From b15ce829e9d425c4d1673b61f6ec5bf652a5969808d2ceb359445cadb580a5ad Mon Sep 17 00:00:00 2001
From: "Dr. Werner Fink" <werner@suse.com>
Date: Wed, 6 Oct 2021 11:09:27 +0000
Subject: [PATCH] Update transfig 3.2.8b + commit 1b09a8

OBS-URL: https://build.opensuse.org/package/show/Publishing/transfig?expand=0&rev=81
---
 1b09a8.patch                 | 25 +++++++++++++
 6827c09d.patch               | 68 ------------------------------------
 fig2dev-3.2.6-fig2mpdf.patch | 44 +++++++++++------------
 fig2dev-3.2.8a.tar.xz        |  3 --
 fig2dev-3.2.8b.tar.xz        |  3 ++
 transfig.changes             | 16 +++++++++
 transfig.spec                |  4 +--
 7 files changed, 68 insertions(+), 95 deletions(-)
 create mode 100644 1b09a8.patch
 delete mode 100644 6827c09d.patch
 delete mode 100644 fig2dev-3.2.8a.tar.xz
 create mode 100644 fig2dev-3.2.8b.tar.xz

diff --git a/1b09a8.patch b/1b09a8.patch
new file mode 100644
index 0000000..4ec803d
--- /dev/null
+++ b/1b09a8.patch
@@ -0,0 +1,25 @@
+From 1b09a885a8f0309bf1170ddcf07673801c79f895 Mon Sep 17 00:00:00 2001
+From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
+Date: Tue, 28 Sep 2021 21:58:41 +0200
+Subject: [PATCH] Correct a typo causing incorrect eps import, #137
+
+---
+ fig2dev/dev/readeps.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git fig2dev/dev/readeps.c fig2dev/dev/readeps.c
+index a7d6008..efeb33e 100644
+--- fig2dev/dev/readeps.c
++++ fig2dev/dev/readeps.c
+@@ -346,7 +346,7 @@ read_eps(F_pic *pic, struct xfig_stream *restrict pic_stream, int *llx,int *lly)
+ 				}
+ 				*llx = floor(rllx);
+ 				*lly = floor(rlly);
+-				pic->bit_size.x = (int)(rurx - rlly);
++				pic->bit_size.x = (int)(rurx - rllx);
+ 				pic->bit_size.y = (int)(rury - rlly);
+ 				break;
+ 			}
+-- 
+2.28.0
+
diff --git a/6827c09d.patch b/6827c09d.patch
deleted file mode 100644
index 9b31966..0000000
--- a/6827c09d.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 6827c09d2d6491cb2ae3ac7196439ff3aa791fd9 Mon Sep 17 00:00:00 2001
-From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
-Date: Sun, 25 Apr 2021 00:49:15 +0200
-Subject: [PATCH] Sanitize color definitions, ticket #116
-
----
- fig2dev/read.c | 35 +++++++++++++++++++++--------------
- 1 file changed, 21 insertions(+), 14 deletions(-)
-
-diff --git fig2dev/read.c fig2dev/read.c
-index 7e18fda..4c6bacc 100644
---- fig2dev/read.c
-+++ fig2dev/read.c
-@@ -520,30 +520,37 @@ read_colordef(char *line, int line_no)
- 
- 	if (num_usr_cols >= MAX_USR_COLS) {
- 		if (num_usr_cols == MAX_USR_COLS) {
--			put_msg("Maximum number of color definitions (%d) exceeded at line %d.",
-+			put_msg("Maximum number of color definitions (%d) "
-+					"exceeded at line %d.",
- 					MAX_USR_COLS, line_no);
- 			++num_usr_cols;
- 		}
- 		/* ignore additional colors */
- 		return;
- 	}
--	if (sscanf(line, "%*d %d #%2x%2x%2x", &c, &r, &g, &b) != 4) {
--		if (c >= NUM_STD_COLS && c < NUM_STD_COLS + MAX_USR_COLS) {
--			put_msg("Invalid color definition at line %d: %s, setting to black (#00000).",
--					line_no, line);
--			r = g = b = 0;
--		} else {
--			put_msg("User color number at line %d out of range (%d), should be between %d and %d.",
-+	if (sscanf(line, "%*d %d #%2x%2x%2x", &c, &r, &g, &b) == 4) {
-+		if (c >= NUM_STD_COLS && c < NUM_STD_COLS + MAX_USR_COLS &&
-+				r >=0 && r < 256 && g >=0 && g < 256 &&
-+				b >= 0 && b < 256 ) {
