0; /* incremented by OPTENT3 */ - OPTENT3(0, "alphaout", OPT_STRING, -Index: lib/pm.h -=================================================================== ---- lib/pm.h.orig -+++ lib/pm.h -@@ -21,6 +21,7 @@ - #include - #include - #include -+#include - - #ifdef VMS - #include -Index: lib/util/wordaccess_64_le.h -=================================================================== ---- lib/util/wordaccess_64_le.h.orig -+++ lib/util/wordaccess_64_le.h -@@ -49,4 +49,5 @@ wordintClz(wordint const x){ - return (__builtin_clzll((long long int)x << (s - 8) * 8)); - else - pm_error("Long long int is less than 64 bits on this machine"); -+ return 0; /* unreached */ - } -Index: converter/other/fiasco/lib/image.c -=================================================================== ---- converter/other/fiasco/lib/image.c.orig -+++ converter/other/fiasco/lib/image.c -@@ -239,7 +239,7 @@ alloc_image (unsigned width, unsigned he - image->format = format; - image->reference_count = 1; - -- strcpy (image->id, "IFIASCO"); -+ strncpy (image->id, "IFIASCO", 7); - - for (band = first_band (color); band <= last_band (color); band++) - if (format == FORMAT_4_2_0 && band != Y) diff --git a/netpbm-libpng14.patch b/netpbm-libpng14.patch deleted file mode 100644 index 73a06ef..0000000 --- a/netpbm-libpng14.patch +++ /dev/null @@ -1,115 +0,0 @@ -Index: netpbm-10.35.80/converter/other/pngtopnm.c -=================================================================== ---- netpbm-10.35.80.orig/converter/other/pngtopnm.c -+++ netpbm-10.35.80/converter/other/pngtopnm.c -@@ -44,12 +44,6 @@ - #include "nstring.h" - #include "shhopt.h" - --#if PNG_LIBPNG_VER >= 10400 --#error Your PNG library () is incompatible with this Netpbm source code. --#error You need either an older PNG library (older than 1.4) --#error newer Netpbm source code (at least 10.48) --#endif -- - typedef struct _jmpbuf_wrapper { - jmp_buf jmpbuf; - } jmpbuf_wrapper; -@@ -482,7 +476,7 @@ isTransparentColor(pngcolor const colo - bool retval; - - if (info_ptr->valid & PNG_INFO_tRNS) { -- const png_color_16 * const transColorP = &info_ptr->trans_values; -+ const png_color_16 * const transColorP = &info_ptr->trans_color; - - - /* There seems to be a problem here: you can't compare real -@@ -575,8 +569,8 @@ paletteHasPartialTransparency(png_info * - for (i = 0, foundGray = FALSE; - i < info_ptr->num_trans && !foundGray; - ++i) { -- if (info_ptr->trans[i] != 0 && -- info_ptr->trans[i] != maxval) { -+ if (info_ptr->trans_alpha[i] != 0 && -+ info_ptr->trans_alpha[i] != maxval) { - foundGray = TRUE; - } - } -@@ -647,7 +641,7 @@ setupSignificantBits(png_struct * - unsigned int i; - trans_mix = TRUE; - for (i = 0; i < info_ptr->num_trans; ++i) -- if (info_ptr->trans[i] != 0 && info_ptr->trans[i] != 255) { -+ if (info_ptr->trans_alpha[i] != 0 && info_ptr->trans_alpha[i] != 255) { - trans_mix = FALSE; - break; - } -@@ -885,7 +879,7 @@ writePnm(FILE * const ofP, - setXel(&xelrow[col], fgColor, bgColor, alpha_handling, - ((info_ptr->valid & PNG_INFO_tRNS) && - (fgColor.r == -- gamma_correct(info_ptr->trans_values.gray, -+ gamma_correct(info_ptr->trans_color.gray, - totalgamma))) ? - 0 : maxval); - } -@@ -914,7 +908,7 @@ writePnm(FILE * const ofP, - setXel(&xelrow[col], fgColor, bgColor, alpha_handling, - (info_ptr->valid & PNG_INFO_tRNS) && - index < info_ptr->num_trans ? -- info_ptr->trans[index] : maxval); -+ info_ptr->trans_alpha[index] : maxval); - } - break; - -Index: netpbm-10.35.80/converter/other/pnmtopng.c -=================================================================== ---- netpbm-10.35.80.orig/converter/other/pnmtopng.c -+++ netpbm-10.35.80/converter/other/pnmtopng.c -@@ -69,13 +69,6 @@ - #include "nstring.h" - #include "version.h" - --#if PNG_LIBPNG_VER >= 10400 --#error Your PNG library () is incompatible with this Netpbm source code. --#error You need either an older PNG library (older than 1.4) --#error newer Netpbm source code (at least 10.47.04) --#endif -- -- - struct zlibCompression { - /* These are parameters that describe a form of zlib compression. - Values have the same meaning as the similarly named arguments to -@@ -2612,7 +2605,7 @@ convertpnm(struct cmdlineInfo const cmdl - info_ptr->num_palette = palette_size; - if (trans_size > 0) { - info_ptr->valid |= PNG_INFO_tRNS; -- info_ptr->trans = trans; -+ info_ptr->trans_alpha = trans; - info_ptr->num_trans = trans_size; /* omit opaque values */ - } - /* creating hIST chunk */ -@@ -2649,7 +2642,7 @@ convertpnm(struct cmdlineInfo const cmdl - info_ptr->color_type == PNG_COLOR_TYPE_RGB) { - if (transparent > 0) { - info_ptr->valid |= PNG_INFO_tRNS; -- info_ptr->trans_values = -+ info_ptr->trans_color = - xelToPngColor_16(transcolor, maxval, png_maxval); - } - } else { -@@ -2661,10 +2654,10 @@ convertpnm(struct cmdlineInfo const cmdl - if (info_ptr->valid && PNG_INFO_tRNS) - pm_message("Transparent color {gray, red, green, blue} = " - "{%d, %d, %d, %d}", -- info_ptr->trans_values.gray, -- info_ptr->trans_values.red, -- info_ptr->trans_values.green, -- info_ptr->trans_values.blue); -+ info_ptr->trans_color.gray, -+ info_ptr->trans_color.red, -+ info_ptr->trans_color.green, -+ info_ptr->trans_color.blue); - else - pm_message("No transparent color"); - } diff --git a/netpbm-make.patch b/netpbm-make.patch index 9b47d0e..df9b70c 100644 --- a/netpbm-make.patch +++ b/netpbm-make.patch @@ -1,6 +1,8 @@ ---- Makefile.config.in -+++ Makefile.config.in -@@ -108,7 +108,7 @@ +Index: config.mk.in +=================================================================== +--- config.mk.in.orig ++++ config.mk.in +@@ -109,7 +109,7 @@ INSTALL = $(SRCDIR)/buildtools/install.s #OSF1: #INSTALL = $(SRCDIR)/buildtools/installosf #Red Hat Linux: @@ -9,7 +11,7 @@ # STRIPFLAG is the option you pass to the above install program to make it # strip unnecessary information out of binaries. -@@ -283,7 +283,7 @@ +@@ -295,7 +295,7 @@ LDRELOC = NONE CFLAGS_SHLIB = # Gcc: #CFLAGS_SHLIB = -fpic @@ -18,7 +20,7 @@ # Sun compiler: #CFLAGS_SHLIB = -Kpic #CFLAGS_SHLIB = -KPIC -@@ -350,7 +350,7 @@ +@@ -362,7 +362,7 @@ NETPBMLIB_RUNTIME_PATH = # The TIFF library. See above. If you want to build the tiff # converters, you must have the tiff library already installed. @@ -27,7 +29,7 @@ TIFFHDR_DIR = #TIFFLIB = libtiff.so -@@ -382,7 +382,7 @@ +@@ -393,7 +393,7 @@ TIFFLIB_NEEDS_Z = Y # JPEG stuff statically linked in, in which case you won't need # JPEGLIB in order to build the Tiff converters. @@ -36,7 +38,7 @@ JPEGHDR_DIR = #JPEGLIB = libjpeg.so #JPEGHDR_DIR = /usr/include/jpeg -@@ -432,7 +432,7 @@ +@@ -451,7 +451,7 @@ PNGVER = # # If you have 'libpng-config' (see above), these are irrelevant. @@ -45,3 +47,14 @@ ZHDR_DIR = #ZLIB = libz.so +@@ -461,8 +461,8 @@ JBIGLIB = $(BUILDDIR)/converter/other/jb + JBIGHDR_DIR = $(SRCDIR)/converter/other/jbig + + # The Jasper JPEG-2000 image compression library (aka JasPer): +-JASPERLIB = $(INTERNAL_JASPERLIB) +-JASPERHDR_DIR = $(INTERNAL_JASPERHDR_DIR) ++JASPERLIB = -ljasper ++JASPERHDR_DIR = /usr/include/jasper + # JASPERDEPLIBS is the libraries (-l options or file names) on which + # The Jasper library depends -- i.e. what you have to link into any + # executable that links in the Jasper library. diff --git a/netpbm-manpages.patch b/netpbm-manpages.patch deleted file mode 100644 index f4a6e2f..0000000 --- a/netpbm-manpages.patch +++ /dev/null @@ -1,80 +0,0 @@ ---- buildtools/makeman -+++ buildtools/makeman -@@ -1,4 +1,4 @@ --#!/bin/env python -+#!/usr/bin/python - # - # makeman -- compile netpbm's stereotyped HTML to troff markup - # -@@ -95,6 +95,8 @@ - indoc = re.sub("(?i)\n *", "\n.fi", indoc) - indoc = re.sub("(?i)\n *
", "\n.nf", indoc) - indoc = re.sub("(?i)\n *
", "\n.fi", indoc) -+ indoc = re.sub("(?i)\n *", "\n.nf", indoc) -+ indoc = re.sub("(?i)\n *", "\n.fi", indoc) - # Highlight processing - indoc = re.sub("(?i)", r"\\fB", indoc) - indoc = re.sub("(?i)", r"\\fP", indoc) -@@ -114,7 +116,10 @@ - indoc = re.sub("(?i)", r"\\d", indoc) - # Paragraph handling - indoc = re.sub("(?i)\n*

\n*", r"\n.PP\n", indoc) -+ indoc = re.sub("(?i)
", r"\n.PP\n", indoc) - indoc = re.sub("(?i)

", "", indoc) -+ indoc = re.sub("(?i)", "", indoc) -+ indoc = re.sub("(?i)]*>", "", indoc) - lines = indoc.split("\n") - listdepth = 0 - for i in range(len(lines)): -@@ -131,13 +136,14 @@ - indoc = re.sub('(?i)([^<]+)', r'\\fI\1\\fP', indoc) - # Format manual crossreferences - def xrefmatch(match): -- xrefto = match.group(1) -- xrefsection = sectmap.get(xrefto, 1) -+ xrefto = match.group(2) -+ xrefurl = match.group(1) -+ xrefsection = sectmap.get(xrefurl, 1) - if xrefsection == 0: - return "\n.I " + xrefto - else: -- return "\n.BR %s (%d)" % (xrefto, xrefsection) -- indoc = re.sub(r'(?i)\n* *(?:\\fB)?([^<]+)(?:\\fP)?', -+ return "\n.BR %s (%d)\n" % (xrefto, xrefsection) -+ indoc = re.sub(r'(?i)\n* *(?:\\fB)?([^<]+)(?:\\fP)?', - xrefmatch, indoc) - # Format URLs - def urlmatch(match): -@@ -151,7 +157,7 @@ - indoc = indoc.replace("×", r"\(mu") - indoc = indoc.replace("®", r"\*R") - # Turn anchors into .UN tags -- indoc = re.sub('(?i)(?: )*\s*', ".UN \\1\n", indoc) -+ indoc = re.sub('(?i)(?: )*\s*', ".UN \\1\n", indoc) - # Strip off the index trailer - trailer = re.compile('
.*', re.DOTALL | re.IGNORECASE) - indoc = re.sub(trailer, "", indoc) -@@ -159,17 +165,17 @@ - indoc = indoc.replace("", "").replace("", "") - indoc = indoc.replace("", "").replace("", "") - # Recognize sections with IDs -- indoc = re.sub('(?i)

([^><]*)

', -+ indoc = re.sub('(?i)

([^><]*)

', - ".UN \\1\n.SH \\2", indoc) -- indoc = re.sub('(?i)

([^><]*)

', -+ indoc = re.sub('(?i)

([^><]*)

', - ".UN \\1\n.SS \\2", indoc) -- indoc = re.sub('(?i)

([^><]*)

', -+ indoc = re.sub('(?i)

([^><]*)

', - ".UN \\1\n.B \\2", indoc) -- indoc = re.sub('(?i)

([^><]*)

', -+ indoc = re.sub('(?i)

([^><]*)

', - ".UN \\1\n.SH \\2", indoc) -- indoc = re.sub('(?i)

([^><]*)

', -+ indoc = re.sub('(?i)

([^><]*)

', - ".UN \\1\n.SS \\2", indoc) -- indoc = re.sub('(?i)

([^><]*)

', -+ indoc = re.sub('(?i)

([^><]*)

', - ".UN \\1\n.B \\2", indoc) - # Sections without IDs - indoc = re.sub('(?i)

([^><]*)

