summaryrefslogtreecommitdiff
path: root/extra/netpbm
diff options
context:
space:
mode:
authorroot <root@rshg054.dnsready.net>2013-02-25 00:05:01 -0800
committerroot <root@rshg054.dnsready.net>2013-02-25 00:05:01 -0800
commit7fdd408bcb7558171b6a91530226a8b910ec906a (patch)
tree87f874d69f830d717250b1dea9f376f3a705a51e /extra/netpbm
parent90f97c6f30af5c30599fab0b6d6c1f474ad15fe0 (diff)
Mon Feb 25 00:04:58 PST 2013
Diffstat (limited to 'extra/netpbm')
-rw-r--r--extra/netpbm/PKGBUILD31
-rw-r--r--extra/netpbm/netpbm-security-code.patch850
-rw-r--r--extra/netpbm/netpbm-security-scripts.patch18
3 files changed, 452 insertions, 447 deletions
diff --git a/extra/netpbm/PKGBUILD b/extra/netpbm/PKGBUILD
index b447bee50..f9e1cfb20 100644
--- a/extra/netpbm/PKGBUILD
+++ b/extra/netpbm/PKGBUILD
@@ -1,8 +1,8 @@
-# $Id: PKGBUILD 148858 2012-02-05 11:53:06Z ibiru $
+# $Id: PKGBUILD 178515 2013-02-24 21:47:43Z eric $
# Maintainer: Kevin Piche <kevin@archlinux.org>
pkgname=netpbm
-pkgver=10.57.1
+pkgver=10.61.02
pkgrel=1
pkgdesc="A toolkit for manipulation of graphic images"
arch=('i686' 'x86_64')
@@ -11,18 +11,27 @@ url="http://netpbm.sourceforge.net/"
depends=('perl' 'libpng' 'libtiff' 'libxml2')
makedepends=('python2')
options=('!makeflags')
-# Releases after 10.34 are available via SVN only.
-# Get Advanced tarball here: http://netpbm.sourceforge.net/release.html#tarball
-# Get version number from version.mk
-# Get docs with: wget --recursive --relative -nH http://netpbm.sourceforge.net/doc/
-source=(ftp://ftp.archlinux.org/other/netpbm/${pkgname}-${pkgver}.tar.gz \
- ftp://ftp.archlinux.org/other/netpbm/netpbm-doc-22Feb2009.tar.xz \
+source=(ftp://ftp.archlinux.org/other/packages/netpbm/${pkgname}-${pkgver}.tar.gz{,.sig} \
+ ftp://ftp.archlinux.org/other/packages/netpbm/netpbm-doc-22Feb2009.tar.xz{,.sig} \
netpbm-CAN-2005-2471.patch netpbm-security-code.patch netpbm-security-scripts.patch)
-sha1sums=('cd0b99333faf994a680d77c5d217034df35ebd4e'
+sha1sums=('dc2354716996c8fe4c4836386e6c403ec2f15589'
+ '253df0e79f9344e68ee907a43347d630ff6b1b95'
'dfeba9f9a5fe987d64db0aadb5ca8c1b20fcead2'
+ 'e9513608a661beb05a63270931f6191029e935f8'
'b79cf9d42488fea065ba16262ed97694c47af08d'
- '4cd5b94a24886ecae3973c5ae104d8298fe5a1f5'
- '2ac31f714121e08e47af9337c6bbaab3cbfc5c75')
+ 'cde27f75fa5ca8010a3b1f08d8e247d42243d0f5'
+ '300a2386d3207005f4cb4120bbb2f3788a9b7716')
+
+# source PKGBUILD && mksource
+mksource() {
+# Get docs with: wget --recursive --relative -nH http://netpbm.sourceforge.net/doc/
+ curl -o advanced.tar.gz 'http://netpbm.svn.sourceforge.net/viewvc/netpbm/advanced.tar.gz?view=tar'
+ tar -xf advanced.tar.gz advanced/version.mk
+ _pkgver=$(grep MAJOR advanced/version.mk |cut -d ' ' -f 3).$(grep MINOR advanced/version.mk |cut -d ' ' -f 3).0$(grep POINT advanced/version.mk |cut -d ' ' -f 3)
+ mv advanced.tar.gz ${pkgname}-${_pkgver}.tar.gz
+ gpg --detach-sign --use-agent -u ${GPGKEY} ${pkgname}-${_pkgver}.tar.gz
+ rm -r advanced
+}
build() {
cd "${srcdir}/advanced"
diff --git a/extra/netpbm/netpbm-security-code.patch b/extra/netpbm/netpbm-security-code.patch
index da67a8f92..27b49fbae 100644
--- a/extra/netpbm/netpbm-security-code.patch
+++ b/extra/netpbm/netpbm-security-code.patch
@@ -1,39 +1,35 @@
-diff -up netpbm-10.47.04/analyzer/pgmtexture.c.security netpbm-10.47.04/analyzer/pgmtexture.c
---- netpbm-10.47.04/analyzer/pgmtexture.c.security 2009-10-21 13:38:55.000000000 +0200
-+++ netpbm-10.47.04/analyzer/pgmtexture.c 2009-10-21 15:09:33.000000000 +0200
-@@ -79,6 +79,9 @@ vector (int nl, int nh)
- {
- float *v;
-
-+ if(nh < nl)
-+ pm_error("assert: h < l");
+diff -up netpbm-10.58.01/analyzer/pgmtexture.c.security-code netpbm-10.58.01/analyzer/pgmtexture.c
+--- netpbm-10.58.01/analyzer/pgmtexture.c.security-code 2012-04-09 15:31:32.000000000 +0200
++++ netpbm-10.58.01/analyzer/pgmtexture.c 2012-04-09 15:40:03.183620040 +0200
+@@ -97,7 +97,7 @@ vector(unsigned int const nl,
+ float * v;
+
+ assert(nh >= nl);
+-
+ overflow_add(nh - nl, 1);
MALLOCARRAY(v, (unsigned) (nh - nl + 1));
+
if (v == NULL)
- pm_error("Unable to allocate memory for a vector.");
-@@ -95,6 +98,9 @@ matrix (int nrl, int nrh, int ncl, int n
- float **m;
+@@ -129,6 +129,7 @@ matrix (unsigned int const nrl,
+ assert(nrh >= nrl);
/* allocate pointers to rows */
-+ if(nrh < nrl)
-+ pm_error("assert: h < l");
+ overflow_add(nrh - nrl, 1);
MALLOCARRAY(m, (unsigned) (nrh - nrl + 1));
if (m == NULL)
pm_error("Unable to allocate memory for a matrix.");
-@@ -102,6 +108,9 @@ matrix (int nrl, int nrh, int ncl, int n
- assert (nch >= ncl);
+@@ -136,7 +137,7 @@ matrix (unsigned int const nrl,
+ m -= ncl;
- /* allocate rows and set pointers to them */
-+ if(nch < ncl)
-+ pm_error("assert: h < l");
+ assert (nch >= ncl);
+-
+ overflow_add(nch - ncl, 1);
+ /* allocate rows and set pointers to them */
for (i = nrl; i <= nrh; ++i) {
MALLOCARRAY(m[i], (unsigned) (nch - ncl + 1));
- if (m[i] == NULL)
-diff -up netpbm-10.47.04/converter/other/gemtopnm.c.security netpbm-10.47.04/converter/other/gemtopnm.c
---- netpbm-10.47.04/converter/other/gemtopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/gemtopnm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/gemtopnm.c.security-code netpbm-10.58.01/converter/other/gemtopnm.c
+--- netpbm-10.58.01/converter/other/gemtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/gemtopnm.c 2012-04-09 15:40:03.183620040 +0200
@@ -106,6 +106,7 @@ main(argc, argv)
pnm_writepnminit( stdout, cols, rows, MAXVAL, type, 0 );
@@ -42,10 +38,10 @@ diff -up netpbm-10.47.04/converter/other/gemtopnm.c.security netpbm-10.47.04/con
{
/* allocate input row data structure */
int plane;
-diff -up netpbm-10.47.04/converter/other/jpegtopnm.c.security netpbm-10.47.04/converter/other/jpegtopnm.c
---- netpbm-10.47.04/converter/other/jpegtopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/jpegtopnm.c 2009-10-21 15:54:30.000000000 +0200
-@@ -861,6 +861,8 @@ convertImage(FILE *
+diff -up netpbm-10.58.01/converter/other/jpegtopnm.c.security-code netpbm-10.58.01/converter/other/jpegtopnm.c
+--- netpbm-10.58.01/converter/other/jpegtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200
++++ netpbm-10.58.01/converter/other/jpegtopnm.c 2012-04-09 15:40:03.184620028 +0200
+@@ -861,6 +861,8 @@ convertImage(FILE *
/* Calculate output image dimensions so we can allocate space */
jpeg_calc_output_dimensions(cinfoP);
@@ -54,9 +50,9 @@ diff -up netpbm-10.47.04/converter/other/jpegtopnm.c.security netpbm-10.47.04/co
/* Start decompressor */
jpeg_start_decompress(cinfoP);
-diff -up netpbm-10.47.04/converter/other/pbmtopgm.c.security netpbm-10.47.04/converter/other/pbmtopgm.c
---- netpbm-10.47.04/converter/other/pbmtopgm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/pbmtopgm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/pbmtopgm.c.security-code netpbm-10.58.01/converter/other/pbmtopgm.c
+--- netpbm-10.58.01/converter/other/pbmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/pbmtopgm.c 2012-04-09 15:40:03.184620028 +0200
@@ -47,6 +47,7 @@ main(int argc, char *argv[]) {
"than the image height (%u rows)", height, rows);
@@ -65,10 +61,9 @@ diff -up netpbm-10.47.04/converter/other/pbmtopgm.c.security netpbm-10.47.04/con
maxval = MIN(PGM_OVERALLMAXVAL, width*height);
pgm_writepgminit(stdout, cols, rows, maxval, 0) ;
-diff -up netpbm-10.47.04/converter/other/pngtopnm.c.security netpbm-10.47.04/converter/other/pngtopnm.c
-diff -up netpbm-10.47.04/converter/other/pnmtoddif.c.security netpbm-10.47.04/converter/other/pnmtoddif.c
---- netpbm-10.47.04/converter/other/pnmtoddif.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/pnmtoddif.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/pnmtoddif.c.security-code netpbm-10.58.01/converter/other/pnmtoddif.c
+--- netpbm-10.58.01/converter/other/pnmtoddif.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/pnmtoddif.c 2012-04-09 15:40:03.185620015 +0200
@@ -632,6 +632,7 @@ main(int argc, char *argv[]) {
switch (PNM_FORMAT_TYPE(format)) {
case PBM_TYPE:
@@ -85,9 +80,9 @@ diff -up netpbm-10.47.04/converter/other/pnmtoddif.c.security netpbm-10.47.04/co
ip.bytes_per_line = 3 * cols;
ip.bits_per_pixel = 24;
ip.spectral = 5;
-diff -up netpbm-10.47.04/converter/other/pnmtojpeg.c.security netpbm-10.47.04/converter/other/pnmtojpeg.c
---- netpbm-10.47.04/converter/other/pnmtojpeg.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/pnmtojpeg.c 2009-10-21 15:56:32.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/pnmtojpeg.c.security-code netpbm-10.58.01/converter/other/pnmtojpeg.c
+--- netpbm-10.58.01/converter/other/pnmtojpeg.c.security-code 2012-04-09 15:31:39.000000000 +0200
++++ netpbm-10.58.01/converter/other/pnmtojpeg.c 2012-04-09 15:40:03.186620002 +0200
@@ -605,7 +605,11 @@ read_scan_script(j_compress_ptr const ci
want JPOOL_PERMANENT.