-+			user_col_indx[num_usr_cols] = c;
-+			user_colors[num_usr_cols].r = r;
-+			user_colors[num_usr_cols].g = g;
-+			user_colors[num_usr_cols].b = b;
-+			++num_usr_cols;
-+		} else if (c < NUM_STD_COLS || c >= NUM_STD_COLS+MAX_USR_COLS) {
-+			put_msg("User color number at line %d out of range (%d)"
-+					", should be between %d and %d.",
- 					line_no, c, NUM_STD_COLS,
- 					NUM_STD_COLS + MAX_USR_COLS - 1);
--			return;
-+		} else {
-+			put_msg("Invalid color definition at line %d: %s, color"
-+				       " values must be between 0 through 255.",
-+								line_no, line);
- 		}
-+	} else {
-+		put_msg("Invalid color definition at line %d: %s.",
-+							line_no, line);
- 	}
--	user_col_indx[num_usr_cols] = c;
--	user_colors[num_usr_cols].r = r;
--	user_colors[num_usr_cols].g = g;
--	user_colors[num_usr_cols].b = b;
--	++num_usr_cols;
- }
- 
- static void
--- 
-2.26.2
-
diff --git a/fig2dev-3.2.6-fig2mpdf.patch b/fig2dev-3.2.6-fig2mpdf.patch
index a302a68..2dfea27 100644
--- a/fig2dev-3.2.6-fig2mpdf.patch
+++ b/fig2dev-3.2.6-fig2mpdf.patch
@@ -380,26 +380,26 @@ diff --git a/fig2dev/drivers.h b/fig2dev/drivers.h
  extern struct driver dev_pstricks;
  extern struct driver dev_textyl;
  extern struct driver dev_tk;
-@@ -81,6 +83,7 @@ struct {
- 	{"pdf",		&dev_pdf},
- 	{"pdftex",	&dev_pdftex},
- 	{"pdftex_t",	&dev_pdftex_t},
-+	{"pdftex_p",	&dev_pdftex_p},
- 	{"pic",		&dev_pic},
- 	{"pict2e",	&dev_pict2e},
- 	{"pictex",	&dev_pictex},
-@@ -89,6 +92,7 @@ struct {
- 	{"ps",		&dev_ps},
- 	{"pstex",	&dev_pstex},
- 	{"pstex_t",	&dev_pstex_t},
-+	{"pstex_p",	&dev_pstex_p},
- 	{"pstricks",	&dev_pstricks},
- 	{"ptk",		&dev_ptk},
- 	{"shape",	&dev_shape},
+@@ -84,6 +86,7 @@ struct {
+ 	{"pdf",		NULL,	&dev_pdf},
+ 	{"pdftex",	NULL,	&dev_pdftex},
+ 	{"pdftex_t",	NULL,	&dev_pdftex_t},
++	{"pdftex_p",	NULL,	&dev_pdftex_p},
+ 	{"pic",		NULL,	&dev_pic},
+ 	{"pict2e",	NULL,	&dev_pict2e},
+ 	{"pictex",	NULL,	&dev_pictex},
+@@ -92,6 +95,7 @@ struct {
+ 	{"ps",		NULL,	&dev_ps},
+ 	{"pstex",	NULL,	&dev_pstex},
+ 	{"pstex_t",	NULL,	&dev_pstex_t},
++	{"pstex_p",	NULL,	&dev_pstex_p},
+ 	{"pstricks",	NULL,	&dev_pstricks},
+ 	{"ptk",		NULL,	&dev_ptk},
+ 	{"shape",	NULL,	&dev_shape},
 diff --git a/fig2dev/fig2dev.c b/fig2dev/fig2dev.c
 --- a/fig2dev/fig2dev.c
 +++ b/fig2dev/fig2dev.c
-@@ -826,6 +826,23 @@ help_msg(void)
+@@ -844,6 +844,23 @@ help_msg(void)
  			);
  		}
  
@@ -423,7 +423,7 @@ diff --git a/fig2dev/fig2dev.c b/fig2dev/fig2dev.c
  		if (dev == NULL || !strcmp(lang, "shape")) {
  			puts(
  "SHAPE (ShapePar driver) Options:\n"
-@@ -973,6 +990,12 @@ static int compound_dump(F_compound *com
+@@ -991,6 +1008,12 @@ static int compound_dump(F_compound *com
  static int
  rec_comp(struct obj_rec *r1, struct obj_rec *r2)
  {
@@ -1337,7 +1337,7 @@ diff --git a/fig2mpdf/fig2mpdf b/fig2mpdf/fig2mpdf
 diff --git a/man/fig2dev.1.in b/man/fig2dev.1.in
 --- a/man/fig2dev.1.in
 +++ b/man/fig2dev.1.in
-@@ -64,8 +64,8 @@ Set the output graphics language.
+@@ -75,8 +75,8 @@ Set the output graphics language.
  Valid languages are
  \fBbox, cgm, dxf, epic, eepic, eepicemu, emf, eps, gbx (Gerber beta
  driver), gif, ibmgl, jpeg, latex, map (HTML image map), mf (MetaFont),
@@ -1348,7 +1348,7 @@ diff --git a/man/fig2dev.1.in b/man/fig2dev.1.in
  shape (LaTeX shaped paragraphs), sld (AutoCad slide format), svg,
  textyl, tiff, tikz, tk (tcl/tk), tpic, xbm and xpm\fR.
  