', ".SH \\1", indoc) diff --git a/netpbm-pamscale.patch b/netpbm-pamscale.patch deleted file mode 100644 index bf09b02..0000000 --- a/netpbm-pamscale.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- editor/pamscale.c -+++ editor/pamscale.c -@@ -595,6 +595,8 @@ - const char *filterOpt, *window; - unsigned int filterSpec, windowSpec; - -+ memset(cmdlineP, 0, sizeof(struct cmdlineInfo)); -+ - MALLOCARRAY_NOFAIL(option_def, 100); - - option_def_index = 0; /* incremented by OPTENT3 */ diff --git a/netpbm-pnmtopng-CAN-2978.patch b/netpbm-pnmtopng-CAN-2978.patch deleted file mode 100644 index e72de20..0000000 --- a/netpbm-pnmtopng-CAN-2978.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- converter/other/pnmtopng.c -+++ converter/other/pnmtopng.c -@@ -521,7 +521,7 @@ - unsigned int * const bestMatchP) { - - unsigned int paletteIndex; -- unsigned int bestIndex; -+ unsigned int bestIndex = 0; - unsigned int bestMatch; - - assert(paletteSize > 0); -@@ -2342,7 +2342,7 @@ - /* The color part of the color/alpha palette passed to the PNG - compressor - */ -- unsigned int palette_size; -+ unsigned int palette_size = MAXCOLORS; - - gray trans_pnm[MAXCOLORS]; - png_byte trans[MAXCOLORS]; diff --git a/netpbm-security.patch b/netpbm-security-code.patch similarity index 50% rename from netpbm-security.patch rename to netpbm-security-code.patch index b96e2c5..9889ea5 100644 --- a/netpbm-security.patch +++ b/netpbm-security-code.patch @@ -1,48 +1,36 @@ ---- netpbm-10.35.64/analyzer/pgmhist.c -+++ netpbm-10.35.64/analyzer/pgmhist.c -@@ -53,6 +53,7 @@ - grayrow = pgm_allocrow( cols ); +diff -up netpbm-10.58.01/analyzer/pgmtexture.c.security-code netpbm-10.58.01/analyzer/pgmtexture.c +--- netpbm-10.58.01/analyzer/pgmtexture.c.security-code 2012-04-09 15:31:32.000000000 +0200 ++++ netpbm-10.58.01/analyzer/pgmtexture.c 2012-04-09 15:40:03.183620040 +0200 +@@ -97,7 +97,7 @@ vector(unsigned int const nl, + float * v; - /* Build histogram. */ -+ overflow_add(maxval, 1); - MALLOCARRAY(hist, maxval + 1); - MALLOCARRAY(rcount, maxval + 1); - if ( hist == NULL || rcount == NULL ) ---- netpbm-10.35.64/analyzer/pgmtexture.c -+++ netpbm-10.35.64/analyzer/pgmtexture.c -@@ -79,6 +79,9 @@ - { - float *v; - -+ if(nh < nl) -+ pm_error("assert: h < l"); + assert(nh >= nl); +- + overflow_add(nh - nl, 1); MALLOCARRAY(v, (unsigned) (nh - nl + 1)); + if (v == NULL) - pm_error("Unable to allocate memory for a vector."); -@@ -95,6 +98,9 @@ - float **m; +@@ -129,6 +129,7 @@ matrix (unsigned int const nrl, + assert(nrh >= nrl); /* allocate pointers to rows */ -+ if(nrh < nrl) -+ pm_error("assert: h < l"); + overflow_add(nrh - nrl, 1); MALLOCARRAY(m, (unsigned) (nrh - nrl + 1)); if (m == NULL) pm_error("Unable to allocate memory for a matrix."); -@@ -102,6 +108,9 @@ +@@ -136,7 +137,7 @@ matrix (unsigned int const nrl, m -= ncl; - /* allocate rows and set pointers to them */ -+ if(nch < ncl) -+ pm_error("assert: h < l"); + assert (nch >= ncl); +- + overflow_add(nch - ncl, 1); - for (i = nrl; i <= nrh; i++) - { + /* allocate rows and set pointers to them */ + for (i = nrl; i <= nrh; ++i) { MALLOCARRAY(m[i], (unsigned) (nch - ncl + 1)); ---- netpbm-10.35.64/converter/other/gemtopnm.c -+++ netpbm-10.35.64/converter/other/gemtopnm.c -@@ -106,6 +106,7 @@ +diff -up netpbm-10.58.01/converter/other/gemtopnm.c.security-code netpbm-10.58.01/converter/other/gemtopnm.c +--- netpbm-10.58.01/converter/other/gemtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/gemtopnm.c 2012-04-09 15:40:03.183620040 +0200 +@@ -106,6 +106,7 @@ main(argc, argv) pnm_writepnminit( stdout, cols, rows, MAXVAL, type, 0 ); @@ -50,19 +38,22 @@ { /* allocate input row data structure */ int plane; ---- netpbm-10.35.64/converter/other/jpegtopnm.c -+++ netpbm-10.35.64/converter/other/jpegtopnm.c -@@ -828,6 +828,7 @@ +diff -up netpbm-10.58.01/converter/other/jpegtopnm.c.security-code netpbm-10.58.01/converter/other/jpegtopnm.c +--- netpbm-10.58.01/converter/other/jpegtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200 ++++ netpbm-10.58.01/converter/other/jpegtopnm.c 2012-04-09 15:40:03.184620028 +0200 +@@ -861,6 +861,8 @@ convertImage(FILE * /* Calculate output image dimensions so we can allocate space */ jpeg_calc_output_dimensions(cinfoP); + overflow2(cinfoP->output_width, cinfoP->output_components); - jpegbuffer = ((*cinfoP->mem->alloc_sarray) - ((j_common_ptr) cinfoP, JPOOL_IMAGE, - cinfoP->output_width * cinfoP->output_components, ---- netpbm-10.35.64/converter/other/pbmtopgm.c -+++ netpbm-10.35.64/converter/other/pbmtopgm.c -@@ -47,6 +47,7 @@ ++ + /* Start decompressor */ + jpeg_start_decompress(cinfoP); + +diff -up netpbm-10.58.01/converter/other/pbmtopgm.c.security-code netpbm-10.58.01/converter/other/pbmtopgm.c +--- netpbm-10.58.01/converter/other/pbmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/pbmtopgm.c 2012-04-09 15:40:03.184620028 +0200 +@@ -47,6 +47,7 @@ main(int argc, char *argv[]) { "than the image height (%u rows)", height, rows); outrow = pgm_allocrow(cols) ; @@ -70,43 +61,10 @@ maxval = MIN(PGM_OVERALLMAXVAL, width*height); pgm_writepgminit(stdout, cols, rows, maxval, 0) ; ---- netpbm-10.35.64/converter/other/pngtopnm.c -+++ netpbm-10.35.64/converter/other/pngtopnm.c -@@ -990,19 +990,24 @@ - pm_error ("couldn't allocate space for image"); - } - -- if (info_ptr->bit_depth == 16) -+ if (info_ptr->bit_depth == 16) { -+ overflow2(2, info_ptr->width); - linesize = 2 * info_ptr->width; -- else -+ } else - linesize = info_ptr->width; - -- if (info_ptr->color_type == PNG_COLOR_TYPE_GRAY_ALPHA) -+ if (info_ptr->color_type == PNG_COLOR_TYPE_GRAY_ALPHA) { -+ overflow2(2, linesize); - linesize *= 2; -- else -- if (info_ptr->color_type == PNG_COLOR_TYPE_RGB) -+ } else -+ if (info_ptr->color_type == PNG_COLOR_TYPE_RGB) { -+ overflow2(3, linesize); - linesize *= 3; -- else -- if (info_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA) -+ } else -+ if (info_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA) { -+ overflow2(4, linesize); - linesize *= 4; -+ } - - for (y = 0 ; y < info_ptr->height ; y++) { - png_image[y] = malloc (linesize); ---- netpbm-10.35.64/converter/other/pnmtoddif.c -+++ netpbm-10.35.64/converter/other/pnmtoddif.c -@@ -484,6 +484,7 @@ +diff -up netpbm-10.58.01/converter/other/pnmtoddif.c.security-code netpbm-10.58.01/converter/other/pnmtoddif.c +--- netpbm-10.58.01/converter/other/pnmtoddif.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/pnmtoddif.c 2012-04-09 15:40:03.185620015 +0200 +@@ -632,6 +632,7 @@ main(int argc, char *argv[]) { switch (PNM_FORMAT_TYPE(format)) { case PBM_TYPE: ip.bits_per_pixel = 1; @@ -114,7 +72,7 @@ ip.bytes_per_line = (cols + 7) / 8; ip.spectral = 2; ip.components = 1; -@@ -499,6 +500,7 @@ +@@ -647,6 +648,7 @@ main(int argc, char *argv[]) { ip.polarity = 2; break; case PPM_TYPE: @@ -122,9 +80,23 @@ ip.bytes_per_line = 3 * cols; ip.bits_per_pixel = 24; ip.spectral = 5; ---- netpbm-10.35.64/converter/other/pnmtojpeg.c -+++ netpbm-10.35.64/converter/other/pnmtojpeg.c -@@ -587,6 +587,8 @@ +diff -up netpbm-10.58.01/converter/other/pnmtojpeg.c.security-code netpbm-10.58.01/converter/other/pnmtojpeg.c +--- netpbm-10.58.01/converter/other/pnmtojpeg.c.security-code 2012-04-09 15:31:39.000000000 +0200 ++++ netpbm-10.58.01/converter/other/pnmtojpeg.c 2012-04-09 15:40:03.186620002 +0200 +@@ -605,7 +605,11 @@ read_scan_script(j_compress_ptr const ci + want JPOOL_PERMANENT. + */ + const unsigned int scan_info_size = nscans * sizeof(jpeg_scan_info); +- jpeg_scan_info * const scan_info = ++ const jpeg_scan_info * scan_info; ++ ++ overflow2(nscans, sizeof(jpeg_scan_info)); ++ ++ scan_info = + (jpeg_scan_info *) + (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE, + scan_info_size); +@@ -937,6 +941,8 @@ compute_rescaling_array(JSAMPLE ** const const long half_maxval = maxval / 2; long val; @@ -133,7 +105,7 @@ *rescale_p = (JSAMPLE *) (cinfo.mem->alloc_small) ((j_common_ptr) &cinfo, JPOOL_IMAGE, (size_t) (((long) maxval + 1L) * -@@ -665,6 +667,7 @@ +@@ -1015,6 +1021,7 @@ convert_scanlines(struct jpeg_compress_s */ /* Allocate the libpnm output and compressor input buffers */ @@ -141,48 +113,35 @@ buffer = (*cinfo_p->mem->alloc_sarray) ((j_common_ptr) cinfo_p, JPOOL_IMAGE, (unsigned int) cinfo_p->image_width * cinfo_p->input_components, -@@ -932,7 +935,11 @@ - * want JPOOL_PERMANENT. - */ - const unsigned int scan_info_size = nscans * sizeof(jpeg_scan_info); -- jpeg_scan_info * const scan_info = -+ const jpeg_scan_info * scan_info; -+ -+ overflow2(nscans, sizeof(jpeg_scan_info)); -+ -+ scan_info = - (jpeg_scan_info *) - (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE, - scan_info_size); ---- netpbm-10.35.64/converter/other/pnmtops.c -+++ netpbm-10.35.64/converter/other/pnmtops.c -@@ -184,16 +184,20 @@ - cmdlineP->canturn = !noturn; - cmdlineP->showpage = !noshowpage; +diff -up netpbm-10.58.01/converter/other/pnmtops.c.security-code netpbm-10.58.01/converter/other/pnmtops.c +--- netpbm-10.58.01/converter/other/pnmtops.c.security-code 2012-04-09 15:31:40.000000000 +0200 ++++ netpbm-10.58.01/converter/other/pnmtops.c 2012-04-09 15:40:03.187619989 +0200 +@@ -256,17 +256,21 @@ parseCommandLine(int argc, const char ** + validateCompDimension(width, 72, "-width value"); + validateCompDimension(height, 72, "-height value"); + overflow2(width, 72); cmdlineP->width = width * 72; + overflow2(height, 72); cmdlineP->height = height * 72; -- if (imagewidthSpec) -+ if (imagewidthSpec) { + if (imagewidthSpec) { + validateCompDimension(imagewidth, 72, "-imagewidth value"); + overflow2(imagewidth, 72); cmdlineP->imagewidth = imagewidth * 72; -- else -+ } else + } + else cmdlineP->imagewidth = 0; -- if (imageheightSpec) -+ if (imageheightSpec) { + if (imageheightSpec) { +- validateCompDimension(imagewidth, 72, "-imageheight value"); ++ validateCompDimension(imageheight, 72, "-imageheight value"); + overflow2(imageheight, 72); cmdlineP->imageheight = imageheight * 72; -- else -+ } else - cmdlineP->imageheight = 0; - - if (!cmdlineP->psfilter && ---- netpbm-10.35.64/converter/other/pnmtorle.c -+++ netpbm-10.35.64/converter/other/pnmtorle.c + } + else +diff -up netpbm-10.58.01/converter/other/pnmtorle.c.security-code netpbm-10.58.01/converter/other/pnmtorle.c +--- netpbm-10.58.01/converter/other/pnmtorle.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/pnmtorle.c 2012-04-09 15:40:03.188619976 +0200 @@ -19,6 +19,8 @@ * If you modify this software, you should include a notice giving the * name of the person performing the modification, the date of modification, @@ -192,32 +151,10 @@ */ /* * pnmtorle - A program which will convert pbmplus (ppm or pgm) images ---- netpbm-10.35.64/converter/other/pnmtosgi.c -+++ netpbm-10.35.64/converter/other/pnmtosgi.c -@@ -213,6 +213,22 @@ - } - } - -+static void * -+xmalloc2(int x, int y) -+{ -+ void *mem; -+ -+ overflow2(x,y); -+ if( x * y == 0 ) -+ return NULL; -+ -+ mem = malloc2(x, y); -+ if( mem == NULL ) -+ pm_error("out of memory allocating %d bytes", x * y); -+ return mem; -+} -+ -+ - static void - put_big_short(short s) - { -@@ -250,6 +266,7 @@ +diff -up netpbm-10.58.01/converter/other/pnmtosgi.c.security-code netpbm-10.58.01/converter/other/pnmtosgi.c +--- netpbm-10.58.01/converter/other/pnmtosgi.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/pnmtosgi.c 2012-04-09 15:40:03.188619976 +0200 +@@ -254,6 +254,7 @@ build_channels(FILE * const ifp, int con #endif if( storage != STORAGE_VERBATIM ) { @@ -225,7 +162,7 @@ MALLOCARRAY_NOFAIL(table, channels * rows); MALLOCARRAY_NOFAIL(rletemp, WORSTCOMPR(cols)); } -@@ -303,6 +320,8 @@ +@@ -306,6 +307,8 @@ compress(ScanElem * temp, break; case STORAGE_RLE: tabrow = chan_no * rows + row; @@ -234,8 +171,9 @@ len = rle_compress(temp, cols); /* writes result into rletemp */ channel[chan_no][row].length = len; MALLOCARRAY(p, len); ---- netpbm-10.35.64/converter/other/rletopnm.c -+++ netpbm-10.35.64/converter/other/rletopnm.c +diff -up netpbm-10.58.01/converter/other/rletopnm.c.security-code netpbm-10.58.01/converter/other/rletopnm.c +--- netpbm-10.58.01/converter/other/rletopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/rletopnm.c 2012-04-09 15:40:03.189619963 +0200 @@ -19,6 +19,8 @@ * If you modify this software, you should include a notice giving the * name of the person performing the modification, the date of modification, @@ -245,30 +183,29 @@ */ /* * rletopnm - A conversion program to convert from Utah's "rle" image format ---- netpbm-10.35.64/converter/other/sgitopnm.c -+++ netpbm-10.35.64/converter/other/sgitopnm.c -@@ -252,13 +252,17 @@ - - if (ochan < 0) { - maxchannel = (head->zsize < 3) ? head->zsize : 3; +diff -up netpbm-10.58.01/converter/other/sgitopnm.c.security-code netpbm-10.58.01/converter/other/sgitopnm.c +--- netpbm-10.58.01/converter/other/sgitopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/sgitopnm.c 2012-04-09 15:40:03.189619963 +0200 +@@ -359,10 +359,14 @@ readChannels(FILE * const ifP, + MALLOCARRAY_NOFAIL(image, head->ysize); + } else { + maxchannel = MIN(3, head->zsize); + overflow2(head->ysize, maxchannel); MALLOCARRAY_NOFAIL(image, head->ysize * maxchannel); - } else { - maxchannel = ochan + 1; - MALLOCARRAY_NOFAIL(image, head->ysize); } -- if ( table ) -+ if ( table ) { +- if (table) ++ if (table) { + overflow2(head->xsize, 2); + overflow_add(head->xsize*2, 2); MALLOCARRAY_NOFAIL(temp, WORSTCOMPR(head->xsize)); + } - for( channel = 0; channel < maxchannel; channel++ ) { - #ifdef DEBUG ---- netpbm-10.35.64/converter/other/sirtopnm.c -+++ netpbm-10.35.64/converter/other/sirtopnm.c -@@ -69,6 +69,7 @@ + for (channel = 0; channel < maxchannel; ++channel) { + unsigned int row; +diff -up netpbm-10.58.01/converter/other/sirtopnm.c.security-code netpbm-10.58.01/converter/other/sirtopnm.c +--- netpbm-10.58.01/converter/other/sirtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/sirtopnm.c 2012-04-09 15:40:03.190619951 +0200 +@@ -69,6 +69,7 @@ char* argv[]; } break; case PPM_TYPE: @@ -276,24 +213,27 @@ picsize = cols * rows * 3; planesize = cols * rows; if ( !