*/
@@ -101,7 +96,7 @@ diff -up netpbm-10.47.04/converter/other/pnmtojpeg.c.security netpbm-10.47.04/co
(jpeg_scan_info *)
(*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE,
scan_info_size);
-@@ -936,6 +940,8 @@ compute_rescaling_array(JSAMPLE ** const
+@@ -937,6 +941,8 @@ compute_rescaling_array(JSAMPLE ** const
const long half_maxval = maxval / 2;
long val;
@@ -110,7 +105,7 @@ diff -up netpbm-10.47.04/converter/other/pnmtojpeg.c.security netpbm-10.47.04/co
*rescale_p = (JSAMPLE *)
(cinfo.mem->alloc_small) ((j_common_ptr) &cinfo, JPOOL_IMAGE,
(size_t) (((long) maxval + 1L) *
-@@ -1014,6 +1020,7 @@ convert_scanlines(struct jpeg_compress_s
+@@ -1015,6 +1021,7 @@ convert_scanlines(struct jpeg_compress_s
*/
/* Allocate the libpnm output and compressor input buffers */
@@ -118,33 +113,48 @@ diff -up netpbm-10.47.04/converter/other/pnmtojpeg.c.security netpbm-10.47.04/co
buffer = (*cinfo_p->mem->alloc_sarray)
((j_common_ptr) cinfo_p, JPOOL_IMAGE,
(unsigned int) cinfo_p->image_width * cinfo_p->input_components,
-diff -up netpbm-10.47.04/converter/other/pnmtosgi.c.security netpbm-10.47.04/converter/other/pnmtosgi.c
---- netpbm-10.47.04/converter/other/pnmtosgi.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/pnmtosgi.c 2009-10-21 15:09:33.000000000 +0200
-@@ -213,6 +213,22 @@ write_channels(cols, rows, channels, put
+diff -up netpbm-10.58.01/converter/other/pnmtops.c.security-code netpbm-10.58.01/converter/other/pnmtops.c
+--- netpbm-10.58.01/converter/other/pnmtops.c.security-code 2012-04-09 15:31:40.000000000 +0200
++++ netpbm-10.58.01/converter/other/pnmtops.c 2012-04-09 15:40:03.187619989 +0200
+@@ -256,17 +256,21 @@ parseCommandLine(int argc, const char **
+ validateCompDimension(width, 72, "-width value");
+ validateCompDimension(height, 72, "-height value");
+
++ overflow2(width, 72);
+ cmdlineP->width = width * 72;
++ overflow2(height, 72);
+ cmdlineP->height = height * 72;
+
+ if (imagewidthSpec) {
+ validateCompDimension(imagewidth, 72, "-imagewidth value");
++ overflow2(imagewidth, 72);
+ cmdlineP->imagewidth = imagewidth * 72;
}
- }
-
-+static void *
-+xmalloc2(int x, int y)
-+{
-+ void *mem;
-+
-+ overflow2(x,y);
-+ if( x * y == 0 )
-+ return NULL;
-+
-+ mem = malloc2(x, y);
-+ if( mem == NULL )
-+ pm_error("out of memory allocating %d bytes", x * y);
-+ return mem;
-+}
-+
-+
- static void
- put_big_short(short s)
- {
-@@ -250,6 +266,7 @@ build_channels(FILE *ifp, int cols, int
+ else
+ cmdlineP->imagewidth = 0;
+ if (imageheightSpec) {
+- validateCompDimension(imagewidth, 72, "-imageheight value");
++ validateCompDimension(imageheight, 72, "-imageheight value");
++ overflow2(imageheight, 72);
+ cmdlineP->imageheight = imageheight * 72;
+ }
+ else
+diff -up netpbm-10.58.01/converter/other/pnmtorle.c.security-code netpbm-10.58.01/converter/other/pnmtorle.c
+--- netpbm-10.58.01/converter/other/pnmtorle.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/pnmtorle.c 2012-04-09 15:40:03.188619976 +0200
+@@ -19,6 +19,8 @@
+ * If you modify this software, you should include a notice giving the
+ * name of the person performing the modification, the date of modification,
+ * and the reason for such modification.
++ *
++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox <alan@redhat.com>
+ */
+ /*
+ * pnmtorle - A program which will convert pbmplus (ppm or pgm) images
+diff -up netpbm-10.58.01/converter/other/pnmtosgi.c.security-code netpbm-10.58.01/converter/other/pnmtosgi.c
+--- netpbm-10.58.01/converter/other/pnmtosgi.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/pnmtosgi.c 2012-04-09 15:40:03.188619976 +0200
+@@ -254,6 +254,7 @@ build_channels(FILE * const ifp, int con
#endif
if( storage != STORAGE_VERBATIM ) {
@@ -152,7 +162,7 @@ diff -up netpbm-10.47.04/converter/other/pnmtosgi.c.security netpbm-10.47.04/con
MALLOCARRAY_NOFAIL(table, channels * rows);
MALLOCARRAY_NOFAIL(rletemp, WORSTCOMPR(cols));
}
-@@ -303,6 +320,8 @@ compress(temp, row, rows, cols, chan_no,
+@@ -306,6 +307,8 @@ compress(ScanElem * temp,
break;
case STORAGE_RLE:
tabrow = chan_no * rows + row;
@@ -161,9 +171,9 @@ diff -up netpbm-10.47.04/converter/other/pnmtosgi.c.security netpbm-10.47.04/con
len = rle_compress(temp, cols); /* writes result into rletemp */
channel[chan_no][row].length = len;
MALLOCARRAY(p, len);
-diff -up netpbm-10.47.04/converter/other/rletopnm.c.security netpbm-10.47.04/converter/other/rletopnm.c
---- netpbm-10.47.04/converter/other/rletopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/rletopnm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/rletopnm.c.security-code netpbm-10.58.01/converter/other/rletopnm.c
+--- netpbm-10.58.01/converter/other/rletopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/rletopnm.c 2012-04-09 15:40:03.189619963 +0200
@@ -19,6 +19,8 @@
* If you modify this software, you should include a notice giving the
* name of the person performing the modification, the date of modification,
@@ -173,10 +183,10 @@ diff -up netpbm-10.47.04/converter/other/rletopnm.c.security netpbm-10.47.04/con
*/
/*
* rletopnm - A conversion program to convert from Utah's "rle" image format
-diff -up netpbm-10.47.04/converter/other/sgitopnm.c.security netpbm-10.47.04/converter/other/sgitopnm.c
---- netpbm-10.47.04/converter/other/sgitopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/sgitopnm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -252,10 +252,14 @@ read_channels(ifp, head, table, func, oc
+diff -up netpbm-10.58.01/converter/other/sgitopnm.c.security-code netpbm-10.58.01/converter/other/sgitopnm.c
+--- netpbm-10.58.01/converter/other/sgitopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/sgitopnm.c 2012-04-09 15:40:03.189619963 +0200
+@@ -359,10 +359,14 @@ readChannels(FILE * const ifP,
MALLOCARRAY_NOFAIL(image, head->ysize);
} else {
maxchannel = MIN(3, head->zsize);
@@ -190,11 +200,11 @@ diff -up netpbm-10.47.04/converter/other/sgitopnm.c.security netpbm-10.47.04/con
MALLOCARRAY_NOFAIL(temp, WORSTCOMPR(head->xsize));
+ }
- for(channel = 0; channel < maxchannel; ++channel) {
+ for (channel = 0; channel < maxchannel; ++channel) {
unsigned int row;
-diff -up netpbm-10.47.04/converter/other/sirtopnm.c.security netpbm-10.47.04/converter/other/sirtopnm.c
---- netpbm-10.47.04/converter/other/sirtopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/sirtopnm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/sirtopnm.c.security-code netpbm-10.58.01/converter/other/sirtopnm.c
+--- netpbm-10.58.01/converter/other/sirtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/sirtopnm.c 2012-04-09 15:40:03.190619951 +0200
@@ -69,6 +69,7 @@ char* argv[];
}
break;
@@ -203,10 +213,10 @@ diff -up netpbm-10.47.04/converter/other/sirtopnm.c.security netpbm-10.47.04/con
picsize = cols * rows * 3;
planesize = cols * rows;
if ( !( sirarray = (unsigned char*) malloc( picsize ) ) )
-diff -up netpbm-10.47.04/converter/other/tifftopnm.c.security netpbm-10.47.04/converter/other/tifftopnm.c
---- netpbm-10.47.04/converter/other/tifftopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/tifftopnm.c 2009-10-21 15:49:29.000000000 +0200
-@@ -1291,7 +1291,9 @@ convertRasterByRows(pnmOut * const
+diff -up netpbm-10.58.01/converter/other/tifftopnm.c.security-code netpbm-10.58.01/converter/other/tifftopnm.c
+--- netpbm-10.58.01/converter/other/tifftopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/other/tifftopnm.c 2012-04-09 15:40:03.191619939 +0200
+@@ -1279,7 +1279,9 @@ convertRasterByRows(pnmOut * const
if (scanbuf == NULL)
pm_error("can't allocate memory for scanline buffer");
@@ -217,9 +227,9 @@ diff -up netpbm-10.47.04/converter/other/tifftopnm.c.security netpbm-10.47.04/co
if (samplebuf == NULL)
pm_error("can't allocate memory for row buffer");
-diff -up netpbm-10.47.04/converter/other/xwdtopnm.c.security netpbm-10.47.04/converter/other/xwdtopnm.c
---- netpbm-10.47.04/converter/other/xwdtopnm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/other/xwdtopnm.c 2009-10-21 15:53:27.000000000 +0200
+diff -up netpbm-10.58.01/converter/other/xwdtopnm.c.security-code netpbm-10.58.01/converter/other/xwdtopnm.c
+--- netpbm-10.58.01/converter/other/xwdtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200
++++ netpbm-10.58.01/converter/other/xwdtopnm.c 2012-04-09 15:40:03.192619927 +0200
@@ -209,6 +209,10 @@ processX10Header(X10WDFileHeader * cons
*colorsP = pnm_allocrow(2);
PNM_ASSIGN1((*colorsP)[0], 0);
@@ -239,32 +249,9 @@ diff -up netpbm-10.47.04/converter/other/xwdtopnm.c.security netpbm-10.47.04/con
*padrightP =
h11FixedP->bytes_per_line * 8 -
h11FixedP->pixmap_width * h11FixedP->bits_per_pixel;
-diff -up netpbm-10.47.04/converter/other/sunicontopnm.c.security netpbm-10.47.04/converter/other/sunicontopnm.c
---- netpbm-10.47.04/converter/other/sunicontopnm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/other/sunicontopnm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -11,6 +11,7 @@
- */
-
- #include <string.h>
-+#include <limits.h>
-
- #include "nstring.h"
- #include "pbm.h"
-@@ -87,6 +88,11 @@ ReadIconFile(FILE * const
- if (*heightP <= 0)
- pm_error("invalid height (must be positive): %d", *heightP);
-
-+ if ( *widthP > INT_MAX - 16 || *widthP < 0)
-+ pm_error( "invalid width: %d", *widthP);
-+
-+ overflow2(*widthP + 16, *heightP);
-+
- }
-
-
-diff -up netpbm-10.47.04/converter/pbm/mdatopbm.c.security netpbm-10.47.04/converter/pbm/mdatopbm.c
---- netpbm-10.47.04/converter/pbm/mdatopbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/mdatopbm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/mdatopbm.c.security-code netpbm-10.58.01/converter/pbm/mdatopbm.c
+--- netpbm-10.58.01/converter/pbm/mdatopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/mdatopbm.c 2012-04-09 15:40:03.192619927 +0200
@@ -245,10 +245,13 @@ main(int argc, char **argv) {
pm_readlittleshort(infile, &yy); nInCols = yy;
}
@@ -280,9 +267,9 @@ diff -up netpbm-10.47.04/converter/pbm/mdatopbm.c.security netpbm-10.47.04/conve
data = pbm_allocarray(nOutCols, nOutRows);
-diff -up netpbm-10.47.04/converter/pbm/mgrtopbm.c.security netpbm-10.47.04/converter/pbm/mgrtopbm.c
---- netpbm-10.47.04/converter/pbm/mgrtopbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/mgrtopbm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/mgrtopbm.c.security-code netpbm-10.58.01/converter/pbm/mgrtopbm.c
