diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-12-09 00:56:58 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-12-12 20:49:12 +0100 |
commit | d1ee69a9e8b33cdf6463fbece0421bb1e937b4ca (patch) | |
tree | 7fb0a5ce6596a5a37b284b395f0b90198f9f15df | |
parent | ef2a540ac4233f77bf9127395187c0b6e3199810 (diff) | |
download | patches-d1ee69a9e8b33cdf6463fbece0421bb1e937b4ca.tar patches-d1ee69a9e8b33cdf6463fbece0421bb1e937b4ca.tar.gz |
gnu: cairo: Update to 1.16.0.
* gnu/packages/patches/cairo-CVE-2016-9082.patch,
gnu/packages/patches/cairo-setjmp-wrapper.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them/
* gnu/packages/gtk.scm (cairo): Update to 1.16.0.
[source](patches): Remove.
-rw-r--r-- | gnu/local.mk | 2 | ||||
-rw-r--r-- | gnu/packages/gtk.scm | 6 | ||||
-rw-r--r-- | gnu/packages/patches/cairo-CVE-2016-9082.patch | 122 | ||||
-rw-r--r-- | gnu/packages/patches/cairo-setjmp-wrapper.patch | 78 |
4 files changed, 2 insertions, 206 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 6541bcc8be..aaab4c72ec 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -608,8 +608,6 @@ dist_patch_DATA = \ %D%/packages/patches/boost-fix-icu-build.patch \ %D%/packages/patches/borg-respect-storage-quota.patch \ %D%/packages/patches/byobu-writable-status.patch \ - %D%/packages/patches/cairo-CVE-2016-9082.patch \ - %D%/packages/patches/cairo-setjmp-wrapper.patch \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/calibre-use-packaged-feedparser.patch \ %D%/packages/patches/casync-renameat2-declaration.patch \ diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index a047988845..7992a978c8 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -115,16 +115,14 @@ tools have full access to view and control running applications.") (define-public cairo (package (name "cairo") - (version "1.14.12") + (version "1.16.0") (source (origin (method url-fetch) (uri (string-append "https://cairographics.org/releases/cairo-" version ".tar.xz")) (sha256 (base32 - "05mzyxkvsfc1annjw2dja8vka01ampp9pp93lg09j8hba06g144c")) - (patches (search-patches "cairo-CVE-2016-9082.patch" - "cairo-setjmp-wrapper.patch")))) + "0c930mk5xr2bshbdljv005j3j8zr47gqmkry3q6qgvqky6rjjysy")))) (build-system gnu-build-system) (propagated-inputs `(("fontconfig" ,fontconfig) diff --git a/gnu/packages/patches/cairo-CVE-2016-9082.patch b/gnu/packages/patches/cairo-CVE-2016-9082.patch deleted file mode 100644 index ad83404194..0000000000 --- a/gnu/packages/patches/cairo-CVE-2016-9082.patch +++ /dev/null @@ -1,122 +0,0 @@ -From: Adrian Johnson <ajohnson@redneon.com> -Date: Thu, 20 Oct 2016 21:12:30 +1030 -Subject: [PATCH] image: prevent invalid ptr access for > 4GB images - -Image data is often accessed using: - - image->data + y * image->stride - -On 64-bit achitectures if the image data is > 4GB, this computation -will overflow since both y and stride are 32-bit types. - -bug report: https://bugs.freedesktop.org/show_bug.cgi?id=98165 -patch: https://bugs.freedesktop.org/attachment.cgi?id=127421 ---- - boilerplate/cairo-boilerplate.c | 4 +++- - src/cairo-image-compositor.c | 4 ++-- - src/cairo-image-surface-private.h | 2 +- - src/cairo-mesh-pattern-rasterizer.c | 2 +- - src/cairo-png.c | 2 +- - src/cairo-script-surface.c | 3 ++- - 6 files changed, 10 insertions(+), 7 deletions(-) - -diff --git a/boilerplate/cairo-boilerplate.c b/boilerplate/cairo-boilerplate.c -index 7fdbf79..4804dea 100644 ---- a/boilerplate/cairo-boilerplate.c -+++ b/boilerplate/cairo-boilerplate.c -@@ -42,6 +42,7 @@ - #undef CAIRO_VERSION_H - #include "../cairo-version.h" - -+#include <stddef.h> - #include <stdlib.h> - #include <ctype.h> - #include <assert.h> -@@ -976,7 +977,8 @@ cairo_surface_t * - cairo_boilerplate_image_surface_create_from_ppm_stream (FILE *file) - { - char format; -- int width, height, stride; -+ int width, height; -+ ptrdiff_t stride; - int x, y; - unsigned char *data; - cairo_surface_t *image = NULL; -diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c -index 48072f8..3ca0006 100644 ---- a/src/cairo-image-compositor.c -+++ b/src/cairo-image-compositor.c -@@ -1575,7 +1575,7 @@ typedef struct _cairo_image_span_renderer { - pixman_image_t *src, *mask; - union { - struct fill { -- int stride; -+ ptrdiff_t stride; - uint8_t *data; - uint32_t pixel; - } fill; -@@ -1594,7 +1594,7 @@ typedef struct _cairo_image_span_renderer { - struct finish { - cairo_rectangle_int_t extents; - int src_x, src_y; -- int stride; -+ ptrdiff_t stride; - uint8_t *data; - } mask; - } u; -diff --git a/src/cairo-image-surface-private.h b/src/cairo-image-surface-private.h -index 8ca694c..7e78d61 100644 ---- a/src/cairo-image-surface-private.h -+++ b/src/cairo-image-surface-private.h -@@ -71,7 +71,7 @@ struct _cairo_image_surface { - - int width; - int height; -- int stride; -+ ptrdiff_t stride; - int depth; - - unsigned owns_data : 1; -diff --git a/src/cairo-mesh-pattern-rasterizer.c b/src/cairo-mesh-pattern-rasterizer.c -index 1b63ca8..e7f0db6 100644 ---- a/src/cairo-mesh-pattern-rasterizer.c -+++ b/src/cairo-mesh-pattern-rasterizer.c -@@ -470,7 +470,7 @@ draw_pixel (unsigned char *data, int width, int height, int stride, - tg += tg >> 16; - tb += tb >> 16; - -- *((uint32_t*) (data + y*stride + 4*x)) = ((ta << 16) & 0xff000000) | -+ *((uint32_t*) (data + y*(ptrdiff_t)stride + 4*x)) = ((ta << 16) & 0xff000000) | - ((tr >> 8) & 0xff0000) | ((tg >> 16) & 0xff00) | (tb >> 24); - } - } -diff --git a/src/cairo-png.c b/src/cairo-png.c -index 562b743..aa8c227 100644 ---- a/src/cairo-png.c -+++ b/src/cairo-png.c -@@ -673,7 +673,7 @@ read_png (struct png_read_closure_t *png_closure) - } - - for (i = 0; i < png_height; i++) -- row_pointers[i] = &data[i * stride]; -+ row_pointers[i] = &data[i * (ptrdiff_t)stride]; - - png_read_image (png, row_pointers); - png_read_end (png, info); -diff --git a/src/cairo-script-surface.c b/src/cairo-script-surface.c -index ea0117d..91e4baa 100644 ---- a/src/cairo-script-surface.c -+++ b/src/cairo-script-surface.c -@@ -1202,7 +1202,8 @@ static cairo_status_t - _write_image_surface (cairo_output_stream_t *output, - const cairo_image_surface_t *image) - { -- int stride, row, width; -+ int row, width; -+ ptrdiff_t stride; - uint8_t row_stack[CAIRO_STACK_BUFFER_SIZE]; - uint8_t *rowdata; - uint8_t *data; --- -2.1.4 - diff --git a/gnu/packages/patches/cairo-setjmp-wrapper.patch b/gnu/packages/patches/cairo-setjmp-wrapper.patch deleted file mode 100644 index bffac6e041..0000000000 --- a/gnu/packages/patches/cairo-setjmp-wrapper.patch +++ /dev/null @@ -1,78 +0,0 @@ -Revert faulty commit to avoid undefined behaviour: -https://bugs.freedesktop.org/show_bug.cgi?id=104325 - -Taken from this upstream commit: -https://cgit.freedesktop.org/cairo/commit/?h=1.14&id=2acc4382c54bd8239361ceed14423412a343d311 - -diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c -index cb2e30c..5541bdc 100644 ---- a/src/cairo-bentley-ottmann-rectangular.c -+++ b/src/cairo-bentley-ottmann-rectangular.c -@@ -593,12 +593,6 @@ sweep_line_insert (sweep_line_t *sweep, rectangle_t *rectangle) - pqueue_push (sweep, rectangle); - } - --static int --sweep_line_setjmp (sweep_line_t *sweep_line) --{ -- return setjmp (sweep_line->unwind); --} -- - static cairo_status_t - _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles, - int num_rectangles, -@@ -615,7 +609,7 @@ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles, - rectangles, num_rectangles, - fill_rule, - do_traps, container); -- if ((status = sweep_line_setjmp (&sweep_line))) -+ if ((status = setjmp (sweep_line.unwind))) - return status; - - rectangle = rectangle_pop_start (&sweep_line); -diff --git a/src/cairo-png.c b/src/cairo-png.c -index e64b14a..068617d 100644 ---- a/src/cairo-png.c -+++ b/src/cairo-png.c -@@ -158,14 +158,6 @@ png_simple_warning_callback (png_structp png, - */ - } - --static int --png_setjmp (png_struct *png) --{ --#ifdef PNG_SETJMP_SUPPORTED -- return setjmp (png_jmpbuf (png)); --#endif -- return 0; --} - - /* Starting with libpng-1.2.30, we must explicitly specify an output_flush_fn. - * Otherwise, we will segfault if we are writing to a stream. */ -@@ -237,8 +229,10 @@ write_png (cairo_surface_t *surface, - goto BAIL4; - } - -- if (png_setjmp (png)) -+#ifdef PNG_SETJMP_SUPPORTED -+ if (setjmp (png_jmpbuf (png))) - goto BAIL4; -+#endif - - png_set_write_fn (png, closure, write_func, png_simple_output_flush_fn); - -@@ -577,11 +571,12 @@ read_png (struct png_read_closure_t *png_closure) - png_set_read_fn (png, png_closure, stream_read_func); - - status = CAIRO_STATUS_SUCCESS; -- -- if (png_setjmp (png)) { -+#ifdef PNG_SETJMP_SUPPORTED -+ if (setjmp (png_jmpbuf (png))) { - surface = _cairo_surface_create_in_error (status); - goto BAIL; - } -+#endif - - png_read_info (png, info); - |