( sirarray = (unsigned char*) malloc( picsize ) ) ) ---- netpbm-10.35.64/converter/other/tifftopnm.c -+++ netpbm-10.35.64/converter/other/tifftopnm.c -@@ -748,7 +748,8 @@ +diff -up netpbm-10.58.01/converter/other/tifftopnm.c.security-code netpbm-10.58.01/converter/other/tifftopnm.c +--- netpbm-10.58.01/converter/other/tifftopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/other/tifftopnm.c 2012-04-09 15:40:03.191619939 +0200 +@@ -1279,7 +1279,9 @@ convertRasterByRows(pnmOut * const if (scanbuf == NULL) pm_error("can't allocate memory for scanline buffer"); - MALLOCARRAY(samplebuf, cols * spp); + /* samplebuf is unsigned int * !!! */ + samplebuf = (unsigned int *) malloc3(cols , sizeof(unsigned int) , spp); ++ if (samplebuf == NULL) - pm_error ("can't allocate memory for row buffer"); + pm_error("can't allocate memory for row buffer"); ---- netpbm-10.35.64/converter/other/xwdtopnm.c -+++ netpbm-10.35.64/converter/other/xwdtopnm.c -@@ -214,6 +214,10 @@ - *colorsP = pnm_allocrow( 2 ); - PNM_ASSIGN1( (*colorsP)[0], 0 ); - PNM_ASSIGN1( (*colorsP)[1], *maxvalP ); +diff -up netpbm-10.58.01/converter/other/xwdtopnm.c.security-code netpbm-10.58.01/converter/other/xwdtopnm.c +--- netpbm-10.58.01/converter/other/xwdtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200 ++++ netpbm-10.58.01/converter/other/xwdtopnm.c 2012-04-09 15:40:03.192619927 +0200 +@@ -209,6 +209,10 @@ processX10Header(X10WDFileHeader * cons + *colorsP = pnm_allocrow(2); + PNM_ASSIGN1((*colorsP)[0], 0); + PNM_ASSIGN1((*colorsP)[1], *maxvalP); + overflow_add(h10P->pixmap_width, 15); + if(h10P->pixmap_width < 0) + pm_error("assert: negative width"); @@ -301,7 +241,7 @@ *padrightP = (((h10P->pixmap_width + 15) / 16) * 16 - h10P->pixmap_width) * 8; *bits_per_itemP = 16; -@@ -608,6 +612,7 @@ +@@ -634,6 +638,7 @@ processX11Header(X11WDFileHeader * cons *colsP = h11FixedP->pixmap_width; *rowsP = h11FixedP->pixmap_height; @@ -309,31 +249,10 @@ *padrightP = h11FixedP->bytes_per_line * 8 - h11FixedP->pixmap_width * h11FixedP->bits_per_pixel; ---- netpbm-10.35.64/converter/pbm/icontopbm.c -+++ netpbm-10.35.64/converter/pbm/icontopbm.c -@@ -11,6 +11,7 @@ - */ - - #include -+#include - - #include "nstring.h" - #include "pbm.h" -@@ -87,6 +88,11 @@ - if ( *heightP <= 0 ) - pm_error( "invalid height (must be positive): %d", *heightP ); - -+ if ( *widthP > INT_MAX - 16 || *widthP < 0) -+ pm_error( "invalid width: %d", *widthP); -+ -+ overflow2(*widthP + 16, *heightP); -+ - data_length = BitmapSize( *widthP, *heightP ); - *dataP = (short unsigned int *) malloc( data_length ); - if ( *dataP == NULL ) ---- netpbm-10.35.64/converter/pbm/mdatopbm.c -+++ netpbm-10.35.64/converter/pbm/mdatopbm.c -@@ -245,10 +245,13 @@ +diff -up netpbm-10.58.01/converter/pbm/mdatopbm.c.security-code netpbm-10.58.01/converter/pbm/mdatopbm.c +--- netpbm-10.58.01/converter/pbm/mdatopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/mdatopbm.c 2012-04-09 15:40:03.192619927 +0200 +@@ -245,10 +245,13 @@ main(int argc, char **argv) { pm_readlittleshort(infile, &yy); nInCols = yy; } @@ -348,73 +267,22 @@ data = pbm_allocarray(nOutCols, nOutRows); ---- netpbm-10.35.64/converter/pbm/mgrtopbm.c -+++ netpbm-10.35.64/converter/pbm/mgrtopbm.c -@@ -70,6 +70,7 @@ +diff -up netpbm-10.58.01/converter/pbm/mgrtopbm.c.security-code netpbm-10.58.01/converter/pbm/mgrtopbm.c +--- netpbm-10.58.01/converter/pbm/mgrtopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/mgrtopbm.c 2012-04-09 15:40:03.193619915 +0200 +@@ -65,6 +65,8 @@ readMgrHeader(FILE * const ifP, + if (head.h_high < ' ' || head.l_high < ' ') + pm_error("Invalid width field in MGR header"); ++ overflow_add(*colsP, pad); ++ *colsP = (((int)head.h_wide - ' ') << 6) + ((int)head.l_wide - ' '); *rowsP = (((int)head.h_high - ' ') << 6) + ((int) head.l_high - ' '); -+ overflow_add(*colsP, pad); *padrightP = ( ( *colsP + pad - 1 ) / pad ) * pad - *colsP; - - *bitsperitemP = 8; ---- netpbm-10.35.64/converter/pbm/pbmto10x.c -+++ netpbm-10.35.64/converter/pbm/pbmto10x.c -@@ -162,7 +162,7 @@ - res_60x72(); - - pm_close(ifp); -- exit(0); -+ return 0; - } - - ---- netpbm-10.35.64/converter/pbm/pbmto4425.c -+++ netpbm-10.35.64/converter/pbm/pbmto4425.c -@@ -2,6 +2,7 @@ - - #include "nstring.h" - #include "pbm.h" -+#include - - static char bit_table[2][3] = { - {1, 4, 0x10}, -@@ -160,7 +161,7 @@ - xres = vmap_width * 2; - yres = vmap_height * 3; - -- vmap = malloc(vmap_width * vmap_height * sizeof(char)); -+ vmap = malloc3(vmap_width, vmap_height, sizeof(char)); - if(vmap == NULL) - { - pm_error( "Cannot allocate memory" ); ---- netpbm-10.35.64/converter/pbm/pbmtoascii.c -+++ netpbm-10.35.64/converter/pbm/pbmtoascii.c -@@ -115,9 +115,11 @@ - pm_usage( usage ); - - pbm_readpbminit( ifp, &cols, &rows, &format ); -+ overflow_add(cols, gridx); - ccols = ( cols + gridx - 1 ) / gridx; - bitrow = pbm_allocrow( cols ); - sig = (int*) pm_allocrow( ccols, sizeof(int) ); -+ overflow_add(ccols, 1); - line = (char*) pm_allocrow( ccols + 1, sizeof(char) ); - - for ( row = 0; row < rows; row += gridy ) ---- netpbm-10.35.64/converter/pbm/pbmtocmuwm.c -+++ netpbm-10.35.64/converter/pbm/pbmtocmuwm.c -@@ -43,6 +43,7 @@ - bitrow = pbm_allocrow( cols ); - - /* Round cols up to the nearest multiple of 8. */ -+ overflow_add(cols, 7); - padright = ( ( cols + 7 ) / 8 ) * 8 - cols; - - putinit( rows, cols ); ---- netpbm-10.35.64/converter/pbm/pbmtogem.c -+++ netpbm-10.35.64/converter/pbm/pbmtogem.c -@@ -123,6 +123,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtogem.c.security-code netpbm-10.58.01/converter/pbm/pbmtogem.c +--- netpbm-10.58.01/converter/pbm/pbmtogem.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtogem.c 2012-04-09 15:40:03.193619915 +0200 +@@ -79,6 +79,7 @@ putinit (int const rows, int const cols) bitsperitem = 0; bitshift = 7; outcol = 0; @@ -422,9 +290,10 @@ outmax = (cols + 7) / 8; outrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char)); lastrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char)); ---- netpbm-10.35.64/converter/pbm/pbmtogo.c -+++ netpbm-10.35.64/converter/pbm/pbmtogo.c -@@ -96,6 +96,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtogo.c.security-code netpbm-10.58.01/converter/pbm/pbmtogo.c +--- netpbm-10.58.01/converter/pbm/pbmtogo.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtogo.c 2012-04-09 15:40:03.193619915 +0200 +@@ -158,6 +158,7 @@ main(int argc, bitrow = pbm_allocrow(cols); /* Round cols up to the nearest multiple of 8. */ @@ -432,19 +301,10 @@ rucols = ( cols + 7 ) / 8; bytesperrow = rucols; /* GraphOn uses bytes */ rucols = rucols * 8; ---- netpbm-10.35.64/converter/pbm/pbmtoicon.c -+++ netpbm-10.35.64/converter/pbm/pbmtoicon.c -@@ -42,6 +42,7 @@ - bitrow = pbm_allocrow( cols ); - - /* Round cols up to the nearest multiple of 16. */ -+ overflow_add(cols, 15); - pad = ( ( cols + 15 ) / 16 ) * 16 - cols; - padleft = pad / 2; - padright = pad - padleft; ---- netpbm-10.35.64/converter/pbm/pbmtolj.c -+++ netpbm-10.35.64/converter/pbm/pbmtolj.c -@@ -119,7 +119,11 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtolj.c.security-code netpbm-10.58.01/converter/pbm/pbmtolj.c +--- netpbm-10.58.01/converter/pbm/pbmtolj.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtolj.c 2012-04-09 15:40:03.194619902 +0200 +@@ -120,7 +120,11 @@ parseCommandLine(int argc, char ** argv, static void allocateBuffers(unsigned int const cols) { @@ -456,9 +316,10 @@ packBufferSize = rowBufferSize + (rowBufferSize + 127) / 128 + 1; deltaBufferSize = rowBufferSize + rowBufferSize / 8 + 10; ---- netpbm-10.35.64/converter/pbm/pbmtomacp.c -+++ netpbm-10.35.64/converter/pbm/pbmtomacp.c -@@ -101,6 +101,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtomacp.c.security-code netpbm-10.58.01/converter/pbm/pbmtomacp.c +--- netpbm-10.58.01/converter/pbm/pbmtomacp.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtomacp.c 2012-04-09 15:40:03.195619889 +0200 +@@ -101,6 +101,7 @@ char *argv[]; if( !lflg ) left = 0; @@ -466,7 +327,7 @@ if( rflg ) { if( right - left >= MAX_COLS ) right = left + MAX_COLS - 1; -@@ -111,6 +112,8 @@ +@@ -111,6 +112,8 @@ char *argv[]; if( !tflg ) top = 0; @@ -475,9 +336,10 @@ if( bflg ) { if( bottom - top >= MAX_LINES ) bottom = top + MAX_LINES - 1; ---- netpbm-10.35.64/converter/pbm/pbmtomda.c -+++ netpbm-10.35.64/converter/pbm/pbmtomda.c -@@ -179,6 +179,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtomda.c.security-code netpbm-10.58.01/converter/pbm/pbmtomda.c +--- netpbm-10.58.01/converter/pbm/pbmtomda.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtomda.c 2012-04-09 15:40:03.195619889 +0200 +@@ -179,6 +179,7 @@ int main(int argc, char **argv) nOutRowsUnrounded = bScale ? nInRows/2 : nInRows; @@ -485,19 +347,10 @@ nOutRows = ((nOutRowsUnrounded + 3) / 4) * 4; /* MDA wants rows a multiple of 4 */ nOutCols = nInCols / 8; ---- netpbm-10.35.64/converter/pbm/pbmtomgr.c -+++ netpbm-10.35.64/converter/pbm/pbmtomgr.c -@@ -43,6 +43,7 @@ - bitrow = pbm_allocrow( cols ); - - /* Round cols up to the nearest multiple of 8. */ -+ overflow_add(cols, 7); - padright = ( ( cols + 7 ) / 8 ) * 8 - cols; - - putinit( rows, cols ); ---- netpbm-10.35.64/converter/pbm/pbmtoppa/pbm.c -+++ netpbm-10.35.64/converter/pbm/pbmtoppa/pbm.c -@@ -105,6 +105,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c +--- netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c 2012-04-09 15:40:03.195619889 +0200 +@@ -105,6 +105,7 @@ int pbm_readline(pbm_stat* pbm,unsigned return 0; case P4: @@ -505,7 +358,7 @@ tmp=(pbm->width+7)/8; tmp2=fread(data,1,tmp,pbm->fptr); if(tmp2 == tmp) -@@ -129,7 +130,8 @@ +@@ -129,7 +130,8 @@ void pbm_unreadline (pbm_stat *pbm, void return; pbm->unread = 1; @@ -515,9 +368,10 @@ memcpy (pbm->revdata, data, (pbm->width+7)/8); pbm->current_line--; } ---- netpbm-10.35.64/converter/pbm/pbmtoppa/pbmtoppa.c -+++ netpbm-10.35.64/converter/pbm/pbmtoppa/pbmtoppa.c -@@ -441,6 +441,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c.security-code netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c +--- netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c 2012-04-09 15:40:03.196619876 +0200 +@@ -441,6 +441,7 @@ main(int argc, char *argv[]) { pm_error("main(): unrecognized parameter '%s'", argv[argn]); } @@ -525,39 +379,33 @@ Pwidth=(Width+7)/8; printer.fptr=out; ---- netpbm-10.35.64/converter/pbm/pbmtox10bm.c -+++ netpbm-10.35.64/converter/pbm/pbmtox10bm.c -@@ -57,6 +57,7 @@ - bitrow = pbm_allocrow( cols ); +diff -up netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoxbm.c +--- netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtoxbm.c 2012-04-09 15:40:03.196619876 +0200 +@@ -335,6 +335,8 @@ convertRaster(FILE * const ifP, - /* Compute padding to round cols up to the nearest multiple of 16. */ -+ overflow_add(cols, 15); - padright = ( ( cols + 15 ) / 16 ) * 16 - cols; + unsigned char * bitrow; + unsigned int row; ++ ++ overflow_add(cols, padright); - printf( "#define %s_width %d\n", name, cols ); ---- netpbm-10.35.64/converter/pbm/pbmtoxbm.c -+++ netpbm-10.35.64/converter/pbm/pbmtoxbm.c -@@ -100,6 +100,7 @@ + putinit(xbmVersion); + +diff -up netpbm-10.58.01/converter/pbm/pbmtoybm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoybm.c +--- netpbm-10.58.01/converter/pbm/pbmtoybm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtoybm.c 2012-04-09 15:40:03.197619863 +0200 +@@ -113,6 +113,7 @@ main(int argc, const char *argv[]) { bitrow = pbm_allocrow(cols); - /* Compute padding to round cols up to the nearest multiple of 8. */ -+ overflow_add(cols, 8); - padright = ((cols + 7)/8) * 8 - cols; - - printf("#define %s_width %d\n", name, cols); ---- netpbm-10.35.64/converter/pbm/pbmtoybm.c -+++ netpbm-10.35.64/converter/pbm/pbmtoybm.c -@@ -45,6 +45,7 @@ - bitrow = pbm_allocrow( cols ); - /* Compute padding to round cols up to the nearest multiple of 16. */ + overflow_add(cols, 16); - padright = ( ( cols + 15 ) / 16 ) * 16 - cols; + padright = ((cols + 15) / 16) * 16 - cols; - putinit( cols, rows ); ---- netpbm-10.35.64/converter/pbm/pbmtozinc.c -+++ netpbm-10.35.64/converter/pbm/pbmtozinc.c -@@ -65,6 +65,7 @@ + putinit(cols, rows); +diff -up netpbm-10.58.01/converter/pbm/pbmtozinc.c.security-code netpbm-10.58.01/converter/pbm/pbmtozinc.c +--- netpbm-10.58.01/converter/pbm/pbmtozinc.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmtozinc.c 2012-04-09 15:40:03.197619863 +0200 +@@ -65,6 +65,7 @@ main(int argc, char * argv[]) { bitrow = pbm_allocrow( cols ); /* Compute padding to round cols up to the nearest multiple of 16. */ @@ -565,9 +413,42 @@ padright = ( ( cols + 15 ) / 16 ) * 16 - cols; printf( "USHORT %s[] = {\n",name); ---- netpbm-10.35.64/converter/pbm/pktopbm.c -+++ netpbm-10.35.64/converter/pbm/pktopbm.c -@@ -277,6 +277,7 @@ +diff -up netpbm-10.58.01/converter/pbm/pbmto10x.c.security-code netpbm-10.58.01/converter/pbm/pbmto10x.c +--- netpbm-10.58.01/converter/pbm/pbmto10x.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmto10x.c 2012-04-09 15:40:03.197619863 +0200 +@@ -162,7 +162,7 @@ main(int argc, char * argv[]) { + res_60x72(); + + pm_close(ifp); +- exit(0); ++ return 0; + } + + +diff -up netpbm-10.58.01/converter/pbm/pbmto4425.c.security-code netpbm-10.58.01/converter/pbm/pbmto4425.c +--- netpbm-10.58.01/converter/pbm/pbmto4425.