+--- netpbm-10.58.01/converter/pbm/mgrtopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/mgrtopbm.c 2012-04-09 15:40:03.193619915 +0200
@@ -65,6 +65,8 @@ readMgrHeader(FILE * const ifP,
if (head.h_high < ' ' || head.l_high < ' ')
pm_error("Invalid width field in MGR header");
@@ -292,42 +279,10 @@ diff -up netpbm-10.47.04/converter/pbm/mgrtopbm.c.security netpbm-10.47.04/conve
*colsP = (((int)head.h_wide - ' ') << 6) + ((int)head.l_wide - ' ');
*rowsP = (((int)head.h_high - ' ') << 6) + ((int) head.l_high - ' ');
*padrightP = ( ( *colsP + pad - 1 ) / pad ) * pad - *colsP;
-diff -up netpbm-10.47.04/converter/pbm/pbmto10x.c.security netpbm-10.47.04/converter/pbm/pbmto10x.c
---- netpbm-10.47.04/converter/pbm/pbmto10x.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmto10x.c 2009-10-21 15:09:33.000000000 +0200
-@@ -162,7 +162,7 @@ main(int argc, char * argv[]) {
- res_60x72();
-
- pm_close(ifp);
-- exit(0);
-+ return 0;
- }
-
-
-diff -up netpbm-10.47.04/converter/pbm/pbmto4425.c.security netpbm-10.47.04/converter/pbm/pbmto4425.c
---- netpbm-10.47.04/converter/pbm/pbmto4425.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmto4425.c 2009-10-21 15:09:33.000000000 +0200
-@@ -2,6 +2,7 @@
-
- #include "nstring.h"
- #include "pbm.h"
-+#include <string.h>
-
- static char bit_table[2][3] = {
- {1, 4, 0x10},
-@@ -160,7 +161,7 @@ main(int argc, char * argv[]) {
- xres = vmap_width * 2;
- yres = vmap_height * 3;
-
-- vmap = malloc(vmap_width * vmap_height * sizeof(char));
-+ vmap = malloc3(vmap_width, vmap_height, sizeof(char));
- if(vmap == NULL)
- {
- pm_error( "Cannot allocate memory" );
-diff -up netpbm-10.47.04/converter/pbm/pbmtogem.c.security netpbm-10.47.04/converter/pbm/pbmtogem.c
---- netpbm-10.47.04/converter/pbm/pbmtogem.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtogem.c 2009-10-21 15:09:33.000000000 +0200
-@@ -123,6 +123,7 @@ putinit (rows, cols)
+diff -up netpbm-10.58.01/converter/pbm/pbmtogem.c.security-code netpbm-10.58.01/converter/pbm/pbmtogem.c
+--- netpbm-10.58.01/converter/pbm/pbmtogem.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtogem.c 2012-04-09 15:40:03.193619915 +0200
+@@ -79,6 +79,7 @@ putinit (int const rows, int const cols)
bitsperitem = 0;
bitshift = 7;
outcol = 0;
@@ -335,9 +290,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtogem.c.security netpbm-10.47.04/conve
outmax = (cols + 7) / 8;
outrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char));
lastrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char));
-diff -up netpbm-10.47.04/converter/pbm/pbmtogo.c.security netpbm-10.47.04/converter/pbm/pbmtogo.c
---- netpbm-10.47.04/converter/pbm/pbmtogo.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtogo.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtogo.c.security-code netpbm-10.58.01/converter/pbm/pbmtogo.c
+--- netpbm-10.58.01/converter/pbm/pbmtogo.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtogo.c 2012-04-09 15:40:03.193619915 +0200
@@ -158,6 +158,7 @@ main(int argc,
bitrow = pbm_allocrow(cols);
@@ -346,9 +301,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtogo.c.security netpbm-10.47.04/conver
rucols = ( cols + 7 ) / 8;
bytesperrow = rucols; /* GraphOn uses bytes */
rucols = rucols * 8;
-diff -up netpbm-10.47.04/converter/pbm/pbmtolj.c.security netpbm-10.47.04/converter/pbm/pbmtolj.c
---- netpbm-10.47.04/converter/pbm/pbmtolj.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtolj.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtolj.c.security-code netpbm-10.58.01/converter/pbm/pbmtolj.c
+--- netpbm-10.58.01/converter/pbm/pbmtolj.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtolj.c 2012-04-09 15:40:03.194619902 +0200
@@ -120,7 +120,11 @@ parseCommandLine(int argc, char ** argv,
static void
allocateBuffers(unsigned int const cols) {
@@ -361,9 +316,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtolj.c.security netpbm-10.47.04/conver
packBufferSize = rowBufferSize + (rowBufferSize + 127) / 128 + 1;
deltaBufferSize = rowBufferSize + rowBufferSize / 8 + 10;
-diff -up netpbm-10.47.04/converter/pbm/pbmtomacp.c.security netpbm-10.47.04/converter/pbm/pbmtomacp.c
---- netpbm-10.47.04/converter/pbm/pbmtomacp.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtomacp.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtomacp.c.security-code netpbm-10.58.01/converter/pbm/pbmtomacp.c
+--- netpbm-10.58.01/converter/pbm/pbmtomacp.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtomacp.c 2012-04-09 15:40:03.195619889 +0200
@@ -101,6 +101,7 @@ char *argv[];
if( !lflg )
left = 0;
@@ -381,9 +336,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtomacp.c.security netpbm-10.47.04/conv
if( bflg )
{ if( bottom - top >= MAX_LINES )
bottom = top + MAX_LINES - 1;
-diff -up netpbm-10.47.04/converter/pbm/pbmtomda.c.security netpbm-10.47.04/converter/pbm/pbmtomda.c
---- netpbm-10.47.04/converter/pbm/pbmtomda.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtomda.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtomda.c.security-code netpbm-10.58.01/converter/pbm/pbmtomda.c
+--- netpbm-10.58.01/converter/pbm/pbmtomda.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtomda.c 2012-04-09 15:40:03.195619889 +0200
@@ -179,6 +179,7 @@ int main(int argc, char **argv)
nOutRowsUnrounded = bScale ? nInRows/2 : nInRows;
@@ -392,11 +347,10 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtomda.c.security netpbm-10.47.04/conve
nOutRows = ((nOutRowsUnrounded + 3) / 4) * 4;
/* MDA wants rows a multiple of 4 */
nOutCols = nInCols / 8;
-diff -up netpbm-10.47.04/converter/pbm/pbmtomgr.c.security netpbm-10.47.04/converter/pbm/pbmtomgr.c
-diff -up netpbm-10.47.04/converter/pbm/pbmtoppa/pbm.c.security netpbm-10.47.04/converter/pbm/pbmtoppa/pbm.c
---- netpbm-10.47.04/converter/pbm/pbmtoppa/pbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtoppa/pbm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -105,6 +105,7 @@ int pbm_readline(pbm_stat* pbm,unsigned
+diff -up netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c
+--- netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtoppa/pbm.c 2012-04-09 15:40:03.195619889 +0200
+@@ -105,6 +105,7 @@ int pbm_readline(pbm_stat* pbm,unsigned
return 0;
case P4:
@@ -414,9 +368,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtoppa/pbm.c.security netpbm-10.47.04/c
memcpy (pbm->revdata, data, (pbm->width+7)/8);
pbm->current_line--;
}
-diff -up netpbm-10.47.04/converter/pbm/pbmtoppa/pbmtoppa.c.security netpbm-10.47.04/converter/pbm/pbmtoppa/pbmtoppa.c
---- netpbm-10.47.04/converter/pbm/pbmtoppa/pbmtoppa.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtoppa/pbmtoppa.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c.security-code netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c
+--- netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtoppa/pbmtoppa.c 2012-04-09 15:40:03.196619876 +0200
@@ -441,6 +441,7 @@ main(int argc, char *argv[]) {
pm_error("main(): unrecognized parameter '%s'", argv[argn]);
}
@@ -425,9 +379,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtoppa/pbmtoppa.c.security netpbm-10.47
Pwidth=(Width+7)/8;
printer.fptr=out;
-diff -up netpbm-10.47.04/converter/pbm/pbmtoxbm.c.security netpbm-10.47.04/converter/pbm/pbmtoxbm.c
---- netpbm-10.47.04/converter/pbm/pbmtoxbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtoxbm.c 2009-10-21 15:36:54.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoxbm.c
+--- netpbm-10.58.01/converter/pbm/pbmtoxbm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtoxbm.c 2012-04-09 15:40:03.196619876 +0200
@@ -335,6 +335,8 @@ convertRaster(FILE * const ifP,
unsigned char * bitrow;
@@ -437,10 +391,10 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtoxbm.c.security netpbm-10.47.04/conve
putinit(xbmVersion);
-diff -up netpbm-10.47.04/converter/pbm/pbmtoybm.c.security netpbm-10.47.04/converter/pbm/pbmtoybm.c
---- netpbm-10.47.04/converter/pbm/pbmtoybm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtoybm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -45,6 +45,7 @@ main( argc, argv )
+diff -up netpbm-10.58.01/converter/pbm/pbmtoybm.c.security-code netpbm-10.58.01/converter/pbm/pbmtoybm.c
+--- netpbm-10.58.01/converter/pbm/pbmtoybm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtoybm.c 2012-04-09 15:40:03.197619863 +0200
+@@ -113,6 +113,7 @@ main(int argc, const char *argv[]) {
bitrow = pbm_allocrow(cols);
/* Compute padding to round cols up to the nearest multiple of 16. */
@@ -448,9 +402,9 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtoybm.c.security netpbm-10.47.04/conve
padright = ((cols + 15) / 16) * 16 - cols;
putinit(cols, rows);
-diff -up netpbm-10.47.04/converter/pbm/pbmtozinc.c.security netpbm-10.47.04/converter/pbm/pbmtozinc.c
---- netpbm-10.47.04/converter/pbm/pbmtozinc.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pbmtozinc.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmtozinc.c.security-code netpbm-10.58.01/converter/pbm/pbmtozinc.c
+--- netpbm-10.58.01/converter/pbm/pbmtozinc.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmtozinc.c 2012-04-09 15:40:03.197619863 +0200
@@ -65,6 +65,7 @@ main(int argc, char * argv[]) {
bitrow = pbm_allocrow( cols );
@@ -459,9 +413,41 @@ diff -up netpbm-10.47.04/converter/pbm/pbmtozinc.c.security netpbm-10.47.04/conv
padright = ( ( cols + 15 ) / 16 ) * 16 - cols;
printf( "USHORT %s[] = {\n",name);
-diff -up netpbm-10.47.04/converter/pbm/pktopbm.c.security netpbm-10.47.04/converter/pbm/pktopbm.c
---- netpbm-10.47.04/converter/pbm/pktopbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/pktopbm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pbm/pbmto10x.c.security-code netpbm-10.58.01/converter/pbm/pbmto10x.c
+--- netpbm-10.58.01/converter/pbm/pbmto10x.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmto10x.c 2012-04-09 15:40:03.197619863 +0200
+@@ -162,7 +162,7 @@ main(int argc, char * argv[]) {
+ res_60x72();
+
+ pm_close(ifp);
+- exit(0);
++ return 0;
+ }
+
+
+diff -up netpbm-10.58.01/converter/pbm/pbmto4425.c.security-code netpbm-10.58.01/converter/pbm/pbmto4425.c
+--- netpbm-10.58.01/converter/pbm/pbmto4425.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pbmto4425.c 2012-04-09 15:40:03.198619851 +0200
+@@ -2,6 +2,7 @@
+