-@@ -1165,6 +1165,61 @@ text flagged as "TeX Text".
+@@ -1178,6 +1178,61 @@ text flagged as "TeX Text".
  The pstex and pdftex drivers accept the same options that the EPS driver
  accepts.
  
@@ -1410,7 +1410,7 @@ diff --git a/man/fig2dev.1.in b/man/fig2dev.1.in
  .TP
  .B \-n name
  Set the Title part of the PostScript output to
-@@ -1588,6 +1643,12 @@ The string \fIfont\fR can be one of
+@@ -1601,6 +1656,12 @@ The string \fIfont\fR can be one of
  
  
  .SH BUGS and RESTRICTIONS
@@ -1423,7 +1423,7 @@ diff --git a/man/fig2dev.1.in b/man/fig2dev.1.in
  Please send bug reports, fixes, new features etc. to:
  .br
  \&@PACKAGE_BUGREPORT@
-@@ -1677,3 +1738,7 @@ Michael Schrick (m_schrick@hotmail.com)
+@@ -1690,3 +1751,7 @@ Michael Schrick (m_schrick@hotmail.com)
  The GBX (Gerber) driver was written by
  .br
  Edward Grace (ej.grace@imperial.ac.uk).
diff --git a/fig2dev-3.2.8a.tar.xz b/fig2dev-3.2.8a.tar.xz
deleted file mode 100644
index 2f785cf..0000000
--- a/fig2dev-3.2.8a.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6336ac492d0f71dfb7a1dd8f4d78eae17aa57a34f743d4e5ba9814991c2da7ae
-size 520000
diff --git a/fig2dev-3.2.8b.tar.xz b/fig2dev-3.2.8b.tar.xz
new file mode 100644
index 0000000..dccc241
--- /dev/null
+++ b/fig2dev-3.2.8b.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:418a164aa9fad72d25bb4fec8d7b452fe3a2f12f990cf22e05c0eb16cecb68cb
+size 522756
diff --git a/transfig.changes b/transfig.changes
index 81d40c7..4eddf06 100644
--- a/transfig.changes
+++ b/transfig.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Wed Oct  6 10:45:30 UTC 2021 - Dr. Werner Fink <werner@suse.de>
+
+- Update to fig2dev version 3.2.8 Patchlevel 8b (Aug 2021)
+  o Detect the output language from the output file name.
+  o On the command line, a minus (-) as input or output file name refers
+    to standard input or standard output.
+  o Correct buffer overflows and segfaults, mainly due to maliciously
+    crafted input files, tickets #113-117, #122, #123, #125-#135.
+  o With -Lepic -P, generate a complete tex file.
+  o Correctly produce a gif if a transparent color is given, ticket #121.
+  o Return with error if no space is left on the device. Ticket #101.
+- Remove patch 6827c09d.patch now upstream
+- Add patch 1b09a8.patch from upstream (for ticket #137)
+- Port patch fig2dev-3.2.6-fig2mpdf.patch back
+
 -------------------------------------------------------------------
 Mon Aug 16 07:40:07 UTC 2021 - Dr. Werner Fink <werner@suse.de>
 
diff --git a/transfig.spec b/transfig.spec
index addb84a..26069bf 100644
--- a/transfig.spec
+++ b/transfig.spec
@@ -57,7 +57,7 @@ Requires:       netpbm
 %if 0%{?suse_version} > 1315
 Requires:       texlive-epstopdf
 %endif
-Version:        3.2.8a
+Version:        3.2.8b
 Release:        0
 Summary:        Graphic Converter
 #Source:        http://sourceforge.net/projects/mcj/files/fig2dev-%{version}.tar.xz/download#/fig2dev-%{version}.tar.xz
@@ -65,7 +65,7 @@ License:        MIT
 Group:          Productivity/Graphics/Convertors
 Source:         fig2dev-%{version}.tar.xz
 Patch0:         transfig-3.2.8.dif
-Patch1:         6827c09d.patch
+Patch1:         1b09a8.patch
 Patch4:         transfig-fix-afl.patch
 Patch43:        fig2dev-3.2.6-fig2mpdf.patch
 Patch44:        fig2dev-3.2.6-fig2mpdf-doc.patch