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pbmto4425.c 2012-04-09 15:40:03.198619851 +0200 +@@ -2,6 +2,7 @@ + + #include "nstring.h" + #include "pbm.h" ++#include + + static char bit_table[2][3] = { + {1, 4, 0x10}, +@@ -160,7 +161,7 @@ main(int argc, char * argv[]) { + xres = vmap_width * 2; + yres = vmap_height * 3; + +- vmap = malloc(vmap_width * vmap_height * sizeof(char)); ++ vmap = malloc3(vmap_width, vmap_height, sizeof(char)); + if(vmap == NULL) + { + pm_error( "Cannot allocate memory" ); +diff -up netpbm-10.58.01/converter/pbm/pktopbm.c.security-code netpbm-10.58.01/converter/pbm/pktopbm.c +--- netpbm-10.58.01/converter/pbm/pktopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/pktopbm.c 2012-04-09 15:40:03.198619851 +0200 +@@ -277,6 +277,7 @@ main(int argc, char *argv[]) { if (flagbyte == 7) { /* long form preamble */ integer packetlength = get32() ; /* character packet length */ car = get32() ; /* character number */ @@ -575,9 +456,10 @@ endofpacket = packetlength + pktopbm_pkloc; /* calculate end of packet */ if ((car >= MAXPKCHAR) || !filename[car]) { ---- netpbm-10.35.64/converter/pbm/thinkjettopbm.l -+++ netpbm-10.35.64/converter/pbm/thinkjettopbm.l -@@ -106,7 +106,9 @@ +diff -up netpbm-10.58.01/converter/pbm/thinkjettopbm.l.security-code netpbm-10.58.01/converter/pbm/thinkjettopbm.l +--- netpbm-10.58.01/converter/pbm/thinkjettopbm.l.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/thinkjettopbm.l 2012-04-09 15:40:03.199619839 +0200 +@@ -114,7 +114,9 @@ DIG [0-9] \033\*b{DIG}+W { int l; if (rowCount >= rowCapacity) { @@ -587,7 +469,7 @@ rows = realloc (rows, rowCapacity * sizeof *rows); if (rows == NULL) pm_error ("Out of memory."); -@@ -216,6 +218,8 @@ +@@ -226,6 +228,8 @@ yywrap (void) /* * Quite simple since ThinkJet bit arrangement matches PBM */ @@ -596,19 +478,21 @@ pbm_writepbminit(stdout, maxRowLength*8, rowCount, 0); packed_bitrow = malloc(maxRowLength); ---- netpbm-10.35.64/converter/pbm/ybmtopbm.c -+++ netpbm-10.35.64/converter/pbm/ybmtopbm.c -@@ -88,6 +88,7 @@ - pm_error( "EOF / read error" ); +diff -up netpbm-10.58.01/converter/pbm/ybmtopbm.c.security-code netpbm-10.58.01/converter/pbm/ybmtopbm.c +--- netpbm-10.58.01/converter/pbm/ybmtopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/converter/pbm/ybmtopbm.c 2012-04-09 15:40:03.199619839 +0200 +@@ -49,6 +49,7 @@ getinit(FILE * const ifP, + pm_error("EOF / read error"); *depthP = 1; + overflow_add(*colsP, 15); - *padrightP = ( ( *colsP + 15 ) / 16 ) * 16 - *colsP; - bitsperitem = 0; - } ---- netpbm-10.35.64/converter/pgm/lispmtopgm.c -+++ netpbm-10.35.64/converter/pgm/lispmtopgm.c -@@ -58,6 +58,7 @@ + *padrightP = ((*colsP + 15) / 16) * 16 - *colsP; + } + +diff -up netpbm-10.58.01/converter/pgm/lispmtopgm.c.security-code netpbm-10.58.01/converter/pgm/lispmtopgm.c +--- netpbm-10.58.01/converter/pgm/lispmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/pgm/lispmtopgm.c 2012-04-09 15:40:03.199619839 +0200 +@@ -58,6 +58,7 @@ main( argc, argv ) pm_error( "depth (%d bits) is too large", depth); pgm_writepgminit( stdout, cols, rows, (gray) maxval, 0 ); @@ -616,7 +500,7 @@ grayrow = pgm_allocrow( ( cols + 7 ) / 8 * 8 ); for ( row = 0; row < rows; ++row ) -@@ -102,7 +103,9 @@ +@@ -102,7 +103,9 @@ getinit( file, colsP, rowsP, depthP, pad if ( *depthP == 0 ) *depthP = 1; /* very old file */ @@ -627,9 +511,10 @@ *padrightP = ( ( *colsP + 31 ) / 32 ) * 32 - *colsP; if ( *colsP != (cols_32 - *padrightP) ) { ---- netpbm-10.35.64/converter/pgm/psidtopgm.c -+++ netpbm-10.35.64/converter/pgm/psidtopgm.c -@@ -78,6 +78,7 @@ +diff -up netpbm-10.58.01/converter/pgm/psidtopgm.c.security-code netpbm-10.58.01/converter/pgm/psidtopgm.c +--- netpbm-10.58.01/converter/pgm/psidtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/pgm/psidtopgm.c 2012-04-09 15:40:03.200619827 +0200 +@@ -78,6 +78,7 @@ main(int argc, pm_error("bits/sample (%d) is too large.", bitspersample); pgm_writepgminit(stdout, cols, rows, maxval, 0); @@ -637,20 +522,10 @@ grayrow = pgm_allocrow((cols + 7) / 8 * 8); for (row = 0; row < rows; ++row) { unsigned int col; ---- netpbm-10.35.64/converter/ppm/Makefile -+++ netpbm-10.35.64/converter/ppm/Makefile -@@ -11,7 +11,7 @@ - - PORTBINARIES = 411toppm eyuvtoppm gouldtoppm ilbmtoppm imgtoppm \ - leaftoppm mtvtoppm neotoppm \ -- pcxtoppm pc1toppm pi1toppm picttoppm pjtoppm \ -+ pcxtoppm pc1toppm pi1toppm pjtoppm \ - ppmtoacad ppmtoarbtxt \ - ppmtobmp ppmtoeyuv ppmtogif ppmtoicr ppmtoilbm \ - ppmtoleaf ppmtolj ppmtomitsu ppmtoneo \ ---- netpbm-10.35.64/converter/ppm/ilbmtoppm.c -+++ netpbm-10.35.64/converter/ppm/ilbmtoppm.c -@@ -595,6 +595,7 @@ +diff -up netpbm-10.58.01/converter/ppm/ilbmtoppm.c.security-code netpbm-10.58.01/converter/ppm/ilbmtoppm.c +--- netpbm-10.58.01/converter/ppm/ilbmtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ilbmtoppm.c 2012-04-09 15:40:03.201619815 +0200 +@@ -592,6 +592,7 @@ decode_row(FILE * const ifP, rawtype *chp; cols = bmhdP->w; @@ -658,7 +533,7 @@ bytes = RowBytes(cols); for( plane = 0; plane < nPlanes; plane++ ) { int mask; -@@ -682,6 +683,23 @@ +@@ -679,6 +680,23 @@ decode_mask(FILE * const ifP, Multipalette handling ****************************************************************************/ @@ -682,7 +557,7 @@ static void multi_adjust(cmap, row, palchange) -@@ -1294,6 +1312,9 @@ +@@ -1341,6 +1359,9 @@ dcol_to_ppm(FILE * const ifP, if( redmaxval != maxval || greenmaxval != maxval || bluemaxval != maxval ) pm_message("scaling colors to %d bits", pm_maxvaltobits(maxval)); @@ -692,7 +567,7 @@ MALLOCARRAY_NOFAIL(redtable, redmaxval +1); MALLOCARRAY_NOFAIL(greentable, greenmaxval +1); MALLOCARRAY_NOFAIL(bluetable, bluemaxval +1); -@@ -1725,7 +1746,9 @@ +@@ -1763,7 +1784,9 @@ PCHG_ConvertSmall(PCHG, cmap, mask, data ChangeCount32 = *data++; datasize -= 2; @@ -702,15 +577,7 @@ for( i = 0; i < changes; i++ ) { if( totalchanges >= PCHG->TotalChanges ) goto fail; if( datasize < 2 ) goto fail; -@@ -1852,6 +1875,7 @@ - if( datasize < 2 ) goto fail; - changes = BIG_WORD(data); data += 2; datasize -= 2; - -+ overflow_add(changes, 1); - MALLOCARRAY_NOFAIL(cmap->mp_change[row], changes + 1); - for( i = 0; i < changes; i++ ) { - if( totalchanges >= PCHG->TotalChanges ) goto fail; -@@ -1965,6 +1989,9 @@ +@@ -2028,6 +2051,9 @@ read_pchg(FILE * const ifp, cmap->mp_change[i] = NULL; if( PCHG.StartLine < 0 ) { int nch; @@ -720,7 +587,7 @@ nch = PCHG.MaxReg - PCHG.MinReg +1; MALLOCARRAY_NOFAIL(cmap->mp_init, nch + 1); for( i = 0; i < nch; i++ ) -@@ -2041,6 +2068,7 @@ +@@ -2104,6 +2130,7 @@ process_body( FILE * const ifp, if( typeid == ID_ILBM ) { int isdeep; @@ -728,9 +595,10 @@ MALLOCARRAY_NOFAIL(ilbmrow, RowBytes(bmhdP->w)); *viewportmodesP |= fakeviewport; /* -isham/-isehb */ ---- netpbm-10.35.64/converter/ppm/imgtoppm.c -+++ netpbm-10.35.64/converter/ppm/imgtoppm.c -@@ -84,6 +84,7 @@ +diff -up netpbm-10.58.01/converter/ppm/imgtoppm.c.security-code netpbm-10.58.01/converter/ppm/imgtoppm.c +--- netpbm-10.58.01/converter/ppm/imgtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/imgtoppm.c 2012-04-09 15:40:03.202619802 +0200 +@@ -84,6 +84,7 @@ main(int argc, char ** argv) { len = atoi((char*) buf ); if ( fread( buf, len, 1, ifp ) != 1 ) pm_error( "bad colormap buf" ); @@ -738,7 +606,7 @@ if ( cmaplen * 3 != len ) { pm_message( -@@ -105,6 +106,7 @@ +@@ -105,6 +106,7 @@ main(int argc, char ** argv) { pm_error( "bad pixel data header" ); buf[8] = '\0'; len = atoi((char*) buf ); @@ -746,9 +614,22 @@ if ( len != cols * rows ) pm_message( "pixel data length (%d) does not match image size (%d)", ---- netpbm-10.35.64/converter/ppm/pcxtoppm.c -+++ netpbm-10.35.64/converter/ppm/pcxtoppm.c -@@ -408,6 +408,7 @@ +diff -up netpbm-10.58.01/converter/ppm/Makefile.security-code netpbm-10.58.01/converter/ppm/Makefile +--- netpbm-10.58.01/converter/ppm/Makefile.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/Makefile 2012-04-09 15:40:03.202619802 +0200 +@@ -11,7 +11,7 @@ SUBDIRS = hpcdtoppm ppmtompeg + + PORTBINARIES = 411toppm eyuvtoppm gouldtoppm ilbmtoppm imgtoppm \ + leaftoppm mtvtoppm neotoppm \ +- pcxtoppm pc1toppm pi1toppm picttoppm pjtoppm \ ++ pcxtoppm pc1toppm pi1toppm pjtoppm \ + ppmtoacad ppmtoapplevol ppmtoarbtxt ppmtoascii \ + ppmtobmp ppmtoeyuv ppmtogif ppmtoicr ppmtoilbm \ + ppmtoleaf ppmtolj ppmtomitsu ppmtoneo \ +diff -up netpbm-10.58.01/converter/ppm/pcxtoppm.c.security-code netpbm-10.58.01/converter/ppm/pcxtoppm.c +--- netpbm-10.58.01/converter/ppm/pcxtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/pcxtoppm.c 2012-04-09 15:40:03.203619789 +0200 +@@ -409,6 +409,7 @@ pcx_planes_to_pixels(pixels, bitplanes, /* * clear the pixel buffer */ @@ -756,7 +637,7 @@ npixels = (bytesperline * 8) / bitsperpixel; p = pixels; while (--npixels >= 0) -@@ -469,6 +470,7 @@ +@@ -470,6 +471,7 @@ pcx_16col_to_ppm(FILE * const ifP, } /* BytesPerLine should be >= BitsPerPixel * cols / 8 */ @@ -764,17 +645,19 @@ rawcols = BytesPerLine * 8 / BitsPerPixel; if (headerCols > rawcols) { pm_message("warning - BytesPerLine = %d, " ---- netpbm-10.35.64/converter/ppm/picttoppm.c -+++ netpbm-10.35.64/converter/ppm/picttoppm.c +diff -up netpbm-10.58.01/converter/ppm/picttoppm.c.security-code netpbm-10.58.01/converter/ppm/picttoppm.c +--- netpbm-10.58.01/converter/ppm/picttoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/picttoppm.c 2012-04-09 15:40:03.205619763 +0200 @@ -1,3 +1,5 @@ +#error "Unfixable. Don't ship me" + /* * picttoppm.c -- convert a MacIntosh PICT file to PPM format. * ---- netpbm-10.35.64/converter/ppm/pjtoppm.c -+++ netpbm-10.35.64/converter/ppm/pjtoppm.c -@@ -127,19 +127,21 @@ +diff -up netpbm-10.58.01/converter/ppm/pjtoppm.c.security-code netpbm-10.58.01/converter/ppm/pjtoppm.c +--- netpbm-10.58.01/converter/ppm/pjtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/pjtoppm.c 2012-04-09 15:40:03.206619751 +0200 +@@ -127,19 +127,21 @@ main(argc, argv) case 'V': /* send plane */ case 'W': /* send last plane */ if (rows == -1 || r >= rows || image == NULL) { @@ -803,7 +686,7 @@ } } if (image == NULL || imlen == NULL) -@@ -212,8 +214,10 @@ +@@ -212,8 +214,10 @@ main(argc, argv) for (i = 0, c = 0; c < imlen[p + r * planes]; c += 2) for (cmd = image[p + r * planes][c], val = image[p + r * planes][c+1]; @@ -815,7 +698,7 @@ cols = cols > i ? cols : i; free(image[p + r * planes]); /* -@@ -224,6 +228,7 @@ +@@ -224,6 +228,7 @@ main(argc, argv) image[p + r * planes] = (unsigned char *) realloc(buf, i); } } @@ -823,9 +706,10 @@ cols *= 8; } ---- netpbm-10.35.64/converter/ppm/ppmtoeyuv.c -+++ netpbm-10.35.64/converter/ppm/ppmtoeyuv.c -@@ -114,6 +114,7 @@ +diff -up netpbm-10.58.01/converter/ppm/ppmtoeyuv.c.security-code netpbm-10.58.01/converter/ppm/ppmtoeyuv.c +--- netpbm-10.58.01/converter/ppm/ppmtoeyuv.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ppmtoeyuv.c 2012-04-09 15:40:03.206619751 +0200 +@@ -114,6 +114,7 @@ create_multiplication_tables(const pixva int index; @@ -833,9 +717,10 @@ MALLOCARRAY_NOFAIL(mult299 , maxval+1); MALLOCARRAY_NOFAIL(mult587 , maxval+1); MALLOCARRAY_NOFAIL(mult114 , maxval+1); ---- netpbm-10.35.64/converter/ppm/ppmtoicr.c -+++ netpbm-10.35.64/converter/ppm/ppmtoicr.c -@@ -169,7 +169,7 @@ +diff -up netpbm-10.58.01/converter/ppm/ppmtoicr.c.security-code netpbm-10.58.01/converter/ppm/ppmtoicr.c +--- netpbm-10.58.01/converter/ppm/ppmtoicr.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ppmtoicr.c 2012-04-09 15:40:03.207619739 +0200 +@@ -169,7 +169,7 @@ char* argv[]; if (rleflag) { pm_message("sending run-length encoded picture data ..." ); @@ -844,9 +729,10 @@ p = testimage; for (i=0; i PCL_MAXVAL) - pm_error("color range too large; reduce with ppmcscale"); -+ if (cols < 0 || rows < 0) -+ pm_error("negative size is not possible"); +diff -up netpbm-10.58.01/converter/ppm/ppmtopjxl.c.security-code netpbm-10.58.01/converter/ppm/ppmtopjxl.c +--- netpbm-10.58.01/converter/ppm/ppmtopjxl.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ppmtopjxl.c 2012-04-09 15:40:03.212619677 +0200 +@@ -276,6 +276,8 @@ main(int argc, const char * argv[]) { + pm_error("image too large; reduce with ppmscale"); + if (maxval > PCL_MAXVAL) + pm_error("color range too large; reduce with ppmcscale"); ++ if (cols < 0 || rows < 0) ++ pm_error("negative size is not possible"); - /* Figure out the colormap. */ - fprintf( stderr, "(Computing colormap..." ); fflush( stderr ); -@@ -294,6 +296,8 @@ - case 0: /* direct mode (no palette) */ - bpp = bitsperpixel(maxval); /* bits per pixel */ - bpg = bpp; bpb = bpp; -+ overflow2(bpp, 3); -+ overflow_add(bpp*3, 7); - bpp = (bpp*3+7)>>3; /* bytes per pixel now */ - bpr = (bpp<<3)-bpg-bpb; - bpp *= cols; /* bytes per row now */ -@@ -303,9 +307,13 @@ - case 3: case 7: pclindex++; - default: - bpp = 8/pclindex; -+ overflow_add(cols, bpp); -+ if(bpp == 0) + /* Figure out the colormap. */ + pm_message("Computing colormap..."); +@@ -296,6 +298,8 @@ main(int argc, const char * argv[]) { + case 0: /* direct mode (no palette) */ + bpp = bitsperpixel(maxval); /* bits per pixel */ + bpg = bpp; bpb = bpp; ++ overflow2(bpp, 3); ++ overflow_add(bpp*3, 7); + bpp = (bpp*3+7)>>3; /* bytes per pixel now */ + bpr = (bpp<<3)-bpg-bpb; + bpp *= cols; /* bytes per row now */ +@@ -305,9 +309,13 @@ main(int argc, const char * argv[]) { + case 3: case 7: pclindex++; + default: + bpp = 8/pclindex; ++ overflow_add(cols, bpp); ++ if(bpp == 0) + pm_error("assert: no bpp"); - bpp = (cols+bpp-1)/bpp; /* bytes per row */ - } - -+ overflow2(bpp,2); - if ((inrow = (char *)malloc((unsigned)bpp)) == NULL || - (outrow = (char *)malloc((unsigned)bpp*2)) == NULL || - (runcnt = (signed char *)malloc((unsigned)bpp)) == NULL) ---- netpbm-10.35.64/converter/ppm/ppmtowinicon.c -+++ netpbm-10.35.64/converter/ppm/ppmtowinicon.c + bpp = (cols+bpp-1)/bpp; /* bytes per row */ + } + } ++ overflow2(bpp,2); + inrow = (char *)malloc((unsigned)bpp); + outrow = (char *)malloc((unsigned)bpp*2); + runcnt = (signed char *)malloc((unsigned)bpp); +diff -up netpbm-10.58.01/converter/ppm/ppmtowinicon.c.security-code netpbm-10.58.01/converter/ppm/ppmtowinicon.c +--- netpbm-10.58.01/converter/ppm/ppmtowinicon.