+ #include "nstring.h"
+ #include "pbm.h"
++#include <string.h>
+
+ static char bit_table[2][3] = {
+ {1, 4, 0x10},
+@@ -160,7 +161,7 @@ main(int argc, char * argv[]) {
+ xres = vmap_width * 2;
+ yres = vmap_height * 3;
+
+- vmap = malloc(vmap_width * vmap_height * sizeof(char));
++ vmap = malloc3(vmap_width, vmap_height, sizeof(char));
+ if(vmap == NULL)
+ {
+ pm_error( "Cannot allocate memory" );
+diff -up netpbm-10.58.01/converter/pbm/pktopbm.c.security-code netpbm-10.58.01/converter/pbm/pktopbm.c
+--- netpbm-10.58.01/converter/pbm/pktopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/pktopbm.c 2012-04-09 15:40:03.198619851 +0200
@@ -277,6 +277,7 @@ main(int argc, char *argv[]) {
if (flagbyte == 7) { /* long form preamble */
integer packetlength = get32() ; /* character packet length */
@@ -470,10 +456,10 @@ diff -up netpbm-10.47.04/converter/pbm/pktopbm.c.security netpbm-10.47.04/conver
endofpacket = packetlength + pktopbm_pkloc;
/* calculate end of packet */
if ((car >= MAXPKCHAR) || !filename[car]) {
-diff -up netpbm-10.47.04/converter/pbm/thinkjettopbm.l.security netpbm-10.47.04/converter/pbm/thinkjettopbm.l
---- netpbm-10.47.04/converter/pbm/thinkjettopbm.l.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/thinkjettopbm.l 2009-10-21 15:09:33.000000000 +0200
-@@ -107,7 +107,9 @@ DIG [0-9]
+diff -up netpbm-10.58.01/converter/pbm/thinkjettopbm.l.security-code netpbm-10.58.01/converter/pbm/thinkjettopbm.l
+--- netpbm-10.58.01/converter/pbm/thinkjettopbm.l.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/thinkjettopbm.l 2012-04-09 15:40:03.199619839 +0200
+@@ -114,7 +114,9 @@ DIG [0-9]
<RASTERMODE>\033\*b{DIG}+W {
int l;
if (rowCount >= rowCapacity) {
@@ -483,7 +469,7 @@ diff -up netpbm-10.47.04/converter/pbm/thinkjettopbm.l.security netpbm-10.47.04/
rows = realloc (rows, rowCapacity * sizeof *rows);
if (rows == NULL)
pm_error ("Out of memory.");
-@@ -217,6 +219,8 @@ yywrap (void)
+@@ -226,6 +228,8 @@ yywrap (void)
/*
* Quite simple since ThinkJet bit arrangement matches PBM
*/
@@ -492,20 +478,20 @@ diff -up netpbm-10.47.04/converter/pbm/thinkjettopbm.l.security netpbm-10.47.04/
pbm_writepbminit(stdout, maxRowLength*8, rowCount, 0);
packed_bitrow = malloc(maxRowLength);
-diff -up netpbm-10.47.04/converter/pbm/ybmtopbm.c.security netpbm-10.47.04/converter/pbm/ybmtopbm.c
---- netpbm-10.47.04/converter/pbm/ybmtopbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/pbm/ybmtopbm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -88,4 +88,5 @@ getinit( file, colsP, rowsP, depthP, pad
- pm_error("EOF / read error");
+diff -up netpbm-10.58.01/converter/pbm/ybmtopbm.c.security-code netpbm-10.58.01/converter/pbm/ybmtopbm.c
+--- netpbm-10.58.01/converter/pbm/ybmtopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/converter/pbm/ybmtopbm.c 2012-04-09 15:40:03.199619839 +0200
+@@ -49,6 +49,7 @@ getinit(FILE * const ifP,
+ pm_error("EOF / read error");
*depthP = 1;
+ overflow_add(*colsP, 15);
*padrightP = ((*colsP + 15) / 16) * 16 - *colsP;
-}
-
-diff -up netpbm-10.47.04/converter/pgm/lispmtopgm.c.security netpbm-10.47.04/converter/pgm/lispmtopgm.c
---- netpbm-10.47.04/converter/pgm/lispmtopgm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/pgm/lispmtopgm.c 2009-10-21 15:09:33.000000000 +0200
+ }
+
+diff -up netpbm-10.58.01/converter/pgm/lispmtopgm.c.security-code netpbm-10.58.01/converter/pgm/lispmtopgm.c
+--- netpbm-10.58.01/converter/pgm/lispmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/pgm/lispmtopgm.c 2012-04-09 15:40:03.199619839 +0200
@@ -58,6 +58,7 @@ main( argc, argv )
pm_error( "depth (%d bits) is too large", depth);
@@ -525,9 +511,9 @@ diff -up netpbm-10.47.04/converter/pgm/lispmtopgm.c.security netpbm-10.47.04/con
*padrightP = ( ( *colsP + 31 ) / 32 ) * 32 - *colsP;
if ( *colsP != (cols_32 - *padrightP) ) {
-diff -up netpbm-10.47.04/converter/pgm/psidtopgm.c.security netpbm-10.47.04/converter/pgm/psidtopgm.c
---- netpbm-10.47.04/converter/pgm/psidtopgm.c.security 2009-10-21 13:39:06.000000000 +0200
-+++ netpbm-10.47.04/converter/pgm/psidtopgm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/pgm/psidtopgm.c.security-code netpbm-10.58.01/converter/pgm/psidtopgm.c
+--- netpbm-10.58.01/converter/pgm/psidtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/pgm/psidtopgm.c 2012-04-09 15:40:03.200619827 +0200
@@ -78,6 +78,7 @@ main(int argc,
pm_error("bits/sample (%d) is too large.", bitspersample);
@@ -536,10 +522,10 @@ diff -up netpbm-10.47.04/converter/pgm/psidtopgm.c.security netpbm-10.47.04/conv
grayrow = pgm_allocrow((cols + 7) / 8 * 8);
for (row = 0; row < rows; ++row) {
unsigned int col;
-diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/converter/ppm/ilbmtoppm.c
---- netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ilbmtoppm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -594,6 +594,7 @@ decode_row(FILE * const ifP,
+diff -up netpbm-10.58.01/converter/ppm/ilbmtoppm.c.security-code netpbm-10.58.01/converter/ppm/ilbmtoppm.c
+--- netpbm-10.58.01/converter/ppm/ilbmtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ilbmtoppm.c 2012-04-09 15:40:03.201619815 +0200
+@@ -592,6 +592,7 @@ decode_row(FILE * const ifP,
rawtype *chp;
cols = bmhdP->w;
@@ -547,7 +533,7 @@ diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/conv
bytes = RowBytes(cols);
for( plane = 0; plane < nPlanes; plane++ ) {
int mask;
-@@ -681,6 +682,23 @@ decode_mask(FILE * const ifP,
+@@ -679,6 +680,23 @@ decode_mask(FILE * const ifP,
Multipalette handling
****************************************************************************/
@@ -571,7 +557,7 @@ diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/conv
static void
multi_adjust(cmap, row, palchange)
-@@ -1300,6 +1318,9 @@ dcol_to_ppm(FILE * const ifP,
+@@ -1341,6 +1359,9 @@ dcol_to_ppm(FILE * const ifP,
if( redmaxval != maxval || greenmaxval != maxval || bluemaxval != maxval )
pm_message("scaling colors to %d bits", pm_maxvaltobits(maxval));
@@ -581,7 +567,7 @@ diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/conv
MALLOCARRAY_NOFAIL(redtable, redmaxval +1);
MALLOCARRAY_NOFAIL(greentable, greenmaxval +1);
MALLOCARRAY_NOFAIL(bluetable, bluemaxval +1);
-@@ -1729,7 +1750,9 @@ PCHG_ConvertSmall(PCHG, cmap, mask, data
+@@ -1763,7 +1784,9 @@ PCHG_ConvertSmall(PCHG, cmap, mask, data
ChangeCount32 = *data++;
datasize -= 2;
@@ -591,7 +577,7 @@ diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/conv
for( i = 0; i < changes; i++ ) {
if( totalchanges >= PCHG->TotalChanges ) goto fail;
if( datasize < 2 ) goto fail;
-@@ -1994,6 +2017,9 @@ read_pchg(FILE * const ifp,
+@@ -2028,6 +2051,9 @@ read_pchg(FILE * const ifp,
cmap->mp_change[i] = NULL;
if( PCHG.StartLine < 0 ) {
int nch;
@@ -601,7 +587,7 @@ diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/conv
nch = PCHG.MaxReg - PCHG.MinReg +1;
MALLOCARRAY_NOFAIL(cmap->mp_init, nch + 1);
for( i = 0; i < nch; i++ )
-@@ -2070,6 +2096,7 @@ process_body( FILE * const ifp,
+@@ -2104,6 +2130,7 @@ process_body( FILE * const ifp,
if( typeid == ID_ILBM ) {
int isdeep;
@@ -609,9 +595,9 @@ diff -up netpbm-10.47.04/converter/ppm/ilbmtoppm.c.security netpbm-10.47.04/conv
MALLOCARRAY_NOFAIL(ilbmrow, RowBytes(bmhdP->w));
*viewportmodesP |= fakeviewport; /* -isham/-isehb */
-diff -up netpbm-10.47.04/converter/ppm/imgtoppm.c.security netpbm-10.47.04/converter/ppm/imgtoppm.c
---- netpbm-10.47.04/converter/ppm/imgtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/imgtoppm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/imgtoppm.c.security-code netpbm-10.58.01/converter/ppm/imgtoppm.c
+--- netpbm-10.58.01/converter/ppm/imgtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/imgtoppm.c 2012-04-09 15:40:03.202619802 +0200
@@ -84,6 +84,7 @@ main(int argc, char ** argv) {
len = atoi((char*) buf );
if ( fread( buf, len, 1, ifp ) != 1 )
@@ -628,9 +614,9 @@ diff -up netpbm-10.47.04/converter/ppm/imgtoppm.c.security netpbm-10.47.04/conve
if ( len != cols * rows )
pm_message(
"pixel data length (%d) does not match image size (%d)",
-diff -up netpbm-10.47.04/converter/ppm/Makefile.security netpbm-10.47.04/converter/ppm/Makefile
---- netpbm-10.47.04/converter/ppm/Makefile.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/Makefile 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/Makefile.security-code netpbm-10.58.01/converter/ppm/Makefile
+--- netpbm-10.58.01/converter/ppm/Makefile.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/Makefile 2012-04-09 15:40:03.202619802 +0200
@@ -11,7 +11,7 @@ SUBDIRS = hpcdtoppm ppmtompeg
PORTBINARIES = 411toppm eyuvtoppm gouldtoppm ilbmtoppm imgtoppm \
@@ -640,10 +626,10 @@ diff -up netpbm-10.47.04/converter/ppm/Makefile.security netpbm-10.47.04/convert
ppmtoacad ppmtoapplevol ppmtoarbtxt ppmtoascii \
ppmtobmp ppmtoeyuv ppmtogif ppmtoicr ppmtoilbm \
ppmtoleaf ppmtolj ppmtomitsu ppmtoneo \
-diff -up netpbm-10.47.04/converter/ppm/pcxtoppm.c.security netpbm-10.47.04/converter/ppm/pcxtoppm.c
---- netpbm-10.47.04/converter/ppm/pcxtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/pcxtoppm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -409,6 +409,7 @@ pcx_planes_to_pixels(pixels, bitplanes,
+diff -up netpbm-10.58.01/converter/ppm/pcxtoppm.c.security-code netpbm-10.58.01/converter/ppm/pcxtoppm.c
+--- netpbm-10.58.01/converter/ppm/pcxtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/pcxtoppm.c 2012-04-09 15:40:03.203619789 +0200
+@@ -409,6 +409,7 @@ pcx_planes_to_pixels(pixels, bitplanes,
/*
* clear the pixel buffer
*/
@@ -659,18 +645,18 @@ diff -up netpbm-10.47.04/converter/ppm/pcxtoppm.c.security netpbm-10.47.04/conve
rawcols = BytesPerLine * 8 / BitsPerPixel;
if (headerCols > rawcols) {
pm_message("warning - BytesPerLine = %d, "
-diff -up netpbm-10.47.04/converter/ppm/picttoppm.c.security netpbm-10.47.04/converter/ppm/picttoppm.c
---- netpbm-10.47.04/converter/ppm/picttoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/picttoppm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/picttoppm.c.security-code netpbm-10.58.01/converter/ppm/picttoppm.c
+--- netpbm-10.58.01/converter/ppm/picttoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/picttoppm.c 2012-04-09 15:40:03.205619763 +0200
@@ -1,3 +1,5 @@
+#error "Unfixable. Don't ship me"
+
/*
* picttoppm.c -- convert a MacIntosh PICT file to PPM format.