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ppmtowinicon.c 2012-04-09 15:40:03.213619664 +0200 @@ -12,6 +12,7 @@ #include #include +#include + #include "pm_c_util.h" #include "winico.h" - #include "ppm.h" -@@ -218,6 +219,7 @@ +@@ -219,6 +220,7 @@ createAndBitmap (gray ** const ba, int c MALLOCARRAY_NOFAIL(rowData, rows); icBitmap->xBytes = xBytes; icBitmap->data = rowData; @@ -990,7 +883,7 @@ icBitmap->size = xBytes * rows; for (y=0;yxBytes = xBytes; icBitmap->data = rowData; @@ -998,7 +891,7 @@ icBitmap->size = xBytes * rows; for (y=0;yxBytes = xBytes; icBitmap->data = rowData; @@ -1006,7 +899,7 @@ icBitmap->size = xBytes * rows; for (y=0;ybitcount = bpp; entry->ih = createInfoHeader(entry, xorBitmap, andBitmap); entry->colors = palette->colors; @@ -1017,9 +910,10 @@ entry->size_in_bytes = xorBitmap->size + andBitmap->size + 40 + (4 * entry->color_count); if (verbose) ---- netpbm-10.35.64/converter/ppm/ppmtoxpm.c -+++ netpbm-10.35.64/converter/ppm/ppmtoxpm.c -@@ -195,6 +195,7 @@ +diff -up netpbm-10.58.01/converter/ppm/ppmtoxpm.c.security-code netpbm-10.58.01/converter/ppm/ppmtoxpm.c +--- netpbm-10.58.01/converter/ppm/ppmtoxpm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ppmtoxpm.c 2012-04-09 15:40:03.214619651 +0200 +@@ -197,6 +197,7 @@ genNumstr(unsigned int const input, int unsigned int i; /* Allocate memory for printed number. Abort if error. */ @@ -1027,7 +921,7 @@ if (!(str = (char *) malloc(digits + 1))) pm_error("out of memory"); -@@ -312,6 +313,7 @@ +@@ -314,6 +315,7 @@ genCmap(colorhist_vector const chv, unsigned int charsPerPixel; unsigned int xpmMaxval; @@ -1035,9 +929,10 @@ MALLOCARRAY(cmap, cmapSize); if (cmapP == NULL) pm_error("Out of memory allocating %u bytes for a color map.", ---- netpbm-10.35.64/converter/ppm/qrttoppm.c -+++ netpbm-10.35.64/converter/ppm/qrttoppm.c -@@ -46,7 +46,7 @@ +diff -up netpbm-10.58.01/converter/ppm/qrttoppm.c.security-code netpbm-10.58.01/converter/ppm/qrttoppm.c +--- netpbm-10.58.01/converter/ppm/qrttoppm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/qrttoppm.c 2012-04-09 15:40:03.215619638 +0200 +@@ -46,7 +46,7 @@ main( argc, argv ) ppm_writeppminit( stdout, cols, rows, maxval, 0 ); pixelrow = ppm_allocrow( cols ); @@ -1046,22 +941,22 @@ if ( buf == (unsigned char *) 0 ) pm_error( "out of memory" ); ---- netpbm-10.35.64/converter/ppm/sldtoppm.c -+++ netpbm-10.35.64/converter/ppm/sldtoppm.c -@@ -306,7 +306,9 @@ - } - +diff -up netpbm-10.58.01/converter/ppm/sldtoppm.c.security-code netpbm-10.58.01/converter/ppm/sldtoppm.c +--- netpbm-10.58.01/converter/ppm/sldtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/sldtoppm.c 2012-04-09 15:40:03.216619626 +0200 +@@ -455,6 +455,8 @@ slider(slvecfn slvec, + /* Allocate image buffer and clear it to black. */ -- -+ + + overflow_add(ixdots,1); + overflow_add(iydots,1); pixels = ppm_allocarray(pixcols = ixdots + 1, pixrows = iydots + 1); PPM_ASSIGN(rgbcolor, 0, 0, 0); ppmd_filledrectangle(pixels, pixcols, pixrows, pixmaxval, 0, 0, ---- netpbm-10.35.64/converter/ppm/ximtoppm.c -+++ netpbm-10.35.64/converter/ppm/ximtoppm.c -@@ -115,6 +115,7 @@ +diff -up netpbm-10.58.01/converter/ppm/ximtoppm.c.security-code netpbm-10.58.01/converter/ppm/ximtoppm.c +--- netpbm-10.58.01/converter/ppm/ximtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/ximtoppm.c 2012-04-09 15:40:03.216619626 +0200 +@@ -117,6 +117,7 @@ ReadXimHeader(FILE * const in_fp, header->bits_channel = atoi(a_head.bits_per_channel); header->alpha_flag = atoi(a_head.alpha_channel); if (strlen(a_head.author)) { @@ -1069,7 +964,7 @@ if (!(header->author = calloc((unsigned int)strlen(a_head.author)+1, 1))) { pm_message("ReadXimHeader: can't calloc author string" ); -@@ -124,6 +125,7 @@ +@@ -126,6 +127,7 @@ ReadXimHeader(FILE * const in_fp, strncpy(header->author, a_head.author, strlen(a_head.author)); } if (strlen(a_head.date)) { @@ -1077,7 +972,7 @@ if (!(header->date =calloc((unsigned int)strlen(a_head.date)+1,1))){ pm_message("ReadXimHeader: can't calloc date string" ); return(0); -@@ -132,6 +134,7 @@ +@@ -134,6 +136,7 @@ ReadXimHeader(FILE * const in_fp, strncpy(header->date, a_head.date, strlen(a_head.date)); } if (strlen(a_head.program)) { @@ -1085,7 +980,7 @@ if (!(header->program = calloc( (unsigned int)strlen(a_head.program) + 1, 1))) { pm_message("ReadXimHeader: can't calloc program string" ); -@@ -158,6 +161,7 @@ +@@ -160,6 +163,7 @@ ReadXimHeader(FILE * const in_fp, if (header->nchannels == 3 && header->bits_channel == 8) header->ncolors = 0; else if (header->nchannels == 1 && header->bits_channel == 8) { @@ -1093,19 +988,21 @@ header->colors = (Color *)calloc((unsigned int)header->ncolors, sizeof(Color)); if (header->colors == NULL) { ---- netpbm-10.35.64/converter/ppm/xpmtoppm.c -+++ netpbm-10.35.64/converter/ppm/xpmtoppm.c -@@ -700,6 +700,7 @@ - &ncolors, colorsP, &ptab); - *transparentP = -1; /* No transparency in version 1 */ +diff -up netpbm-10.58.01/converter/ppm/xpmtoppm.c.security-code netpbm-10.58.01/converter/ppm/xpmtoppm.c +--- netpbm-10.58.01/converter/ppm/xpmtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/xpmtoppm.c 2012-04-09 15:41:54.193232227 +0200 +@@ -851,6 +851,7 @@ readXpmFile(FILE * const ifP + &nColors, colorsP, &ptab); + transparentP->none = true; /* No transparency in version 1 */ } + overflow2(*widthP, *heightP); - totalpixels = *widthP * *heightP; - MALLOCARRAY(*dataP, totalpixels); - if (*dataP == NULL) ---- netpbm-10.35.64/converter/ppm/yuvtoppm.c -+++ netpbm-10.35.64/converter/ppm/yuvtoppm.c -@@ -72,6 +72,7 @@ + totalpixels = width * height; + MALLOCARRAY(data, totalpixels); + if (!data) +diff -up netpbm-10.58.01/converter/ppm/yuvtoppm.c.security-code netpbm-10.58.01/converter/ppm/yuvtoppm.c +--- netpbm-10.58.01/converter/ppm/yuvtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ netpbm-10.58.01/converter/ppm/yuvtoppm.c 2012-04-09 15:40:03.218619602 +0200 +@@ -72,6 +72,7 @@ main(argc, argv) ppm_writeppminit(stdout, cols, rows, (pixval) 255, 0); pixrow = ppm_allocrow(cols); @@ -1113,60 +1010,33 @@ MALLOCARRAY(yuvbuf, (cols+1)/2); if (yuvbuf == NULL) pm_error("Unable to allocate YUV buffer for %d columns.", cols); ---- netpbm-10.35.64/editor/pamcut.c -+++ netpbm-10.35.64/editor/pamcut.c -@@ -527,6 +527,8 @@ - outpam.width = rightcol-leftcol+1; - outpam.height = bottomrow-toprow+1; +diff -up netpbm-10.58.01/editor/pamcut.c.security-code netpbm-10.58.01/editor/pamcut.c +--- netpbm-10.58.01/editor/pamcut.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/pamcut.c 2012-04-09 15:40:03.218619602 +0200 +@@ -655,6 +655,8 @@ cutOneImage(FILE * const ifP + outpam = inpam; /* Initial value -- most fields should be same */ + outpam.file = ofP; + overflow_add(rightcol, 1); -+ overflow_add(toprow, 1); - pnm_writepaminit(&outpam); ++ overflow_add(bottomrow, 1); + outpam.width = rightcol - leftcol + 1; + outpam.height = bottomrow - toprow + 1; - /* Write out top padding */ ---- netpbm-10.35.64/editor/pamoil.c -+++ netpbm-10.35.64/editor/pamoil.c -@@ -112,6 +112,7 @@ - tuples = pnm_readpam(ifp, &inpam, PAM_STRUCT_SIZE(tuple_type)); - pm_close(ifp); - -+ overflow_add(inpam.maxval, 1); - MALLOCARRAY(hist, inpam.maxval + 1); - if (hist == NULL) - pm_error("Unable to allocate memory for histogram."); ---- netpbm-10.35.64/editor/pbmpscale.c -+++ netpbm-10.35.64/editor/pbmpscale.c -@@ -109,6 +109,7 @@ - inrow[0] = inrow[1] = inrow[2] = NULL; - pbm_readpbminit(ifd, &columns, &rows, &format) ; - -+ overflow2(columns, scale); - outrow = pbm_allocrow(columns*scale) ; - MALLOCARRAY(flags, columns); - if (flags == NULL) ---- netpbm-10.35.64/editor/pbmreduce.c -+++ netpbm-10.35.64/editor/pbmreduce.c -@@ -93,6 +93,7 @@ - - if ( halftone == QT_FS ) { +diff -up netpbm-10.58.01/editor/pbmreduce.c.security-code netpbm-10.58.01/editor/pbmreduce.c +--- netpbm-10.58.01/editor/pbmreduce.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/pbmreduce.c 2012-04-09 15:40:03.219619590 +0200 +@@ -94,6 +94,7 @@ main( argc, argv ) + if (halftone == QT_FS) { + unsigned int col; /* Initialize Floyd-Steinberg. */ + overflow_add(newcols, 2); MALLOCARRAY(thiserr, newcols + 2); MALLOCARRAY(nexterr, newcols + 2); - if ( thiserr == NULL || nexterr == NULL ) ---- netpbm-10.35.64/editor/pnmcut.c -+++ netpbm-10.35.64/editor/pnmcut.c -@@ -373,6 +373,7 @@ - toprow, leftcol, bottomrow, rightcol); - } - -+ overflow_add(rightcol, 1); - output_cols = rightcol-leftcol+1; - output_row = pnm_allocrow(output_cols); - ---- netpbm-10.35.64/editor/pnmgamma.c -+++ netpbm-10.35.64/editor/pnmgamma.c -@@ -586,6 +586,7 @@ + if (thiserr == NULL || nexterr == NULL) +diff -up netpbm-10.58.01/editor/pnmgamma.c.security-code netpbm-10.58.01/editor/pnmgamma.c +--- netpbm-10.58.01/editor/pnmgamma.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmgamma.c 2012-04-09 15:40:03.220619577 +0200 +@@ -586,6 +586,7 @@ createGammaTables(enum transferFunction xelval ** const btableP) { /* Allocate space for the tables. */ @@ -1174,9 +1044,10 @@ MALLOCARRAY(*rtableP, maxval+1); MALLOCARRAY(*gtableP, maxval+1); MALLOCARRAY(*btableP, maxval+1); ---- netpbm-10.35.64/editor/pnmhisteq.c -+++ netpbm-10.35.64/editor/pnmhisteq.c -@@ -102,6 +102,7 @@ +diff -up netpbm-10.58.01/editor/pnmhisteq.c.security-code netpbm-10.58.01/editor/pnmhisteq.c +--- netpbm-10.58.01/editor/pnmhisteq.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmhisteq.c 2012-04-09 15:40:03.220619577 +0200 +@@ -103,6 +103,7 @@ computeLuminosityHistogram(xel * const * unsigned int pixelCount; unsigned int * lumahist; @@ -1184,8 +1055,9 @@ MALLOCARRAY(lumahist, maxval + 1); if (lumahist == NULL) pm_error("Out of storage allocating array for %u histogram elements", ---- netpbm-10.35.64/editor/pnmindex.csh -+++ netpbm-10.35.64/editor/pnmindex.csh +diff -up netpbm-10.58.01/editor/pnmindex.csh.security-code netpbm-10.58.01/editor/pnmindex.csh +--- netpbm-10.58.01/editor/pnmindex.csh.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmindex.csh 2012-04-09 15:40:03.221619564 +0200 @@ -1,5 +1,8 @@ #!/bin/csh -f # @@ -1195,47 +1067,31 @@ # pnmindex - build a visual index of a bunch of anymaps # # Copyright (C) 1991 by Jef Poskanzer. ---- netpbm-10.35.64/editor/pnmpad.c -+++ netpbm-10.35.64/editor/pnmpad.c -@@ -358,6 +358,8 @@ +diff -up netpbm-10.58.01/editor/pnmpad.c.security-code netpbm-10.58.01/editor/pnmpad.c +--- netpbm-10.58.01/editor/pnmpad.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmpad.c 2012-04-09 15:40:03.221619564 +0200 +@@ -527,6 +527,8 @@ main(int argc, const char ** argv) { computePadSizes(cmdline, cols, rows, &lpad, &rpad, &tpad, &bpad); + overflow_add(cols, lpad); + overflow_add(cols + lpad, rpad); newcols = cols + lpad + rpad; - xelrow = pnm_allocrow(newcols); - bgrow = pnm_allocrow(newcols); ---- netpbm-10.35.64/editor/pnmpaste.c -+++ netpbm-10.35.64/editor/pnmpaste.c -@@ -101,11 +101,16 @@ - "y is too large -- the second anymap has only %d rows", - rows2 ); -+ overflow_add(x, cols2); -+ overflow_add(y, rows2); - if ( x < 0 ) - x += cols2; - if ( y < 0 ) - y += rows2; - -+ overflow_add(x, cols1); -+ overflow_add(y, rows1); -+ - if ( x + cols1 > cols2 ) - pm_error( "x + width is too large by %d pixels", x + cols1 - cols2 ); - if ( y + rows1 > rows2 ) ---- netpbm-10.35.64/editor/pnmremap.c -+++ netpbm-10.35.64/editor/pnmremap.c -@@ -279,6 +279,7 @@ + if (PNM_FORMAT_TYPE(format) == PBM_TYPE) +diff -up netpbm-10.58.01/editor/pnmremap.c.security-code netpbm-10.58.01/editor/pnmremap.c +--- netpbm-10.58.01/editor/pnmremap.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmremap.c 2012-04-09 15:40:03.222619551 +0200 +@@ -409,7 +409,7 @@ initFserr(struct pam * const pamP, + unsigned int plane; unsigned int const fserrSize = pamP->width + 2; - +- + overflow_add(pamP->width, 2); + fserrP->width = pamP->width; + MALLOCARRAY(fserrP->thiserr, pamP->depth); - if (fserrP->thiserr == NULL) - pm_error("Out of memory allocating Floyd-Steinberg structures " -@@ -322,6 +323,7 @@ +@@ -445,6 +445,7 @@ floydInitRow(struct pam * const pamP, st int col; @@ -1243,9 +1099,10 @@ for (col = 0; col < pamP->width + 2; ++col) { unsigned int plane; for (plane = 0; plane < pamP->depth; ++plane) ---- netpbm-10.35.64/editor/pnmscalefixed.c -+++ netpbm-10.35.64/editor/pnmscalefixed.c -@@ -209,6 +209,8 @@ +diff -up netpbm-10.58.01/editor/pnmscalefixed.c.security-code netpbm-10.58.01/editor/pnmscalefixed.c +--- netpbm-10.58.01/editor/pnmscalefixed.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmscalefixed.c 2012-04-09 15:40:03.223619538 +0200 +@@ -214,6 +214,8 @@ compute_output_dimensions(const struct c const int rows, const int cols, int * newrowsP, int * newcolsP) { @@ -1254,7 +1111,7 @@ if (cmdline.pixels) { if (rows * cols <= cmdline.pixels) { *newrowsP = rows; -@@ -260,6 +262,8 @@ +@@ -265,6 +267,8 @@ compute_output_dimensions(const struct c if (*newcolsP < 1) *newcolsP = 1; if (*newrowsP < 1) *newrowsP = 1; @@ -1263,7 +1120,7 @@ } -@@ -441,6 +445,9 @@ +@@ -446,6 +450,9 @@ main(int argc, char **argv ) { unfilled. We can address that by stretching, whereas the other case would require throwing away some of the input. */ @@ -1273,67 +1130,62 @@ sxscale = SCALE * newcols / cols; syscale = SCALE * newrows / rows; ---- netpbm-10.35.64/editor/pnmshear.c -+++ netpbm-10.35.64/editor/pnmshear.c -@@ -14,6 +14,7 @@ - +diff -up netpbm-10.58.01/editor/pnmshear.c.security-code netpbm-10.58.01/editor/pnmshear.c +--- netpbm-10.58.01/editor/pnmshear.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/pnmshear.c 2012-04-09 15:40:03.224619526 +0200 +@@ -15,6 +15,7 @@ + #include #include #include +#include - #include "pnm.h" - #include "shhopt.h" -@@ -196,6 +197,11 @@ - if ( shearfac < 0.0 ) - shearfac = -shearfac; + #include "pm_c_util.h" + #include "ppm.h" +@@ -236,6 +237,11 @@ main(int argc, char * argv[]) { + + shearfac = fabs(tan(cmdline.angle)); + if(rows * shearfac >= INT_MAX-1) -+ pm_error("image too large"); ++ pm_error("image too large"); + + overflow_add(rows * shearfac, cols+1); -+ ++ newcols = rows * shearfac + cols + 0.999999; - pnm_writepnminit( stdout, newcols, rows, newmaxval, newformat, 0 ); ---- netpbm-10.35.64/editor/ppmdither.c -+++ netpbm-10.35.64/editor/ppmdither.c -@@ -111,6 +111,9 @@ - (dith_dim * sizeof(int *)) + /* pointers */ - (dith_dim * dith_dim * sizeof(int)); /* data */ - -+ overflow2(dith_dim, sizeof(int *)); -+ overflow3(dith_dim, dith_dim, sizeof(int)); -+ overflow_add(dith_dim * sizeof(int *), dith_dim * dith_dim * sizeof(int)); - dith_mat = (unsigned int **) malloc(dith_mat_sz); - - if (dith_mat == NULL) -@@ -165,7 +168,8 @@ - if (dith_nb < 2) - pm_error("too few shades for blue, minimum of 2"); - -- MALLOCARRAY(*colormapP, dith_nr * dith_ng * dith_nb); -+ overflow2(dith_nr, dith_ng); -+ *colormapP = malloc3(dith_nr * dith_ng, dith_nb, sizeof(pixel)); - if (*colormapP == NULL) - pm_error("Unable to allocate space for the color lookup table " - "(%d by %d by %d pixels).", dith_nr, dith_ng, dith_nb); ---- netpbm-10.35.64/generator/pbmpage.c -+++ netpbm-10.35.64/generator/pbmpage.c -@@ -170,6 +170,9 @@ - /* We round the allocated row space up to a multiple of 8 so the ugly - fast code below can work. - */ -+ -+ overflow_add(bitmap.Width, 7); -+ - pbmrow = pbm_allocrow(((bitmap.Width+7)/8)*8); - - bitmap_cursor = 0; ---- netpbm-10.35.64/generator/pbmtext.c -+++ netpbm-10.35.64/generator/pbmtext.c -@@ -89,12 +89,14 @@ + pnm_writepnminit(stdout, newcols, rows, newmaxval, newformat, 0); +diff -up netpbm-10.58.01/editor/ppmdither.c.security-code netpbm-10.58.01/editor/ppmdither.c +--- netpbm-10.58.01/editor/ppmdither.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/ppmdither.c 2012-04-09 15:40:03.224619526 +0200 +@@ -355,7 +355,11 @@ dithMatrix(unsigned int const dithPower) + unsigned int const dithMatSize = + (dithDim * sizeof(*dithMat)) + /* pointers */ + (dithDim * dithDim * sizeof(**dithMat)); /* data */ +- ++ ++ overflow2(dithDim, sizeof(*dithMat)); ++ overflow3(dithDim, dithDim, sizeof(**dithMat)); ++ overflow_add(dithDim * sizeof(*dithMat), dithDim * dithDim * sizeof(**dithMat)); ++ + dithMat = malloc(dithMatSize); - for (i = 1; i < argc; i++) { + if (dithMat == NULL) +diff -up netpbm-10.58.01/editor/specialty/pamoil.c.security-code netpbm-10.58.01/editor/specialty/pamoil.c +--- netpbm-10.58.01/editor/specialty/pamoil.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ netpbm-10.58.01/editor/specialty/pamoil.c 2012-04-09 15:40:03.224619526 +0200 +@@ -112,6 +112,7 @@ main(int argc, char *argv[] ) { + tuples = pnm_readpam(ifp, &inpam, PAM_STRUCT_SIZE(tuple_type)); + pm_close(ifp); + ++ overflow_add(inpam.maxval, 1); + MALLOCARRAY(hist, inpam.maxval + 1); + if (hist == NULL) + pm_error("Unable to allocate memory for histogram."); +diff -up netpbm-10.58.01/generator/pbmtext.c.security-code netpbm-10.58.01/generator/pbmtext.c +--- netpbm-10.58.01/generator/pbmtext.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ netpbm-10.58.01/generator/pbmtext.c 2012-04-09 15:40:03.225619514 +0200 +@@ -96,12 +96,14 @@ parseCommandLine(int argc, const char ** + + for (i = 1; i < argc; ++i) { if (i > 1) { + overflow_add(totaltextsize, 1); totaltextsize += 1; @@ -1346,25 +1198,15 @@ totaltextsize += strlen(argv[i]); text = realloc(text, totaltextsize); if (text == NULL) -@@ -575,6 +577,7 @@ - struct text input_text; - - if (cmdline_text) { -+ overflow_add(strlen(cmdline_text), 1); - allocTextArray(&input_text, 1, strlen(cmdline_text)*8); - strcpy(input_text.textArray[0], cmdline_text); - fix_control_chars(input_text.textArray[0], fn); -@@ -600,7 +603,9 @@ - "Cannot process.", (sizeof(buf)-1)/8); - fix_control_chars(buf, fn); +@@ -712,6 +714,7 @@ getText(const char cmdline_text + pm_error("A line of input text is longer than %u characters." + "Cannot process.", (unsigned)sizeof(buf)-1); if (lineCount >= maxlines) { -+ overflow2(maxlines, 2); ++ overflow2(maxlines, 2); maxlines *= 2; -+ overflow2(maxlines, sizeof(char *)); - text_array = (char**) realloc((char*) text_array, - maxlines * sizeof(char*)); + REALLOCARRAY(text_array, maxlines); if (text_array == NULL) -@@ -686,6 +691,7 @@ +@@ -832,6 +835,7 @@ main(int argc, const char *argv[]) { hmargin = fontP->maxwidth; } else { vmargin = fontP->maxheight; @@ -1372,32 +1214,10 @@ hmargin = 2 * fontP->maxwidth; } } -@@ -702,6 +708,12 @@ - } else - formattedText = inputText; - -+ overflow2(2, vmargin); -+ overflow2(formattedText.lineCount, fontP->maxheight); -+ overflow2(formattedText.lineCount-1, cmdline.lspace); -+ overflow_add(vmargin * 2, formattedText.lineCount * fontP->maxheight); -+ overflow_add(vmargin * 2 + formattedText.lineCount * fontP->maxheight, (formattedText.lineCount-1) * cmdline.lspace); -+ - rows = 2 * vmargin + - formattedText.lineCount * fontP->maxheight + - (formattedText.lineCount-1) * cmdline.lspace; -@@ -709,6 +721,9 @@ - compute_image_width(formattedText, fontP, cmdline.space, - &maxwidth, &maxleftb); - -+ overflow2(2, hmargin); -+ overflow_add(2*hmargin, maxwidth); -+ - cols = 2 * hmargin + maxwidth; - - if (cols == 0 || rows == 0) ---- netpbm-10.35.64/generator/pgmcrater.c -+++ netpbm-10.35.64/generator/pgmcrater.c -@@ -132,7 +132,7 @@ +diff -up netpbm-10.58.01/generator/pgmcrater.c.security-code netpbm-10.58.01/generator/pgmcrater.c +--- netpbm-10.58.01/generator/pgmcrater.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ netpbm-10.58.01/generator/pgmcrater.c 2012-04-09 15:40:03.226619502 +0200 +@@ -130,7 +130,7 @@ static void gencraters() /* Acquire the elevation array and initialize it to mean surface elevation. */ @@ -1406,9 +1226,10 @@ if (aux == NULL) pm_error("out of memory allocating elevation array"); ---- netpbm-10.35.64/generator/pgmkernel.c -+++ netpbm-10.35.64/generator/pgmkernel.c -@@ -68,7 +68,7 @@ +diff -up netpbm-10.58.01/generator/pgmkernel.c.security-code netpbm-10.58.01/generator/pgmkernel.c +--- netpbm-10.58.01/generator/pgmkernel.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ netpbm-10.58.01/generator/pgmkernel.c 2012-04-09 15:40:03.226619502 +0200 +@@ -68,7 +68,7 @@ main ( argc, argv ) kycenter = (fysize - 1) / 2.0; ixsize = fxsize + 0.999; iysize = fysize + 0.999; @@ -1417,21 +1238,23 @@ for (i = 0; i < iysize; i++) for (j = 0; j < ixsize; j++) { fkernel[i*ixsize+j] = 1.0 / (1.0 + w * sqrt((double) ---- netpbm-10.35.64/lib/libpam.c -+++ netpbm-10.35.64/lib/libpam.c -@@ -227,7 +227,8 @@ - int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample); +diff -up netpbm-10.58.01/lib/libpam.c.security-code netpbm-10.58.01/lib/libpam.c +--- netpbm-10.58.01/lib/libpam.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ netpbm-10.58.01/lib/libpam.c 2012-04-09 15:40:03.227619490 +0200 +@@ -220,7 +220,8 @@ allocPamRow(const struct pam * const pam + unsigned int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample); tuple * tuplerow; - tuplerow = malloc(pamP->width * (sizeof(tuple *) + bytesPerTuple)); + overflow_add(sizeof(tuple *), bytesPerTuple); -+ tuplerow = malloc2(pamP->width, sizeof(tuple *) + bytesPerTuple); ++ tuplerow = malloc2(pamP->width, (sizeof(tuple *) + bytesPerTuple)); if (tuplerow != NULL) { /* Now we initialize the pointers to the individual tuples ---- netpbm-10.35.64/lib/libpammap.c -+++ netpbm-10.35.64/lib/libpammap.c -@@ -103,6 +103,8 @@ +diff -up netpbm-10.58.01/lib/libpammap.c.security-code netpbm-10.58.01/lib/libpammap.c +--- netpbm-10.58.01/lib/libpammap.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ netpbm-10.58.01/lib/libpammap.c 2012-04-09 15:40:03.228619477 +0200 +@@ -104,6 +104,8 @@ allocTupleIntListItem(struct pam * const */ struct tupleint_list_item * retval; @@ -1440,9 +1263,10 @@ unsigned int const size = sizeof(*retval) - sizeof(retval->tupleint.tuple) + pamP->depth * sizeof(sample); ---- netpbm-10.35.64/lib/libpbm1.c -+++ netpbm-10.35.64/lib/libpbm1.c -@@ -56,6 +56,7 @@ +diff -up netpbm-10.58.01/lib/libpbm1.c.security-code netpbm-10.58.01/lib/libpbm1.c +--- netpbm-10.58.01/lib/libpbm1.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ netpbm-10.58.01/lib/libpbm1.c 2012-04-09 15:40:03.228619477 +0200 +@@ -77,6 +77,7 @@ pbm_check(FILE * file, const enum pm_che pm_message("pm_filepos passed to pm_check() is %u bytes", sizeof(pm_filepos)); #endif @@ -1450,34 +1274,10 @@ pm_check(file, check_type, need_raster_size, retval_p); } } ---- netpbm-10.35.64/lib/libpbmvms.c -+++ netpbm-10.35.64/lib/libpbmvms.c -@@ -1,3 +1,5 @@ -+#warning "NOT AUDITED" -+ - /*************************************************************************** - This file contains library routines needed to build Netpbm for VMS. - However, as of 2000.05.26, when these were split out of libpbm1.c ---- netpbm-10.35.64/lib/libpm.c -+++ netpbm-10.35.64/lib/libpm.c -@@ -36,6 +36,7 @@ - /* This makes the the x64() functions available on AIX */ - - #include -+#include - #include - #include - #include -@@ -213,7 +214,7 @@ - if (rowIndex == NULL) - pm_error("out of memory allocating row index (%u rows) for an array", - rows); -- rowheap = malloc(rows * cols * size); -+ rowheap = malloc3(rows, cols, size); - if (rowheap == NULL) { - /* We couldn't get the whole heap in one block, so try fragmented - format. -@@ -1491,4 +1492,53 @@ +diff -up netpbm-10.58.01/lib/libpm.c.security-code netpbm-10.58.01/lib/libpm.c +--- netpbm-10.58.01/lib/libpm.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ netpbm-10.58.01/lib/libpm.c 2012-04-09 15:40:03.229619464 +0200 +@@ -808,4 +808,53 @@ pm_parse_height(const char * const arg) } @@ -1531,9 +1331,10 @@ + return realloc(a, b*c); +} ---- netpbm-10.35.64/lib/pm.h -+++ netpbm-10.35.64/lib/pm.h -@@ -343,4 +343,11 @@ +diff -up netpbm-10.58.01/lib/pm.h.security-code netpbm-10.58.01/lib/pm.h +--- netpbm-10.58.01/lib/pm.h.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ netpbm-10.58.01/lib/pm.h 2012-04-09 15:40:03.229619464 +0200 +@@ -432,4 +432,11 @@ pm_parse_height(const char * const arg); #endif @@ -1545,9 +1346,10 @@ +void overflow_add(int, int); + #endif ---- netpbm-10.35.64/other/pnmcolormap.c -+++ netpbm-10.35.64/other/pnmcolormap.c -@@ -839,6 +839,7 @@ +diff -up netpbm-10.58.01/other/pnmcolormap.c.security-code netpbm-10.58.01/other/pnmcolormap.c +--- netpbm-10.58.01/other/pnmcolormap.c.security-code 2012-04-09 15:31:32.000000000 +0200 ++++ netpbm-10.58.01/other/pnmcolormap.c 2012-04-09 15:40:03.230619451 +0200 +@@ -840,6 +840,7 @@ colormapToSquare(struct pam * const pamP pamP->width = intsqrt; else pamP->width = intsqrt + 1; @@ -1555,9 +1357,10 @@ } { unsigned int const intQuotient = colormap.size / pamP->width; ---- netpbm-10.35.64/urt/README -+++ netpbm-10.35.64/urt/README -@@ -18,3 +18,8 @@ +diff -up netpbm-10.58.01/urt/README.security-code netpbm-10.58.01/urt/README +--- netpbm-10.58.01/urt/README.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/README 2012-04-09 15:40:03.231619438 +0200 +@@ -18,3 +18,8 @@ in its initializer in the original. But defines stdout as a variable, so that wouldn't compile. So I changed it to NULL and added a line to rle_hdr_init to set that field to 'stdout' dynamically. 2000.06.02 BJH. @@ -1566,72 +1369,9 @@ +Removed pipe through and compress support (unsafe) + +Alan Cox ---- netpbm-10.35.64/urt/Runput.c -+++ netpbm-10.35.64/urt/Runput.c -@@ -17,6 +17,8 @@ - * - * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire - * to have all "void" functions so declared. -+ * -+ * 2002-12-19: Fix maths wrapping bugs. Alan Cox - */ - /* - * Runput.c - General purpose Run Length Encoding. -@@ -202,9 +204,11 @@ - if ( the_hdr->background != 0 ) - { - register int i; -- register rle_pixel *background = -- (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); -+ register rle_pixel *background; - register int *bg_color; -+ -+ overflow_add(the_hdr->ncolors,1); -+ background = (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); - /* - * If even number of bg color bytes, put out one more to get to - * 16 bit boundary. -@@ -224,7 +228,7 @@ - /* Big-endian machines are harder */ - register int i, nmap = (1 << the_hdr->cmaplen) * - the_hdr->ncmap; -- register char *h_cmap = (char *)malloc( nmap * 2 ); -+ register char *h_cmap = (char *)malloc2( nmap, 2 ); - if ( h_cmap == NULL ) - { - fprintf( stderr, ---- netpbm-10.35.64/urt/rle.h -+++ netpbm-10.35.64/urt/rle.h -@@ -14,6 +14,9 @@ - * If you modify this software, you should include a notice giving the - * name of the person performing the modification, the date of modification, - * and the reason for such modification. -+ * -+ * 2002-12-19: Fix maths wrapping bugs. Alan Cox -+ * Header declarations needed - */ - /* - * rle.h - Global declarations for Utah Raster Toolkit RLE programs. -@@ -166,6 +169,17 @@ - */ - extern rle_hdr rle_dflt_hdr; - -+/* -+ * Provided by pm library -+ */ -+ -+extern void overflow_add(int, int); -+#define overflow2(a,b) __overflow2(a,b) -+extern void __overflow2(int, int); -+extern void overflow3(int, int, int); -+extern void *malloc2(int, int); -+extern void *malloc3(int, int, int); -+extern void *realloc2(void *, int, int); - - /* Declare RLE library routines. */ - ---- netpbm-10.35.64/urt/rle_addhist.c -+++ netpbm-10.35.64/urt/rle_addhist.c +diff -up netpbm-10.58.01/urt/rle_addhist.c.security-code netpbm-10.58.01/urt/rle_addhist.c +--- netpbm-10.58.01/urt/rle_addhist.