*
-diff -up netpbm-10.47.04/converter/ppm/pjtoppm.c.security netpbm-10.47.04/converter/ppm/pjtoppm.c
---- netpbm-10.47.04/converter/ppm/pjtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/pjtoppm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/pjtoppm.c.security-code netpbm-10.58.01/converter/ppm/pjtoppm.c
+--- netpbm-10.58.01/converter/ppm/pjtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/pjtoppm.c 2012-04-09 15:40:03.206619751 +0200
@@ -127,19 +127,21 @@ main(argc, argv)
case 'V': /* send plane */
case 'W': /* send last plane */
@@ -720,9 +706,9 @@ diff -up netpbm-10.47.04/converter/ppm/pjtoppm.c.security netpbm-10.47.04/conver
cols *= 8;
}
-diff -up netpbm-10.47.04/converter/ppm/ppmtoeyuv.c.security netpbm-10.47.04/converter/ppm/ppmtoeyuv.c
---- netpbm-10.47.04/converter/ppm/ppmtoeyuv.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtoeyuv.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtoeyuv.c.security-code netpbm-10.58.01/converter/ppm/ppmtoeyuv.c
+--- netpbm-10.58.01/converter/ppm/ppmtoeyuv.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtoeyuv.c 2012-04-09 15:40:03.206619751 +0200
@@ -114,6 +114,7 @@ create_multiplication_tables(const pixva
int index;
@@ -731,9 +717,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoeyuv.c.security netpbm-10.47.04/conv
MALLOCARRAY_NOFAIL(mult299 , maxval+1);
MALLOCARRAY_NOFAIL(mult587 , maxval+1);
MALLOCARRAY_NOFAIL(mult114 , maxval+1);
-diff -up netpbm-10.47.04/converter/ppm/ppmtoicr.c.security netpbm-10.47.04/converter/ppm/ppmtoicr.c
---- netpbm-10.47.04/converter/ppm/ppmtoicr.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtoicr.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtoicr.c.security-code netpbm-10.58.01/converter/ppm/ppmtoicr.c
+--- netpbm-10.58.01/converter/ppm/ppmtoicr.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtoicr.c 2012-04-09 15:40:03.207619739 +0200
@@ -169,7 +169,7 @@ char* argv[];
if (rleflag) {
@@ -743,10 +729,10 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoicr.c.security netpbm-10.47.04/conve
p = testimage;
for (i=0; i<rows; i++)
for (j=0; j<cols; j++)
-diff -up netpbm-10.47.04/converter/ppm/ppmtoilbm.c.security netpbm-10.47.04/converter/ppm/ppmtoilbm.c
---- netpbm-10.47.04/converter/ppm/ppmtoilbm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtoilbm.c 2009-10-21 15:47:50.000000000 +0200
-@@ -1214,6 +1214,7 @@ ppm_to_rgb8(ifP, cols, rows, maxval)
+diff -up netpbm-10.58.01/converter/ppm/ppmtoilbm.c.security-code netpbm-10.58.01/converter/ppm/ppmtoilbm.c
+--- netpbm-10.58.01/converter/ppm/ppmtoilbm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtoilbm.c 2012-04-09 15:40:03.208619727 +0200
+@@ -1220,6 +1220,7 @@ ppm_to_rgb8(ifP, cols, rows, maxval)
maskmethod = 0; /* no masking - RGB8 uses genlock bits */
compmethod = 4; /* RGB8 files are always compressed */
@@ -754,7 +740,7 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoilbm.c.security netpbm-10.47.04/conv
MALLOCARRAY_NOFAIL(compr_row, cols * 4);
if( maxval != 255 ) {
-@@ -1302,6 +1303,7 @@ ppm_to_rgbn(ifP, cols, rows, maxval)
+@@ -1308,6 +1309,7 @@ ppm_to_rgbn(ifP, cols, rows, maxval)
maskmethod = 0; /* no masking - RGBN uses genlock bits */
compmethod = 4; /* RGBN files are always compressed */
@@ -762,7 +748,7 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoilbm.c.security netpbm-10.47.04/conv
MALLOCARRAY_NOFAIL(compr_row, cols * 2);
if( maxval != 15 ) {
-@@ -1779,6 +1781,7 @@ make_val_table(oldmaxval, newmaxval)
+@@ -1785,6 +1787,7 @@ make_val_table(oldmaxval, newmaxval)
unsigned int i;
int * table;
@@ -770,7 +756,7 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoilbm.c.security netpbm-10.47.04/conv
MALLOCARRAY_NOFAIL(table, oldmaxval + 1);
for (i = 0; i <= oldmaxval; ++i)
table[i] = ROUNDDIV(i * newmaxval, oldmaxval);
-@@ -2283,8 +2286,11 @@ main(int argc, char ** argv) {
+@@ -2293,8 +2296,11 @@ main(int argc, char ** argv) {
MALLOCARRAY_NOFAIL(coded_rowbuf, RowBytes(cols));
for (i = 0; i < RowBytes(cols); ++i)
coded_rowbuf[i] = 0;
@@ -783,9 +769,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoilbm.c.security netpbm-10.47.04/conv
}
switch (mode) {
-diff -up netpbm-10.47.04/converter/ppm/ppmtolj.c.security netpbm-10.47.04/converter/ppm/ppmtolj.c
---- netpbm-10.47.04/converter/ppm/ppmtolj.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtolj.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtolj.c.security-code netpbm-10.58.01/converter/ppm/ppmtolj.c
+--- netpbm-10.58.01/converter/ppm/ppmtolj.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtolj.c 2012-04-09 15:40:03.210619701 +0200
@@ -181,7 +181,8 @@ int main(int argc, char *argv[]) {
ppm_readppminit( ifp, &cols, &rows, &maxval, &format );
@@ -796,9 +782,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtolj.c.security netpbm-10.47.04/conver
obuf = (unsigned char *) pm_allocrow(cols * 3, sizeof(unsigned char));
cbuf = (unsigned char *) pm_allocrow(cols * 6, sizeof(unsigned char));
if (mode == C_TRANS_MODE_DELTA)
-diff -up netpbm-10.47.04/converter/ppm/ppmtomitsu.c.security netpbm-10.47.04/converter/ppm/ppmtomitsu.c
---- netpbm-10.47.04/converter/ppm/ppmtomitsu.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtomitsu.c 2009-10-21 15:48:30.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtomitsu.c.security-code netpbm-10.58.01/converter/ppm/ppmtomitsu.c
+--- netpbm-10.58.01/converter/ppm/ppmtomitsu.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtomitsu.c 2012-04-09 15:40:03.210619702 +0200
@@ -685,6 +685,8 @@ main(int argc, char * argv[]) {
medias = MSize_User;
@@ -808,9 +794,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtomitsu.c.security netpbm-10.47.04/con
medias.maxcols *= 2;
medias.maxrows *= 2;
}
-diff -up netpbm-10.47.04/converter/ppm/ppmtopcx.c.security netpbm-10.47.04/converter/ppm/ppmtopcx.c
---- netpbm-10.47.04/converter/ppm/ppmtopcx.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtopcx.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtopcx.c.security-code netpbm-10.58.01/converter/ppm/ppmtopcx.c
+--- netpbm-10.58.01/converter/ppm/ppmtopcx.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtopcx.c 2012-04-09 15:40:03.210619702 +0200
@@ -419,6 +419,8 @@ ppmTo16ColorPcx(pixel ** cons
else Planes = 1;
}
@@ -820,21 +806,21 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtopcx.c.security netpbm-10.47.04/conve
BytesPerLine = ((cols * BitsPerPixel) + 7) / 8;
MALLOCARRAY_NOFAIL(indexRow, cols);
MALLOCARRAY_NOFAIL(planesrow, BytesPerLine);
-diff -up netpbm-10.47.04/converter/ppm/ppmtopict.c.security netpbm-10.47.04/converter/ppm/ppmtopict.c
---- netpbm-10.47.04/converter/ppm/ppmtopict.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtopict.c 2009-10-21 15:09:33.000000000 +0200
-@@ -245,6 +245,8 @@ char *argv[];
- putShort(stdout, 0); /* mode */
+diff -up netpbm-10.58.01/converter/ppm/ppmtopict.c.security-code netpbm-10.58.01/converter/ppm/ppmtopict.c
+--- netpbm-10.58.01/converter/ppm/ppmtopict.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtopict.c 2012-04-09 15:40:03.211619690 +0200
+@@ -441,6 +441,8 @@ main(int argc, const char ** argv) {
+ putShort(stdout, 0); /* mode */
/* Finally, write out the data. */
-+ overflow_add(cols/MAX_COUNT, 1);
-+ overflow_add(cols, cols/MAX_COUNT+1);
++ overflow_add(cols/MAX_COUNT, 1);
++ overflow_add(cols, cols/MAX_COUNT+1);
packed = malloc((unsigned)(cols+cols/MAX_COUNT+1));
for (row = 0, oc = 0; row < rows; row++)
oc += putRow(stdout, row, cols, pixels[row], packed);
-diff -up netpbm-10.47.04/converter/ppm/ppmtopj.c.security netpbm-10.47.04/converter/ppm/ppmtopj.c
---- netpbm-10.47.04/converter/ppm/ppmtopj.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtopj.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtopj.c.security-code netpbm-10.58.01/converter/ppm/ppmtopj.c
+--- netpbm-10.58.01/converter/ppm/ppmtopj.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtopj.c 2012-04-09 15:40:03.212619677 +0200
@@ -179,6 +179,7 @@ char *argv[];
pixels = ppm_readppm( ifp, &cols, &rows, &maxval );
@@ -843,9 +829,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtopj.c.security netpbm-10.47.04/conver
obuf = (unsigned char *) pm_allocrow(cols, sizeof(unsigned char));
cbuf = (unsigned char *) pm_allocrow(cols * 2, sizeof(unsigned char));
-diff -up netpbm-10.47.04/converter/ppm/ppmtopjxl.c.security netpbm-10.47.04/converter/ppm/ppmtopjxl.c
---- netpbm-10.47.04/converter/ppm/ppmtopjxl.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtopjxl.c 2009-10-21 15:43:31.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtopjxl.c.security-code netpbm-10.58.01/converter/ppm/ppmtopjxl.c
+--- netpbm-10.58.01/converter/ppm/ppmtopjxl.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtopjxl.c 2012-04-09 15:40:03.212619677 +0200
@@ -276,6 +276,8 @@ main(int argc, const char * argv[]) {
pm_error("image too large; reduce with ppmscale");
if (maxval > PCL_MAXVAL)
@@ -878,9 +864,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtopjxl.c.security netpbm-10.47.04/conv
inrow = (char *)malloc((unsigned)bpp);
outrow = (char *)malloc((unsigned)bpp*2);
runcnt = (signed char *)malloc((unsigned)bpp);
-diff -up netpbm-10.47.04/converter/ppm/ppmtowinicon.c.security netpbm-10.47.04/converter/ppm/ppmtowinicon.c
---- netpbm-10.47.04/converter/ppm/ppmtowinicon.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtowinicon.c 2009-10-21 15:44:54.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ppmtowinicon.c.security-code netpbm-10.58.01/converter/ppm/ppmtowinicon.c
+--- netpbm-10.58.01/converter/ppm/ppmtowinicon.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtowinicon.c 2012-04-09 15:40:03.213619664 +0200
@@ -12,6 +12,7 @@
#include <math.h>
@@ -924,10 +910,10 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtowinicon.c.security netpbm-10.47.04/c