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/rle_addhist.c 2012-04-09 15:40:03.231619438 +0200 @@ -14,6 +14,8 @@ * If you modify this software, you should include a notice giving the * name of the person performing the modification, the date of modification, @@ -1641,7 +1381,7 @@ */ /* * rle_addhist.c - Add to the HISTORY comment in header -@@ -76,13 +78,19 @@ +@@ -71,13 +73,19 @@ rle_addhist(char * argv[], return; length = 0; @@ -1662,7 +1402,7 @@ length += strlen(padding) + 3 + strlen(histoire) + 1; /* length of padding, "on " and length of history name plus "="*/ if (in_hdr) /* if we are interested in the old comments... */ -@@ -90,9 +98,12 @@ +@@ -85,9 +93,12 @@ rle_addhist(char * argv[], else old = NULL; @@ -1676,8 +1416,9 @@ ++length; /*Cater for the null. */ MALLOCARRAY(newc, length); ---- netpbm-10.35.64/urt/rle_getrow.c -+++ netpbm-10.35.64/urt/rle_getrow.c +diff -up netpbm-10.58.01/urt/rle_getrow.c.security-code netpbm-10.58.01/urt/rle_getrow.c +--- netpbm-10.58.01/urt/rle_getrow.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/rle_getrow.c 2012-04-09 15:40:03.232619426 +0200 @@ -17,6 +17,8 @@ * * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire @@ -1687,7 +1428,7 @@ */ /* * rle_getrow.c - Read an RLE file in. -@@ -168,6 +170,7 @@ +@@ -168,6 +170,7 @@ rle_get_setup(rle_hdr * const the_hdr) { register char * cp; VAXSHORT( comlen, infile ); /* get comment length */ @@ -1695,8 +1436,9 @@ evenlen = (comlen + 1) & ~1; /* make it even */ if ( evenlen ) { ---- netpbm-10.35.64/urt/rle_hdr.c -+++ netpbm-10.35.64/urt/rle_hdr.c +diff -up netpbm-10.58.01/urt/rle_hdr.c.security-code netpbm-10.58.01/urt/rle_hdr.c +--- netpbm-10.58.01/urt/rle_hdr.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/rle_hdr.c 2012-04-09 15:40:03.233619414 +0200 @@ -14,6 +14,8 @@ * If you modify this software, you should include a notice giving the * name of the person performing the modification, the date of modification, @@ -1706,7 +1448,7 @@ */ /* * rle_hdr.c - Functions to manipulate rle_hdr structures. -@@ -79,7 +81,10 @@ +@@ -80,7 +82,10 @@ int img_num; /* Fill in with copies of the strings. */ if ( the_hdr->cmd != pgmname ) { @@ -1718,7 +1460,7 @@ RLE_CHECK_ALLOC( pgmname, tmp, 0 ); strcpy( tmp, pgmname ); the_hdr->cmd = tmp; -@@ -87,7 +92,9 @@ +@@ -88,7 +93,9 @@ int img_num; if ( the_hdr->file_name != fname ) { @@ -1729,7 +1471,7 @@ RLE_CHECK_ALLOC( pgmname, tmp, 0 ); strcpy( tmp, fname ); the_hdr->file_name = tmp; -@@ -152,6 +159,7 @@ +@@ -153,6 +160,7 @@ rle_hdr *from_hdr, *to_hdr; if ( to_hdr->bg_color ) { int size = to_hdr->ncolors * sizeof(int); @@ -1737,7 +1479,7 @@ to_hdr->bg_color = (int *)malloc( size ); RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->bg_color, "background color" ); memcpy( to_hdr->bg_color, from_hdr->bg_color, size ); -@@ -160,7 +168,7 @@ +@@ -161,7 +169,7 @@ rle_hdr *from_hdr, *to_hdr; if ( to_hdr->cmap ) { int size = to_hdr->ncmap * (1 << to_hdr->cmaplen) * sizeof(rle_map); @@ -1746,7 +1488,7 @@ RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->cmap, "color map" ); memcpy( to_hdr->cmap, from_hdr->cmap, size ); } -@@ -173,11 +181,16 @@ +@@ -174,11 +182,16 @@ rle_hdr *from_hdr, *to_hdr; int size = 0; CONST_DECL char **cp; for ( cp=to_hdr->comments; *cp; cp++ ) @@ -1763,41 +1505,109 @@ size *= sizeof(char *); to_hdr->comments = (CONST_DECL char **)malloc( size ); RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->comments, "comments" ); ---- netpbm-10.35.64/urt/rle_open_f.c -+++ netpbm-10.35.64/urt/rle_open_f.c -@@ -6,6 +6,9 @@ - * University of Michigan - * Date: 11/14/89 - * Copyright (c) 1990, University of Michigan +diff -up netpbm-10.58.01/urt/rle.h.security-code netpbm-10.58.01/urt/rle.h +--- netpbm-10.58.01/urt/rle.h.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/rle.h 2012-04-09 15:40:03.233619414 +0200 +@@ -14,6 +14,9 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. + * + * 2002-12-19: Fix maths wrapping bugs. Alan Cox -+ * Killed of crazy unsafe pipe/compress stuff ++ * Header declarations needed */ + /* + * rle.h - Global declarations for Utah Raster Toolkit RLE programs. +@@ -160,6 +163,17 @@ rle_hdr /* End of typedef. * + */ + extern rle_hdr rle_dflt_hdr; - #define _XOPEN_SOURCE /* Make sure fdopen() is in stdio.h */ -@@ -188,7 +191,7 @@ - - cp = file_name + strlen( (char*) file_name ) - 2; - /* Pipe case. */ -- if ( *file_name == '|' ) -+ if ( *file_name == '|' && 0 /* BOLLOCKS ARE WE DOING THIS ANY MORE */) - { - int thepid; /* PID from my_popen */ - if ( (fp = my_popen( file_name + 1, mode, &thepid )) == NULL ) -@@ -203,9 +206,10 @@ - } ++/* ++ * Provided by pm library ++ */ ++ ++extern void overflow_add(int, int); ++#define overflow2(a,b) __overflow2(a,b) ++extern void __overflow2(int, int); ++extern void overflow3(int, int, int); ++extern void *malloc2(int, int); ++extern void *malloc3(int, int, int); ++extern void *realloc2(void *, int, int); - /* Compress case. */ -- else if ( cp > file_name && *cp == '.' && *(cp + 1) == 'Z' ) -+ else if ( /* SMOKING SOMETHING */ 0 && cp > file_name && *cp == '.' && *(cp + 1) == 'Z' ) - { - int thepid; /* PID from my_popen. */ -+ overflow_add(20, strlen(file_name)); - combuf = (char *)malloc( 20 + strlen( file_name ) ); - if ( combuf == NULL ) - { ---- netpbm-10.35.64/urt/rle_putcom.c -+++ netpbm-10.35.64/urt/rle_putcom.c + /* Declare RLE library routines. */ + +diff -up netpbm-10.58.01/urt/rle_open_f.c.security-code netpbm-10.58.01/urt/rle_open_f.c +--- netpbm-10.58.01/urt/rle_open_f.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/rle_open_f.c 2012-04-09 15:40:03.234619402 +0200 +@@ -163,65 +163,7 @@ dealWithSubprocess(const char * const f + FILE ** const fpP, + bool * const noSubprocessP, + const char ** const errorP) { +- +-#ifdef NO_OPEN_PIPES + *noSubprocessP = TRUE; +-#else +- const char *cp; +- +- reapChildren(catchingChildrenP, pids); +- +- /* Real file, not stdin or stdout. If name ends in ".Z", +- * pipe from/to un/compress (depending on r/w mode). +- * +- * If it starts with "|", popen that command. +- */ +- +- cp = file_name + strlen(file_name) - 2; +- /* Pipe case. */ +- if (file_name[0] == '|') { +- pid_t thepid; /* PID from my_popen */ +- +- *noSubprocessP = FALSE; +- +- *fpP = my_popen(file_name + 1, mode, &thepid); +- if (*fpP == NULL) +- *errorP = "%s: can't invoke <<%s>> for %s: "; +- else { +- /* One more child to catch, eventually. */ +- if (*catchingChildrenP < MAX_CHILDREN) +- pids[(*catchingChildrenP)++] = thepid; +- } +- } else if (cp > file_name && *cp == '.' && *(cp + 1) == 'Z' ) { +- /* Compress case. */ +- pid_t thepid; /* PID from my_popen. */ +- const char * command; +- +- *noSubprocessP = FALSE; +- +- if (*mode == 'w') +- pm_asprintf(&command, "compress > %s", file_name); +- else if (*mode == 'a') +- pm_asprintf(&command, "compress >> %s", file_name); +- else +- pm_asprintf(&command, "compress -d < %s", file_name); +- +- *fpP = my_popen(command, mode, &thepid); +- +- if (*fpP == NULL) +- *errorP = "%s: can't invoke 'compress' program, " +- "trying to open %s for %s"; +- else { +- /* One more child to catch, eventually. */ +- if (*catchingChildrenP < MAX_CHILDREN) +- pids[(*catchingChildrenP)++] = thepid; +- } +- pm_strfree(command); +- } else { +- *noSubprocessP = TRUE; +- *errorP = NULL; +- } +-#endif + } + + +diff -up netpbm-10.58.01/urt/rle_putcom.c.security-code netpbm-10.58.01/urt/rle_putcom.c +--- netpbm-10.58.01/urt/rle_putcom.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/rle_putcom.c 2012-04-09 15:40:03.234619402 +0200 @@ -14,6 +14,8 @@ * If you modify this software, you should include a notice giving the * name of the person performing the modification, the date of modification, @@ -1807,7 +1617,7 @@ */ /* * rle_putcom.c - Add a picture comment to the header struct. -@@ -98,12 +100,14 @@ +@@ -98,12 +100,14 @@ rle_putcom(const char * const value, const char * v; const char ** old_comments; int i; @@ -1823,8 +1633,44 @@ /* Not found */ /* Can't realloc because somebody else might be pointing to this * comments block. Of course, if this were true, then the ---- netpbm-10.35.64/urt/scanargs.c -+++ netpbm-10.35.64/urt/scanargs.c +diff -up netpbm-10.58.01/urt/Runput.c.security-code netpbm-10.58.01/urt/Runput.c +--- netpbm-10.58.01/urt/Runput.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/Runput.c 2012-04-09 15:40:03.235619390 +0200 +@@ -17,6 +17,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * Runput.c - General purpose Run Length Encoding. +@@ -202,9 +204,11 @@ RunSetup(rle_hdr * the_hdr) + if ( the_hdr->background != 0 ) + { + register int i; +- register rle_pixel *background = +- (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); ++ register rle_pixel *background; + register int *bg_color; ++ ++ overflow_add(the_hdr->ncolors,1); ++ background = (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); + /* + * If even number of bg color bytes, put out one more to get to + * 16 bit boundary. +@@ -224,7 +228,7 @@ RunSetup(rle_hdr * the_hdr) + /* Big-endian machines are harder */ + register int i, nmap = (1 << the_hdr->cmaplen) * + the_hdr->ncmap; +- register char *h_cmap = (char *)malloc( nmap * 2 ); ++ register char *h_cmap = (char *)malloc2( nmap, 2 ); + if ( h_cmap == NULL ) + { + fprintf( stderr, +diff -up netpbm-10.58.01/urt/scanargs.c.security-code netpbm-10.58.01/urt/scanargs.c +--- netpbm-10.58.01/urt/scanargs.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ netpbm-10.58.01/urt/scanargs.c 2012-04-09 15:40:03.235619390 +0200 @@ -38,6 +38,8 @@ * * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire @@ -1834,7 +1680,7 @@ */ #include "rle.h" -@@ -65,8 +67,8 @@ +@@ -63,8 +65,8 @@ typedef int *ptr; /* * Storage allocation macros */ @@ -1843,5 +1689,5 @@ +#define NEW( type, cnt ) (type *) malloc2( (cnt) , sizeof( type ) ) +#define RENEW( type, ptr, cnt ) (type *) realloc2( ptr, (cnt), sizeof( type ) ) - #if defined(c_plusplus) && !defined(USE_PROTOTYPES) - #define USE_PROTOTYPES + static CONST_DECL char * prformat( CONST_DECL char *, int ); + static int isnum( CONST_DECL char *, int, int ); diff --git a/netpbm-security2.patch b/netpbm-security-scripts.patch similarity index 84% rename from netpbm-security2.patch rename to netpbm-security-scripts.patch index 2862b6e..424a890 100644 --- a/netpbm-security2.patch +++ b/netpbm-security-scripts.patch @@ -1,19 +1,19 @@ ---- netpbm-10.35.64/converter/other/anytopnm -+++ netpbm-10.35.64/converter/other/anytopnm -@@ -506,11 +506,7 @@ +diff -up netpbm-10.47.05/converter/other/anytopnm.security-scripts netpbm-10.47.05/converter/other/anytopnm +--- netpbm-10.47.05/converter/other/anytopnm.security-scripts 2009-12-10 08:34:36.000000000 +0100 ++++ netpbm-10.47.05/converter/other/anytopnm 2010-03-16 21:28:09.000000000 +0100 +@@ -510,10 +510,7 @@ else inputFile="-" fi -tempdir="${TMPDIR-/tmp}/anytopnm.$$" --mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} --chmod 700 $tempdir -- +-mkdir -m 0700 $tempdir || \ +- { echo "Could not create temporary file. Exiting."; exit 1;} -trap 'rm -rf $tempdir' 0 +tempdir=$(mktemp -d -t anytopnm.XXXXXXXXXX) || exit 1 # Take out all spaces # Find the filename extension for last-ditch efforts later -@@ -536,9 +532,17 @@ +@@ -539,9 +536,17 @@ if [ "$filetype" = "unknown" ]; then echo "$progname: unknown file type. " \ "'file' says mime type is '$mimeType', " 1>&2 echo "type description is '$typeDescription'" 1>&2 @@ -31,30 +31,34 @@ +fi + exit 0 ---- netpbm-10.35.64/editor/pamstretch-gen -+++ netpbm-10.35.64/editor/pamstretch-gen -@@ -31,10 +31,7 @@ +diff -up netpbm-10.47.05/editor/pamstretch-gen.security-scripts netpbm-10.47.05/editor/pamstretch-gen +--- netpbm-10.47.05/editor/pamstretch-gen.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ netpbm-10.47.05/editor/pamstretch-gen 2010-03-16 21:28:47.000000000 +0100 +@@ -31,13 +31,9 @@ if [ "$1" = "" ]; then exit 1 fi -tempdir="${TMPDIR-/tmp}/pamstretch-gen.$$" --mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} --chmod 700 $tempdir --tempfile=$tempdir/pnmig +-mkdir -m 0700 $tempdir || \ +- { echo "Could not create temporary file. Exiting."; exit 1;} +tempfile=$(mktemp /tmp/pnmig.XXXXXXXXXX) || exit 1 - trap 'rm -rf $tempdir' 0 1 3 15 ---- netpbm-10.35.64/editor/pnmmargin -+++ netpbm-10.35.64/editor/pnmmargin -@@ -11,16 +11,11 @@ +-tempfile=$tempdir/pnmig +- + if ! cat $2 >$tempfile 2>/dev/null; then + echo 'pamstretch-gen: error reading file' 1>&2 + exit 1 +diff -up netpbm-10.47.05/editor/pnmmargin.security-scripts netpbm-10.47.05/editor/pnmmargin +--- netpbm-10.47.05/editor/pnmmargin.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ netpbm-10.47.05/editor/pnmmargin 2010-03-16 21:28:09.000000000 +0100 +@@ -11,15 +11,11 @@ # documentation. This software is provided "as is" without express or # implied warranty. -tempdir="${TMPDIR-/tmp}/pnmmargin.$$" --mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} --chmod 700 $tempdir -- +-mkdir -m 0700 $tempdir || \ +- { echo "Could not create temporary file. Exiting." 1>&2; exit 1;} -trap 'rm -rf $tempdir' 0 1 3 15 - -tmp1=$tempdir/pnmm1 @@ -68,57 +72,27 @@ +tmp4="$tmpdir/tmp4" color="-gofigure" - -@@ -39,6 +34,9 @@ - shift - if [ ! ${1-""} ] ; then - echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 -+ if [ -d "$tmpdir" ]; then -+ rm -rf "$tmpdir" -+ fi - exit 1 - fi - color="$1" -@@ -46,6 +44,9 @@ - ;; - -* ) - echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 -+ if [ -d "$tmpdir" ]; then -+ rm -rf "$tmpdir" -+ fi - exit 1 - ;; - * ) -@@ -56,6 +57,9 @@ - - if [ ! ${1-""} ] ; then - echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 -+ if [ -d "$tmpdir" ]; then -+ rm -rf "$tmpdir" -+ fi - exit 1 + plainopt="" +@@ -90,6 +86,7 @@ else + -white | -black ) + pnmpad $plainopt $color \ + -left=$size -right=$size -top=$size -bottom=$size $tmp1 ++ rm -rf "$tmpdir" + exit + ;; + * ) +@@ -102,7 +99,4 @@ else + pnmcat -lr $tmp2 $tmp1 $tmp2 > $tmp4 + pnmcat -tb $plainopt $tmp3 $tmp4 $tmp3 fi - size="$1" -@@ -63,6 +67,9 @@ - - if [ ${2-""} ] ; then - echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 -+ if [ -d "$tmpdir" ]; then -+ rm -rf "$tmpdir" -+ fi - exit 1 - fi - -@@ -86,3 +93,7 @@ - # Cat things together. - pnmcat -lr $tmp2 $tmp1 $tmp2 > $tmp4 - pnmcat -tb $tmp3 $tmp4 $tmp3 -+ -+if [ -d "$tmpdir" ]; then -+ rm -rf "$tmpdir" -+fi ---- netpbm-10.35.64/editor/ppmfade -+++ netpbm-10.35.64/editor/ppmfade +- +- +- +- ++rm -rf "$tmpdir" +diff -up netpbm-10.47.05/editor/ppmfade.security-scripts netpbm-10.47.05/editor/ppmfade +--- netpbm-10.47.05/editor/ppmfade.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ netpbm-10.47.05/editor/ppmfade 2010-03-16 21:28:09.000000000 +0100 @@ -14,6 +14,7 @@ # #-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- @@ -127,7 +101,7 @@ my $SPREAD = 1; my $SHIFT = 2; -@@ -118,20 +119,26 @@ +@@ -111,20 +112,26 @@ if ($first_file ne "undefined") { print("Frames are " . $width . "W x " . $height . "H\n"); @@ -158,7 +132,7 @@ } # -@@ -139,14 +146,14 @@ +@@ -132,14 +139,14 @@ if ($last_file eq "undefined") { # # Here's what our temporary files are: @@ -181,7 +155,7 @@ my $i; # Frame number for ($i = 1; $i <= $nframes; $i++) { -@@ -154,148 +161,148 @@ +@@ -147,147 +154,147 @@ for ($i = 1; $i <= $nframes; $i++) { if ($mode eq $SPREAD) { if ($i <= 10) { my $n = $spline20[$i] * 100; @@ -382,28 +356,10 @@ +system("rm $tmpdir/junk*$$.ppm"); exit(0); - ---- netpbm-10.35.64/editor/ppmquantall -+++ netpbm-10.35.64/editor/ppmquantall -@@ -70,13 +70,8 @@ - heights=(${heights[*]} `grep -v '^#' $i | sed '1d; s/.* //; 2q'`) - done - --tempdir="${TMPDIR-/tmp}/ppmquantall.$$" --mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} --chmod 700 $tempdir -- --trap 'rm -rf $tempdir' 0 1 3 15 -- --all=$tempdir/pqa.all.$$ -+all=$(mktemp -t pqa.all.XXXXXXXXXX) || exit 1 -+rm -f $all - - pnmcat -topbottom -jleft -white ${files[@]} | pnmquant $newcolors > $all - if [ $? != 0 ]; then ---- netpbm-10.35.64/editor/ppmshadow -+++ netpbm-10.35.64/editor/ppmshadow -@@ -72,9 +72,10 @@ +diff -up netpbm-10.47.05/editor/ppmshadow.security-scripts netpbm-10.47.05/editor/ppmshadow +--- netpbm-10.47.05/editor/ppmshadow.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ netpbm-10.47.05/editor/ppmshadow 2010-03-16 21:28:09.000000000 +0100 +@@ -72,9 +72,10 @@ sub makeConvolutionKernel($$) { my $tmpdir = $ENV{TMPDIR} || "/tmp"; diff --git a/netpbm-tmpfile.patch b/netpbm-tmpfile.patch index 01326ec..ed698bc 100644 --- a/netpbm-tmpfile.patch +++ b/netpbm-tmpfile.patch @@ -1,6 +1,8 @@ ---- editor/pnmindex.csh +Index: editor/pnmindex.csh +=================================================================== +--- editor/pnmindex.csh.orig +++ editor/pnmindex.csh -@@ -88,7 +88,7 @@ +@@ -85,7 +85,7 @@ if ( $#argv == 0 ) then goto usage endif @@ -9,39 +11,53 @@ rm -f $tmpfile set maxformat=PBM ---- editor/ppmquantall.csh -+++ editor/ppmquantall.csh -@@ -34,8 +34,8 @@ - set heights=( $heights `sed '1d; s/.* //; 2q' $i` ) - end - --set all=/tmp/pqa.all.$$ --rm -f $all -+set all=.pqa.all.$$ -+ - pnmcat -topbottom -jleft -white $files | ppmquant -quiet $newcolors > $all - if ( $status != 0 ) exit $status - ---- generator/ppmrainbow +Index: generator/ppmrainbow +=================================================================== +--- generator/ppmrainbow.orig +++ generator/ppmrainbow -@@ -47,7 +47,13 @@ +@@ -1,6 +1,7 @@ + #!/usr/bin/perl -wl + use strict; + use Getopt::Long; ++use File::Temp qw{tempfile tempdir}; + + my ($FALSE, $TRUE) = (0,1); + +@@ -47,31 +48,25 @@ if (!$norepeat) { push @colorlist, $ARGV[0]; } --my $tmpprefix = $tmpdir . "/$myname.$$."; -+my $mytmpdir; -+chomp($mytmpdir = `mktemp -d $tmpdir/ppmrainbow.XXXXXX`); -+if ($? >> 8) { -+ die "Can't create tmpdir"; -+} -+ -+my $tmpprefix = $mytmpdir . "/file."; - +-my $ourtmp = "$tmpdir/ppmrainbow$$"; +-mkdir($ourtmp, 0777) or +- die("Unable to create directory for temporary files '$ourtmp"); +- +- ++my $ourtmp = tempdir("ppmrainbow.XXXX", DIR => $tmpdir, CLEANUP => 1); my $widthRemaining; - my $n; -@@ -79,4 +85,5 @@ +-my $n; + my @outlist; - END { - unlink @outlist if @outlist; -+ rmdir $mytmpdir if -d $mytmpdir; +-$n = 0; + $widthRemaining = $Twid; + @outlist = (); + + while (@colorlist >= 2) { +- my $outfile = sprintf("%s/file.%03u.ppm", $ourtmp, $n); ++ (my $tmpfh, my $outfile) = tempfile("file.XXXXXXXX", DIR => "$ourtmp", SUFFIX => '.ppm'); + push(@outlist, $outfile); + + my $w = int(($widthRemaining-1)/(@colorlist-1))+1; +- my $rc = system("$verboseCommand pgmramp -lr $w $Thgt | " . +- "pgmtoppm \"$colorlist[0]-$colorlist[1]\" >$outfile"); +- if ($rc != 0) { ++ my $content = qx{$verboseCommand pgmramp -lr $w $Thgt | ++ pgmtoppm "$colorlist[0]-$colorlist[1]"}; ++ if (! "$content") { + fatal("pgmramp|pgmtoppm failed."); + } ++ print $tmpfh $content; + $widthRemaining -= $w; +- $n++; + shift @colorlist; } + diff --git a/netpbm.changes b/netpbm.changes index abf8387..d636c00 100644 --- a/netpbm.changes +++ b/netpbm.changes @@ -1,3 +1,27 @@ +------------------------------------------------------------------- +Thu Sep 6 15:16:56 UTC 2012 - pgajdos@suse.com + +- updated to 10.59.2: + * transition super-stable --> advanced branch + * builds with libpng15 + * patches summary: + -> dropped unneeded or upstreamed patches: + - fixes.patch + - libpng14.patch + - manpages.patch + - pamscale.patch + - pnmtopng-CAN-2978.patch + -> left patches + # make.patch (suse specific) + # no-build-time.patch (suse specific) + # missing-file-close.patch (should be upstreamed in newer + versions) + # tmpfile.patch (rewritten) + # security-code.patch (taken from fedora, replacement of + former security.patch) + # security-scripts.patch (taken from fedora, replacement of + former security2.patch) + ------------------------------------------------------------------- Thu Aug 30 10:04:11 UTC 2012 - cfarrell@suse.com diff --git a/netpbm.spec b/netpbm.spec index 2035fa2..f0d308e 100644 --- a/netpbm.spec +++ b/netpbm.spec @@ -17,7 +17,6 @@ Name: netpbm -# regarding to libpng: netpbm is compatible with libpng14 from version 10.48 BuildRequires: flex BuildRequires: libjasper-devel BuildRequires: libpng-devel @@ -29,41 +28,29 @@ Provides: pbmplus Obsoletes: netpbm-64bit %endif # -Version: 10.35.86 +%define libmaj 11 +%define libmin 59 +%define libver %{libmaj}.%{libmin} +Version: 10.59.2 Release: 0 Summary: A Powerful Graphics Conversion Package License: BSD-3-Clause and GPL-2.0+ and SUSE-IJG and MIT and SUSE-Public-Domain Group: Productivity/Graphics/Convertors -Source: netpbm-%{version}-nohpcdtoppm-nojbig.tar.bz2 +Source: netpbm-%{version}-nohpcdtoppm-noppmtompeg.tar.bz2 Source1: netpbm-%{version}-documentation.tar.bz2 Source2: baselibs.conf Source3: prepare-src-tarball # SUSE specific Patch0: %{name}-make.patch -# partially upstreamed in development version -Patch1: %{name}-manpages.patch -# refused by upstream -Patch2: %{name}-security.patch -# refused by upstream -Patch3: %{name}-security2.patch -# refused by upstream -Patch4: %{name}-pnmtopng-CAN-2978.patch -# don't know what it does so far -Patch5: %{name}-tmpfile.patch +# SUSE specific: no build date +Patch1: %{name}-no-build-date.patch # upstreamed in development version -Patch6: %{name}-fixes.patch -# upstreamed in development version (another way) -Patch7: %{name}-pamscale.patch -# upstreamed in development version -Patch8: %{name}-missing-file-close.patch -# no build date -Patch9: netpbm-no-build-date.patch -# new versions build against libpng14 -Patch10: %{name}-libpng14.patch -Url: http://netpbm.sourceforge.net -BuildRoot: %{_tmppath}/%{name}-%{version}-build +Patch2: %{name}-missing-file-close.patch +Patch3: %{name}-tmpfile.patch +Patch4: %{name}-security-code.patch +Patch5: %{name}-security-scripts.patch -%package -n libnetpbm10 +%package -n libnetpbm%{libmaj} Summary: Libraries for the NetPBM (NetPortableBitmap) Graphic Formats Group: System/Libraries # bug437293 @@ -82,7 +69,7 @@ Group: Development/Libraries/C and C++ Obsoletes: libnetpbm-devel-64bit %endif # -Requires: libnetpbm10 = %{version} +Requires: libnetpbm%{libmaj} = %{version} Provides: libnetpbm:/usr/include/pbm.h %description @@ -96,7 +83,7 @@ Paintjet file, QRT raytracer, AUTOCAD slide, Atari Spectrum (compressed and uncompressed), Andrew Toolkit raster object, and many more. On top of that, man pages are included for all tools. -%description -n libnetpbm10 +%description -n libnetpbm%{libmaj} These are the libs for the netpbm graphic formats. The tools can be found in the netpbm package. The sources are contained in the netpbm source package. @@ -109,36 +96,20 @@ source package. %prep %setup %setup -D -q -a 1 -rm -rf libtiff %patch0 %patch1 -%patch2 -p1 -%patch3 -p1 -%patch4 -%patch5 -%patch6 -%patch7 -%patch8 -%patch9 -%patch10 -p1 -rm -rf converter/other/jpeg2000/libjasper/include #make sure the internal libjasper is not used -mkdir -p pnmtopalm -cd pnmtopalm -cp -v ../converter/other/pnmtopalm/LICENSE . -cp -v ../converter/other/pnmtopalm/README . +%patch2 +%patch3 +%patch4 -p1 +%patch5 -p1 +mkdir pnmtopalm # for %doc pnmtopalm +cp -p converter/other/pnmtopalm/{LICENSE,README} pnmtopalm %build -# fix build with newer glibc -sed "s:getline:getline_nonlibc:" -i converter/ppm/xvminitoppm.c -# -cp Makefile.config.in Makefile.config -CFLAGS="$RPM_OPT_FLAGS" -%if %suse_version > 1030 -CFLAGS="$CFLAGS -flax-vector-conversions" -%endif -make CFLAGS="$CFLAGS" \ - JASPERLIB=-ljasper \ - JASPERHDR_DIR=/usr/include/jasper +# netpbm has _interactive_ configure perl script +cp config.mk.in config.mk # recomended by upstream, see doc/INSTALL +export CFLAGS="$RPM_OPT_FLAGS -flax-vector-conversions" +make CFLAGS="$CFLAGS" rm doc/INSTALL # # convert html to man pages @@ -150,29 +121,27 @@ for i in 1 3 5 ; do done %install -mkdir -p $RPM_BUILD_ROOT/usr/{bin,include,%_lib,share/man} +# netpbm has _interactive_ install perl script, see doc/INSTALL make pkgdir=`pwd`/package package STRIPFLAG= -cp -prd package/bin $RPM_BUILD_ROOT/usr -cp -pd package/{lib,link}/* $RPM_BUILD_ROOT/usr/%_lib -ln -sf libnetpbm.so.10.35 $RPM_BUILD_ROOT/usr/%_lib/libnetpbm.so -ln -sf libnetpbm.so $RPM_BUILD_ROOT/usr/%_lib/libpbm.so -ln -sf libnetpbm.so $RPM_BUILD_ROOT/usr/%_lib/libpgm.so -ln -sf libnetpbm.so $RPM_BUILD_ROOT/usr/%_lib/libpnm.so -ln -sf libnetpbm.so $RPM_BUILD_ROOT/usr/%_lib/libppm.so -cp -pd package/include/* $RPM_BUILD_ROOT/usr/include -cp -prd man/* $RPM_BUILD_ROOT/usr/share/man -rm $RPM_BUILD_ROOT/usr/%_lib/*.a -mkdir -p $RPM_BUILD_ROOT/usr/share/netpbm -install -m 644 converter/other/pnmtopalm/*.map $RPM_BUILD_ROOT/usr/share/netpbm -rm $RPM_BUILD_ROOT/usr/bin/doc.url -rm $RPM_BUILD_ROOT/usr/bin/g3topbm #conflict with g3utils +rm package/bin/doc.url +rm package/bin/g3topbm #conflict with g3utils +# +mkdir -p $RPM_BUILD_ROOT%{_prefix}/{bin,include,%_lib,share/man,share/%{name}} +cp -pd package/bin/* $RPM_BUILD_ROOT%{_bindir} +cp -pd package/lib/*.so* $RPM_BUILD_ROOT%{_libdir} +ln -s libnetpbm.so.%{libver} $RPM_BUILD_ROOT%{_libdir}/libnetpbm.so +ln -s libnetpbm.so $RPM_BUILD_ROOT%{_libdir}/libpbm.so +ln -s libnetpbm.so $RPM_BUILD_ROOT%{_libdir}/libpgm.so +ln -s libnetpbm.so $RPM_BUILD_ROOT%{_libdir}/libpnm.so +ln -s libnetpbm.so $RPM_BUILD_ROOT%{_libdir}/libppm.so +cp -prd package/include/netpbm $RPM_BUILD_ROOT%{_includedir} +cp -prd man/* $RPM_BUILD_ROOT%{_mandir} +install -m 644 converter/other/pnmtopalm/*.map \ + $RPM_BUILD_ROOT%{_datadir}/%{name} -%clean -rm -rf $RPM_BUILD_ROOT +%post -n libnetpbm%{libmaj} -p /sbin/ldconfig -%post -n libnetpbm10 -p /sbin/ldconfig - -%postun -n libnetpbm10 -p /sbin/ldconfig +%postun -n libnetpbm%{libmaj} -p /sbin/ldconfig %files %defattr(-,root,root) @@ -181,16 +150,16 @@ rm -rf $RPM_BUILD_ROOT %doc %{_mandir}/man1/*.gz %doc %{_mandir}/man3/*.gz %doc %{_mandir}/man5/*.gz -/usr/bin/* -/usr/share/netpbm +%{_bindir}/* +%{_datadir}/%{name} -%files -n libnetpbm10 +%files -n libnetpbm%{libmaj} %defattr(-,root,root) %{_libdir}/lib*.so.* %files -n libnetpbm-devel %defattr(-,root,root) -/usr/include/* +%{_includedir}/%{name} %{_libdir}/lib*.so %changelog diff --git a/prepare-src-tarball b/prepare-src-tarball index 470b3aa..6dcc18e 100644 --- a/prepare-src-tarball +++ b/prepare-src-tarball @@ -7,8 +7,8 @@ rm -rf REMOVE mkdir REMOVE cd REMOVE -svn checkout http://netpbm.svn.sourceforge.net/svnroot/netpbm/super_stable netpbm -VER=`echo \`cut -f2 -d= netpbm*/Makefile.version \`|sed -e "s| |.|g"` +svn checkout http://netpbm.svn.sourceforge.net/svnroot/netpbm/advanced netpbm +VER=`echo \`cut -f2 -d= netpbm*/version.mk \`|sed -e "s| |.|g"` mv netpbm* netpbm-$VER find . -name ".svn" -exec rm -rf {} \; @@ -22,15 +22,6 @@ echo install.data: >> Makefile echo clean: >> Makefile cd ../../../.. -cd netpbm*/converter/other/jbig || exit 1 -rm -rf * -echo all: >> Makefile -echo install.bin: >> Makefile -echo install.man: >> Makefile -echo install.data: >> Makefile -echo clean: >> Makefile -cd ../../../.. - cd netpbm*/converter/ppm/ppmtompeg || exit 1 rm -rf * echo all: >> Makefile @@ -40,9 +31,8 @@ echo install.data: >> Makefile echo clean: >> Makefile cd ../../../.. -tar cjf ../netpbm-$VER-nohpcdtoppm-nojbig.tar.bz2 * +tar cjf ../netpbm-$VER-nohpcdtoppm-noppmtompeg.tar.bz2 * wget -m netpbm.sourceforge.net -rm netpbm.sourceforge.net/bdffont.tgz tar cjf ../netpbm-$VER-documentation.tar.bz2 netpbm.sourceforge.net