entry->size_in_bytes =
xorBitmap->size + andBitmap->size + 40 + (4 * entry->color_count);
if (verbose)
-diff -up netpbm-10.47.04/converter/ppm/ppmtoxpm.c.security netpbm-10.47.04/converter/ppm/ppmtoxpm.c
---- netpbm-10.47.04/converter/ppm/ppmtoxpm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ppmtoxpm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -197,6 +197,7 @@ genNumstr(unsigned int const input, int
+diff -up netpbm-10.58.01/converter/ppm/ppmtoxpm.c.security-code netpbm-10.58.01/converter/ppm/ppmtoxpm.c
+--- netpbm-10.58.01/converter/ppm/ppmtoxpm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ppmtoxpm.c 2012-04-09 15:40:03.214619651 +0200
+@@ -197,6 +197,7 @@ genNumstr(unsigned int const input, int
unsigned int i;
/* Allocate memory for printed number. Abort if error. */
@@ -935,7 +921,7 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoxpm.c.security netpbm-10.47.04/conve
if (!(str = (char *) malloc(digits + 1)))
pm_error("out of memory");
-@@ -314,6 +315,7 @@ genCmap(colorhist_vector const chv,
+@@ -314,6 +315,7 @@ genCmap(colorhist_vector const chv,
unsigned int charsPerPixel;
unsigned int xpmMaxval;
@@ -943,9 +929,9 @@ diff -up netpbm-10.47.04/converter/ppm/ppmtoxpm.c.security netpbm-10.47.04/conve
MALLOCARRAY(cmap, cmapSize);
if (cmapP == NULL)
pm_error("Out of memory allocating %u bytes for a color map.",
-diff -up netpbm-10.47.04/converter/ppm/qrttoppm.c.security netpbm-10.47.04/converter/ppm/qrttoppm.c
---- netpbm-10.47.04/converter/ppm/qrttoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/qrttoppm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/qrttoppm.c.security-code netpbm-10.58.01/converter/ppm/qrttoppm.c
+--- netpbm-10.58.01/converter/ppm/qrttoppm.c.security-code 2012-04-09 15:31:42.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/qrttoppm.c 2012-04-09 15:40:03.215619638 +0200
@@ -46,7 +46,7 @@ main( argc, argv )
ppm_writeppminit( stdout, cols, rows, maxval, 0 );
@@ -955,9 +941,9 @@ diff -up netpbm-10.47.04/converter/ppm/qrttoppm.c.security netpbm-10.47.04/conve
if ( buf == (unsigned char *) 0 )
pm_error( "out of memory" );
-diff -up netpbm-10.47.04/converter/ppm/sldtoppm.c.security netpbm-10.47.04/converter/ppm/sldtoppm.c
---- netpbm-10.47.04/converter/ppm/sldtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/sldtoppm.c 2009-10-21 15:44:11.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/sldtoppm.c.security-code netpbm-10.58.01/converter/ppm/sldtoppm.c
+--- netpbm-10.58.01/converter/ppm/sldtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/sldtoppm.c 2012-04-09 15:40:03.216619626 +0200
@@ -455,6 +455,8 @@ slider(slvecfn slvec,
/* Allocate image buffer and clear it to black. */
@@ -967,9 +953,9 @@ diff -up netpbm-10.47.04/converter/ppm/sldtoppm.c.security netpbm-10.47.04/conve
pixels = ppm_allocarray(pixcols = ixdots + 1, pixrows = iydots + 1);
PPM_ASSIGN(rgbcolor, 0, 0, 0);
ppmd_filledrectangle(pixels, pixcols, pixrows, pixmaxval, 0, 0,
-diff -up netpbm-10.47.04/converter/ppm/ximtoppm.c.security netpbm-10.47.04/converter/ppm/ximtoppm.c
---- netpbm-10.47.04/converter/ppm/ximtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/ximtoppm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/ximtoppm.c.security-code netpbm-10.58.01/converter/ppm/ximtoppm.c
+--- netpbm-10.58.01/converter/ppm/ximtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/ximtoppm.c 2012-04-09 15:40:03.216619626 +0200
@@ -117,6 +117,7 @@ ReadXimHeader(FILE * const in_fp,
header->bits_channel = atoi(a_head.bits_per_channel);
header->alpha_flag = atoi(a_head.alpha_channel);
@@ -1002,20 +988,9 @@ diff -up netpbm-10.47.04/converter/ppm/ximtoppm.c.security netpbm-10.47.04/conve
header->colors = (Color *)calloc((unsigned int)header->ncolors,
sizeof(Color));
if (header->colors == NULL) {
-diff -up netpbm-10.47.04/converter/ppm/xpmtoppm.c.security netpbm-10.47.04/converter/ppm/xpmtoppm.c
---- netpbm-10.47.04/converter/ppm/xpmtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/xpmtoppm.c 2009-10-21 15:09:33.000000000 +0200
-@@ -701,6 +701,7 @@ ReadXPMFile(FILE * const stream, int * c
- &ncolors, colorsP, &ptab);
- *transparentP = -1; /* No transparency in version 1 */
- }
-+ overflow2(*widthP, *heightP);
- totalpixels = *widthP * *heightP;
- MALLOCARRAY(*dataP, totalpixels);
- if (*dataP == NULL)
-diff -up netpbm-10.47.04/converter/ppm/yuvtoppm.c.security netpbm-10.47.04/converter/ppm/yuvtoppm.c
---- netpbm-10.47.04/converter/ppm/yuvtoppm.c.security 2009-10-21 13:39:10.000000000 +0200
-+++ netpbm-10.47.04/converter/ppm/yuvtoppm.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/converter/ppm/yuvtoppm.c.security-code netpbm-10.58.01/converter/ppm/yuvtoppm.c
+--- netpbm-10.58.01/converter/ppm/yuvtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200
++++ netpbm-10.58.01/converter/ppm/yuvtoppm.c 2012-04-09 15:40:03.218619602 +0200
@@ -72,6 +72,7 @@ main(argc, argv)
ppm_writeppminit(stdout, cols, rows, (pixval) 255, 0);
@@ -1024,9 +999,9 @@ diff -up netpbm-10.47.04/converter/ppm/yuvtoppm.c.security netpbm-10.47.04/conve
MALLOCARRAY(yuvbuf, (cols+1)/2);
if (yuvbuf == NULL)
pm_error("Unable to allocate YUV buffer for %d columns.", cols);
-diff -up netpbm-10.47.04/editor/pamcut.c.security netpbm-10.47.04/editor/pamcut.c
---- netpbm-10.47.04/editor/pamcut.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pamcut.c 2009-10-21 15:29:36.000000000 +0200
+diff -up netpbm-10.58.01/editor/pamcut.c.security-code netpbm-10.58.01/editor/pamcut.c
+--- netpbm-10.58.01/editor/pamcut.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/pamcut.c 2012-04-09 15:40:03.218619602 +0200
@@ -655,6 +655,8 @@ cutOneImage(FILE * const ifP
outpam = inpam; /* Initial value -- most fields should be same */
@@ -1036,9 +1011,9 @@ diff -up netpbm-10.47.04/editor/pamcut.c.security netpbm-10.47.04/editor/pamcut.
outpam.width = rightcol - leftcol + 1;
outpam.height = bottomrow - toprow + 1;
-diff -up netpbm-10.47.04/editor/pbmreduce.c.security netpbm-10.47.04/editor/pbmreduce.c
---- netpbm-10.47.04/editor/pbmreduce.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pbmreduce.c 2009-10-21 15:26:13.000000000 +0200
+diff -up netpbm-10.58.01/editor/pbmreduce.c.security-code netpbm-10.58.01/editor/pbmreduce.c
+--- netpbm-10.58.01/editor/pbmreduce.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/pbmreduce.c 2012-04-09 15:40:03.219619590 +0200
@@ -94,6 +94,7 @@ main( argc, argv )
if (halftone == QT_FS) {
unsigned int col;
@@ -1047,10 +1022,10 @@ diff -up netpbm-10.47.04/editor/pbmreduce.c.security netpbm-10.47.04/editor/pbmr
MALLOCARRAY(thiserr, newcols + 2);
MALLOCARRAY(nexterr, newcols + 2);
if (thiserr == NULL || nexterr == NULL)
-diff -up netpbm-10.47.04/editor/pnmgamma.c.security netpbm-10.47.04/editor/pnmgamma.c
---- netpbm-10.47.04/editor/pnmgamma.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmgamma.c 2009-10-21 15:09:34.000000000 +0200
-@@ -586,6 +586,7 @@ createGammaTables(enum transferFunction
+diff -up netpbm-10.58.01/editor/pnmgamma.c.security-code netpbm-10.58.01/editor/pnmgamma.c
+--- netpbm-10.58.01/editor/pnmgamma.c.security-code 2012-04-09 15:31:34.000000000 +0200
++++ netpbm-10.58.01/editor/pnmgamma.c 2012-04-09 15:40:03.220619577 +0200
+@@ -586,6 +586,7 @@ createGammaTables(enum transferFunction
xelval ** const btableP) {
/* Allocate space for the tables. */
@@ -1058,9 +1033,9 @@ diff -up netpbm-10.47.04/editor/pnmgamma.c.security netpbm-10.47.04/editor/pnmga
MALLOCARRAY(*rtableP, maxval+1);
MALLOCARRAY(*gtableP, maxval+1);
MALLOCARRAY(*btableP, maxval+1);
-diff -up netpbm-10.47.04/editor/pnmhisteq.c.security netpbm-10.47.04/editor/pnmhisteq.c
---- netpbm-10.47.04/editor/pnmhisteq.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmhisteq.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/editor/pnmhisteq.c.security-code netpbm-10.58.01/editor/pnmhisteq.c
+--- netpbm-10.58.01/editor/pnmhisteq.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/pnmhisteq.c 2012-04-09 15:40:03.220619577 +0200
@@ -103,6 +103,7 @@ computeLuminosityHistogram(xel * const *
unsigned int pixelCount;
unsigned int * lumahist;
@@ -1069,9 +1044,9 @@ diff -up netpbm-10.47.04/editor/pnmhisteq.c.security netpbm-10.47.04/editor/pnmh
MALLOCARRAY(lumahist, maxval + 1);
if (lumahist == NULL)
pm_error("Out of storage allocating array for %u histogram elements",
-diff -up netpbm-10.47.04/editor/pnmindex.csh.security netpbm-10.47.04/editor/pnmindex.csh
---- netpbm-10.47.04/editor/pnmindex.csh.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmindex.csh 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/editor/pnmindex.csh.security-code netpbm-10.58.01/editor/pnmindex.csh
+--- netpbm-10.58.01/editor/pnmindex.csh.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/pnmindex.csh 2012-04-09 15:40:03.221619564 +0200
@@ -1,5 +1,8 @@
#!/bin/csh -f
#
@@ -1081,9 +1056,9 @@ diff -up netpbm-10.47.04/editor/pnmindex.csh.security netpbm-10.47.04/editor/pnm
# pnmindex - build a visual index of a bunch of anymaps
#
# Copyright (C) 1991 by Jef Poskanzer.
-diff -up netpbm-10.47.04/editor/pnmpad.c.security netpbm-10.47.04/editor/pnmpad.c
---- netpbm-10.47.04/editor/pnmpad.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmpad.c 2009-10-21 15:33:51.000000000 +0200
+diff -up netpbm-10.58.01/editor/pnmpad.c.security-code netpbm-10.58.01/editor/pnmpad.c
+--- netpbm-10.58.01/editor/pnmpad.c.security-code 2012-04-09 15:31:34.000000000 +0200
++++ netpbm-10.58.01/editor/pnmpad.c 2012-04-09 15:40:03.221619564 +0200
@@ -527,6 +527,8 @@ main(int argc, const char ** argv) {
computePadSizes(cmdline, cols, rows, &lpad, &rpad, &tpad, &bpad);
@@ -1093,11 +1068,10 @@ diff -up netpbm-10.47.04/editor/pnmpad.c.security netpbm-10.47.04/editor/pnmpad.
newcols = cols + lpad + rpad;
if (PNM_FORMAT_TYPE(format) == PBM_TYPE)
-diff -up netpbm-10.47.04/editor/pnmpaste.c.security netpbm-10.47.04/editor/pnmpaste.c
-diff -up netpbm-10.47.04/editor/pnmremap.c.security netpbm-10.47.04/editor/pnmremap.c
---- netpbm-10.47.04/editor/pnmremap.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmremap.c 2009-10-21 15:28:20.000000000 +0200
-@@ -408,7 +408,7 @@ initFserr(struct pam * const pamP,
+diff -up netpbm-10.58.01/editor/pnmremap.c.security-code netpbm-10.58.01/editor/pnmremap.c
+--- netpbm-10.58.01/editor/pnmremap.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/pnmremap.c 2012-04-09 15:40:03.222619551 +0200
+@@ -409,7 +409,7 @@ initFserr(struct pam * const pamP,
unsigned int plane;
unsigned int const fserrSize = pamP->width + 2;
@@ -1106,7 +1080,7 @@ diff -up netpbm-10.47.04/editor/pnmremap.c.security netpbm-10.47.04/editor/pnmre
fserrP->width = pamP->width;
MALLOCARRAY(fserrP->thiserr, pamP->depth);
-@@ -444,6 +444,7 @@ floydInitRow(struct pam * const pamP, st
+@@ -445,6 +445,7 @@ floydInitRow(struct pam * const pamP, st
int col;
@@ -1114,10 +1088,10 @@ diff -up netpbm-10.47.04/editor/pnmremap.c.security netpbm-10.47.04/editor/pnmre
for (col = 0; col < pamP->width + 2; ++col) {
unsigned int plane;
for (plane = 0; plane < pamP->depth; ++plane)
-diff -up netpbm-10.47.04/editor/pnmscalefixed.c.security netpbm-10.47.04/editor/pnmscalefixed.c
---- netpbm-10.47.04/editor/pnmscalefixed.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmscalefixed.c 2009-10-21 15:09:34.000000000 +0200
-@@ -211,6 +211,8 @@ compute_output_dimensions(const struct c
+diff -up netpbm-10.58.01/editor/pnmscalefixed.c.security-code netpbm-10.58.01/editor/pnmscalefixed.c
+--- netpbm-10.58.01/editor/pnmscalefixed.c.security-code 2012-04-09 15:31:34.000000000 +0200
++++ netpbm-10.58.01/editor/pnmscalefixed.c 2012-04-09 15:40:03.223619538 +0200
+@@ -214,6 +214,8 @@ compute_output_dimensions(const struct c
const int rows, const int cols,
int * newrowsP, int * newcolsP) {
@@ -1126,7 +1100,7 @@ diff -up netpbm-10.47.04/editor/pnmscalefixed.c.security netpbm-10.47.04/editor/
if (cmdline.pixels) {
if (rows * cols <= cmdline.pixels) {
*newrowsP = rows;
-@@ -262,6 +264,8 @@ compute_output_dimensions(const struct c
+@@ -265,6 +267,8 @@ compute_output_dimensions(const struct c
if (*newcolsP < 1) *newcolsP = 1;
if (*newrowsP < 1) *newrowsP = 1;
@@ -1135,7 +1109,7 @@ diff -up netpbm-10.47.04/editor/pnmscalefixed.c.security netpbm-10.47.04/editor/
}
-@@ -443,6 +447,9 @@ main(int argc, char **argv ) {
+@@ -446,6 +450,9 @@ main(int argc, char **argv ) {
unfilled. We can address that by stretching, whereas the other
case would require throwing away some of the input.
*/
@@ -1145,9 +1119,9 @@ diff -up netpbm-10.47.04/editor/pnmscalefixed.c.security netpbm-10.47.04/editor/
sxscale = SCALE * newcols / cols;
syscale = SCALE * newrows / rows;
-diff -up netpbm-10.47.04/editor/pnmshear.c.security netpbm-10.47.04/editor/pnmshear.c
---- netpbm-10.47.04/editor/pnmshear.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/editor/pnmshear.c 2009-10-21 15:31:26.000000000 +0200
+diff -up netpbm-10.58.01/editor/pnmshear.c.security-code netpbm-10.58.01/editor/pnmshear.c
+--- netpbm-10.58.01/editor/pnmshear.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/pnmshear.c 2012-04-09 15:40:03.224619526 +0200
@@ -15,6 +15,7 @@
#include <assert.h>
#include <math.h>
@@ -1168,9 +1142,25 @@ diff -up netpbm-10.47.04/editor/pnmshear.c.security netpbm-10.47.04/editor/pnmsh
newcols = rows * shearfac + cols + 0.999999;
pnm_writepnminit(stdout, newcols, rows, newmaxval, newformat, 0);
-diff -up netpbm-10.47.04/editor/specialty/pamoil.c.security netpbm-10.47.04/editor/specialty/pamoil.c
---- netpbm-10.47.04/editor/specialty/pamoil.c.security 2009-10-21 13:38:56.000000000 +0200
-+++ netpbm-10.47.04/editor/specialty/pamoil.c 2009-10-21 15:09:33.000000000 +0200
+diff -up netpbm-10.58.01/editor/ppmdither.c.security-code netpbm-10.58.01/editor/ppmdither.c
+--- netpbm-10.58.01/editor/ppmdither.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/ppmdither.c 2012-04-09 15:40:03.224619526 +0200
+@@ -355,7 +355,11 @@ dithMatrix(unsigned int const dithPower)
+ unsigned int const dithMatSize =
+ (dithDim * sizeof(*dithMat)) + /* pointers */
+ (dithDim * dithDim * sizeof(**dithMat)); /* data */
+-
++
++ overflow2(dithDim, sizeof(*dithMat));
++ overflow3(dithDim, dithDim, sizeof(**dithMat));
++ overflow_add(dithDim * sizeof(*dithMat), dithDim * dithDim * sizeof(**dithMat));
++
+ dithMat = malloc(dithMatSize);
+
+ if (dithMat == NULL)
+diff -up netpbm-10.58.01/editor/specialty/pamoil.c.security-code netpbm-10.58.01/editor/specialty/pamoil.c
+--- netpbm-10.58.01/editor/specialty/pamoil.c.security-code 2012-04-09 15:31:33.000000000 +0200
++++ netpbm-10.58.01/editor/specialty/pamoil.c 2012-04-09 15:40:03.224619526 +0200
@@ -112,6 +112,7 @@ main(int argc, char *argv[] ) {
tuples = pnm_readpam(ifp, &inpam, PAM_STRUCT_SIZE(tuple_type));
pm_close(ifp);
@@ -1179,9 +1169,9 @@ diff -up netpbm-10.47.04/editor/specialty/pamoil.c.security netpbm-10.47.04/edit
MALLOCARRAY(hist, inpam.maxval + 1);
if (hist == NULL)
pm_error("Unable to allocate memory for histogram.");
-diff -up netpbm-10.47.04/generator/pbmtext.c.security netpbm-10.47.04/generator/pbmtext.c
---- netpbm-10.47.04/generator/pbmtext.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/generator/pbmtext.c 2009-10-21 15:23:15.000000000 +0200
+diff -up netpbm-10.58.01/generator/pbmtext.c.security-code netpbm-10.58.01/generator/pbmtext.c
+--- netpbm-10.58.01/generator/pbmtext.c.security-code 2012-04-09 15:31:34.000000000 +0200
++++ netpbm-10.58.01/generator/pbmtext.c 2012-04-09 15:40:03.225619514 +0200
@@ -96,12 +96,14 @@ parseCommandLine(int argc, const char **
for (i = 1; i < argc; ++i) {
@@ -1197,15 +1187,15 @@ diff -up netpbm-10.47.04/generator/pbmtext.c.security netpbm-10.47.04/generator/
totaltextsize += strlen(argv[i]);
text = realloc(text, totaltextsize);
if (text == NULL)
-@@ -711,6 +713,7 @@ getText(const char cmdline_text
+@@ -712,6 +714,7 @@ getText(const char cmdline_text
pm_error("A line of input text is longer than %u characters."
- "Cannot process.", sizeof(buf)-1);
+ "Cannot process.", (unsigned)sizeof(buf)-1);
if (lineCount >= maxlines) {
-+ overflow2(maxlines, 2);
++ overflow2(maxlines, 2);
maxlines *= 2;
REALLOCARRAY(text_array, maxlines);
if (text_array == NULL)
-@@ -831,6 +834,7 @@ main(int argc, const char *argv[]) {
+@@ -832,6 +835,7 @@ main(int argc, const char *argv[]) {
hmargin = fontP->maxwidth;
} else {
vmargin = fontP->maxheight;
@@ -1213,9 +1203,9 @@ diff -up netpbm-10.47.04/generator/pbmtext.c.security netpbm-10.47.04/generator/
hmargin = 2 * fontP->maxwidth;
}
}
-diff -up netpbm-10.47.04/generator/pgmcrater.c.security netpbm-10.47.04/generator/pgmcrater.c
---- netpbm-10.47.04/generator/pgmcrater.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/generator/pgmcrater.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/generator/pgmcrater.c.security-code netpbm-10.58.01/generator/pgmcrater.c
+--- netpbm-10.58.01/generator/pgmcrater.c.security-code 2012-04-09 15:31:34.000000000 +0200
++++ netpbm-10.58.01/generator/pgmcrater.c 2012-04-09 15:40:03.226619502 +0200
@@ -130,7 +130,7 @@ static void gencraters()
/* Acquire the elevation array and initialize it to mean
surface elevation. */
@@ -1225,9 +1215,9 @@ diff -up netpbm-10.47.04/generator/pgmcrater.c.security netpbm-10.47.04/generato
if (aux == NULL)
pm_error("out of memory allocating elevation array");
-diff -up netpbm-10.47.04/generator/pgmkernel.c.security netpbm-10.47.04/generator/pgmkernel.c
---- netpbm-10.47.04/generator/pgmkernel.c.security 2009-10-21 13:38:57.000000000 +0200
-+++ netpbm-10.47.04/generator/pgmkernel.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/generator/pgmkernel.c.security-code netpbm-10.58.01/generator/pgmkernel.c
+--- netpbm-10.58.01/generator/pgmkernel.c.security-code 2012-04-09 15:31:34.000000000 +0200
++++ netpbm-10.58.01/generator/pgmkernel.c 2012-04-09 15:40:03.226619502 +0200
@@ -68,7 +68,7 @@ main ( argc, argv )
kycenter = (fysize - 1) / 2.0;
ixsize = fxsize + 0.999;
@@ -1237,22 +1227,22 @@ diff -up netpbm-10.47.04/generator/pgmkernel.c.security netpbm-10.47.04/generato
for (i = 0; i < iysize; i++)
for (j = 0; j < ixsize; j++) {
fkernel[i*ixsize+j] = 1.0 / (1.0 + w * sqrt((double)
-diff -up netpbm-10.47.04/lib/libpam.c.security netpbm-10.47.04/lib/libpam.c
---- netpbm-10.47.04/lib/libpam.c.security 2009-10-21 13:39:00.000000000 +0200
-+++ netpbm-10.47.04/lib/libpam.c 2009-10-21 15:09:34.000000000 +0200
-@@ -235,7 +235,8 @@ allocPamRow(const struct pam * const pam
- int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample);
+diff -up netpbm-10.58.01/lib/libpam.c.security-code netpbm-10.58.01/lib/libpam.c
+--- netpbm-10.58.01/lib/libpam.c.security-code 2012-04-09 15:31:38.000000000 +0200
++++ netpbm-10.58.01/lib/libpam.c 2012-04-09 15:40:03.227619490 +0200
+@@ -220,7 +220,8 @@ allocPamRow(const struct pam * const pam
+ unsigned int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample);
tuple * tuplerow;
- tuplerow = malloc(pamP->width * (sizeof(tuple *) + bytesPerTuple));
+ overflow_add(sizeof(tuple *), bytesPerTuple);
-+ tuplerow = malloc2(pamP->width, sizeof(tuple *) + bytesPerTuple);
++ tuplerow = malloc2(pamP->width, (sizeof(tuple *) + bytesPerTuple));
if (tuplerow != NULL) {
/* Now we initialize the pointers to the individual tuples
-diff -up netpbm-10.47.04/lib/libpammap.c.security netpbm-10.47.04/lib/libpammap.c
---- netpbm-10.47.04/lib/libpammap.c.security 2009-10-21 13:39:00.000000000 +0200
-+++ netpbm-10.47.04/lib/libpammap.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/lib/libpammap.c.security-code netpbm-10.58.01/lib/libpammap.c
+--- netpbm-10.58.01/lib/libpammap.c.security-code 2012-04-09 15:31:38.000000000 +0200
++++ netpbm-10.58.01/lib/libpammap.c 2012-04-09 15:40:03.228619477 +0200
@@ -104,6 +104,8 @@ allocTupleIntListItem(struct pam * const
*/
struct tupleint_list_item * retval;
@@ -1262,9 +1252,9 @@ diff -up netpbm-10.47.04/lib/libpammap.c.security netpbm-10.47.04/lib/libpammap.
unsigned int const size =
sizeof(*retval) - sizeof(retval->tupleint.tuple)
+ pamP->depth * sizeof(sample);
-diff -up netpbm-10.47.04/lib/libpbm1.c.security netpbm-10.47.04/lib/libpbm1.c
---- netpbm-10.47.04/lib/libpbm1.c.security 2009-10-21 13:39:00.000000000 +0200
-+++ netpbm-10.47.04/lib/libpbm1.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/lib/libpbm1.c.security-code netpbm-10.58.01/lib/libpbm1.c
+--- netpbm-10.58.01/lib/libpbm1.c.security-code 2012-04-09 15:31:38.000000000 +0200
++++ netpbm-10.58.01/lib/libpbm1.c 2012-04-09 15:40:03.228619477 +0200
@@ -77,6 +77,7 @@ pbm_check(FILE * file, const enum pm_che
pm_message("pm_filepos passed to pm_check() is %u bytes",
sizeof(pm_filepos));
@@ -1273,9 +1263,10 @@ diff -up netpbm-10.47.04/lib/libpbm1.c.security netpbm-10.47.04/lib/libpbm1.c
pm_check(file, check_type, need_raster_size, retval_p);
}
}
---- netpbm-10.47.04/lib/libpm.c.security 2009-10-21 13:39:00.000000000 +0200
-+++ netpbm-10.47.04/lib/libpm.c 2009-10-21 15:09:34.000000000 +0200
-@@ -827,4 +827,53 @@ pm_parse_height(const char * const arg)
+diff -up netpbm-10.58.01/lib/libpm.c.security-code netpbm-10.58.01/lib/libpm.c
+--- netpbm-10.58.01/lib/libpm.c.security-code 2012-04-09 15:31:38.000000000 +0200
++++ netpbm-10.58.01/lib/libpm.c 2012-04-09 15:40:03.229619464 +0200
+@@ -808,4 +808,53 @@ pm_parse_height(const char * const arg)
}
@@ -1329,10 +1320,10 @@ diff -up netpbm-10.47.04/lib/libpbm1.c.security netpbm-10.47.04/lib/libpbm1.c
+ return realloc(a, b*c);
+}
-diff -up netpbm-10.47.04/lib/pm.h.security netpbm-10.47.04/lib/pm.h
---- netpbm-10.47.04/lib/pm.h.security 2009-10-21 13:39:00.000000000 +0200
-+++ netpbm-10.47.04/lib/pm.h 2009-10-21 15:09:34.000000000 +0200
-@@ -377,4 +377,11 @@ pm_parse_height(const char * const arg);
+diff -up netpbm-10.58.01/lib/pm.h.security-code netpbm-10.58.01/lib/pm.h
+--- netpbm-10.58.01/lib/pm.h.security-code 2012-04-09 15:31:38.000000000 +0200
++++ netpbm-10.58.01/lib/pm.h 2012-04-09 15:40:03.229619464 +0200
+@@ -432,4 +432,11 @@ pm_parse_height(const char * const arg);
#endif
@@ -1344,9 +1335,9 @@ diff -up netpbm-10.47.04/lib/pm.h.security netpbm-10.47.04/lib/pm.h
+void overflow_add(int, int);
+
#endif
-diff -up netpbm-10.47.04/other/pnmcolormap.c.security netpbm-10.47.04/other/pnmcolormap.c
---- netpbm-10.47.04/other/pnmcolormap.c.security 2009-10-21 13:38:54.000000000 +0200
-+++ netpbm-10.47.04/other/pnmcolormap.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/other/pnmcolormap.c.security-code netpbm-10.58.01/other/pnmcolormap.c
+--- netpbm-10.58.01/other/pnmcolormap.c.security-code 2012-04-09 15:31:32.000000000 +0200
++++ netpbm-10.58.01/other/pnmcolormap.c 2012-04-09 15:40:03.230619451 +0200
@@ -840,6 +840,7 @@ colormapToSquare(struct pam * const pamP
pamP->width = intsqrt;
else
@@ -1355,9 +1346,21 @@ diff -up netpbm-10.47.04/other/pnmcolormap.c.security netpbm-10.47.04/other/pnmc
}
{
unsigned int const intQuotient = colormap.size / pamP->width;
-diff -up netpbm-10.47.04/urt/rle_addhist.c.security netpbm-10.47.04/urt/rle_addhist.c
---- netpbm-10.47.04/urt/rle_addhist.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/rle_addhist.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/urt/README.security-code netpbm-10.58.01/urt/README
+--- netpbm-10.58.01/urt/README.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/README 2012-04-09 15:40:03.231619438 +0200
+@@ -18,3 +18,8 @@ in its initializer in the original. But
+ defines stdout as a variable, so that wouldn't compile. So I changed
+ it to NULL and added a line to rle_hdr_init to set that field to
+ 'stdout' dynamically. 2000.06.02 BJH.
++
++Redid the code to check for maths overflows and other crawly horrors.
++Removed pipe through and compress support (unsafe)
++
++Alan Cox <alan@redhat.com>
+diff -up netpbm-10.58.01/urt/rle_addhist.c.security-code netpbm-10.58.01/urt/rle_addhist.c
+--- netpbm-10.58.01/urt/rle_addhist.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/rle_addhist.c 2012-04-09 15:40:03.231619438 +0200
@@ -14,6 +14,8 @@
* If you modify this software, you should include a notice giving the
* name of the person performing the modification, the date of modification,
@@ -1367,7 +1370,7 @@ diff -up netpbm-10.47.04/urt/rle_addhist.c.security netpbm-10.47.04/urt/rle_addh
*/
/*
* rle_addhist.c - Add to the HISTORY comment in header
-@@ -76,13 +78,19 @@ rle_addhist(char * argv[],
+@@ -71,13 +73,19 @@ rle_addhist(char * argv[],
return;
length = 0;
@@ -1388,7 +1391,7 @@ diff -up netpbm-10.47.04/urt/rle_addhist.c.security netpbm-10.47.04/urt/rle_addh
length += strlen(padding) + 3 + strlen(histoire) + 1;
/* length of padding, "on " and length of history name plus "="*/
if (in_hdr) /* if we are interested in the old comments... */
-@@ -90,9 +98,12 @@ rle_addhist(char * argv[],
+@@ -85,9 +93,12 @@ rle_addhist(char * argv[],
else
old = NULL;
@@ -1402,9 +1405,9 @@ diff -up netpbm-10.47.04/urt/rle_addhist.c.security netpbm-10.47.04/urt/rle_addh
++length; /*Cater for the null. */
MALLOCARRAY(newc, length);
-diff -up netpbm-10.47.04/urt/rle_getrow.c.security netpbm-10.47.04/urt/rle_getrow.c
---- netpbm-10.47.04/urt/rle_getrow.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/rle_getrow.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/urt/rle_getrow.c.security-code netpbm-10.58.01/urt/rle_getrow.c
+--- netpbm-10.58.01/urt/rle_getrow.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/rle_getrow.c 2012-04-09 15:40:03.232619426 +0200
@@ -17,6 +17,8 @@
*
* Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire
@@ -1422,9 +1425,9 @@ diff -up netpbm-10.47.04/urt/rle_getrow.c.security netpbm-10.47.04/urt/rle_getro
evenlen = (comlen + 1) & ~1; /* make it even */
if ( evenlen )
{
-diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
---- netpbm-10.47.04/urt/rle_hdr.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/rle_hdr.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/urt/rle_hdr.c.security-code netpbm-10.58.01/urt/rle_hdr.c
+--- netpbm-10.58.01/urt/rle_hdr.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/rle_hdr.c 2012-04-09 15:40:03.233619414 +0200
@@ -14,6 +14,8 @@
* If you modify this software, you should include a notice giving the
* name of the person performing the modification, the date of modification,
@@ -1434,7 +1437,7 @@ diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
*/
/*
* rle_hdr.c - Functions to manipulate rle_hdr structures.
-@@ -79,7 +81,10 @@ int img_num;
+@@ -80,7 +82,10 @@ int img_num;
/* Fill in with copies of the strings. */
if ( the_hdr->cmd != pgmname )
{
@@ -1446,7 +1449,7 @@ diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
RLE_CHECK_ALLOC( pgmname, tmp, 0 );
strcpy( tmp, pgmname );
the_hdr->cmd = tmp;
-@@ -87,7 +92,9 @@ int img_num;
+@@ -88,7 +93,9 @@ int img_num;
if ( the_hdr->file_name != fname )
{
@@ -1457,7 +1460,7 @@ diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
RLE_CHECK_ALLOC( pgmname, tmp, 0 );
strcpy( tmp, fname );
the_hdr->file_name = tmp;
-@@ -152,6 +159,7 @@ rle_hdr *from_hdr, *to_hdr;
+@@ -153,6 +160,7 @@ rle_hdr *from_hdr, *to_hdr;
if ( to_hdr->bg_color )
{
int size = to_hdr->ncolors * sizeof(int);
@@ -1465,7 +1468,7 @@ diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
to_hdr->bg_color = (int *)malloc( size );
RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->bg_color, "background color" );
memcpy( to_hdr->bg_color, from_hdr->bg_color, size );
-@@ -160,7 +168,7 @@ rle_hdr *from_hdr, *to_hdr;
+@@ -161,7 +169,7 @@ rle_hdr *from_hdr, *to_hdr;
if ( to_hdr->cmap )
{
int size = to_hdr->ncmap * (1 << to_hdr->cmaplen) * sizeof(rle_map);
@@ -1474,7 +1477,7 @@ diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->cmap, "color map" );
memcpy( to_hdr->cmap, from_hdr->cmap, size );
}
-@@ -173,11 +181,16 @@ rle_hdr *from_hdr, *to_hdr;
+@@ -174,11 +182,16 @@ rle_hdr *from_hdr, *to_hdr;
int size = 0;
CONST_DECL char **cp;
for ( cp=to_hdr->comments; *cp; cp++ )
@@ -1491,13 +1494,45 @@ diff -up netpbm-10.47.04/urt/rle_hdr.c.security netpbm-10.47.04/urt/rle_hdr.c
size *= sizeof(char *);
to_hdr->comments = (CONST_DECL char **)malloc( size );
RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->comments, "comments" );
-diff -up netpbm-10.47.04/urt/rle_open_f.c.security netpbm-10.47.04/urt/rle_open_f.c
---- netpbm-10.47.04/urt/rle_open_f.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/rle_open_f.c 2009-10-21 15:15:38.000000000 +0200
-@@ -163,64 +163,7 @@ dealWithSubprocess(const char * const f
+diff -up netpbm-10.58.01/urt/rle.h.security-code netpbm-10.58.01/urt/rle.h
+--- netpbm-10.58.01/urt/rle.h.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/rle.h 2012-04-09 15:40:03.233619414 +0200
+@@ -14,6 +14,9 @@
+ * If you modify this software, you should include a notice giving the
+ * name of the person performing the modification, the date of modification,
+ * and the reason for such modification.
++ *
++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox <alan@redhat.com>
++ * Header declarations needed
+ */
+ /*
+ * rle.h - Global declarations for Utah Raster Toolkit RLE programs.
+@@ -160,6 +163,17 @@ rle_hdr /* End of typedef. *
+ */
+ extern rle_hdr rle_dflt_hdr;
+
++/*
++ * Provided by pm library
++ */
++
++extern void overflow_add(int, int);
++#define overflow2(a,b) __overflow2(a,b)
++extern void __overflow2(int, int);
++extern void overflow3(int, int, int);
++extern void *malloc2(int, int);
++extern void *malloc3(int, int, int);
++extern void *realloc2(void *, int, int);
+
+ /* Declare RLE library routines. */
+
+diff -up netpbm-10.58.01/urt/rle_open_f.c.security-code netpbm-10.58.01/urt/rle_open_f.c
+--- netpbm-10.58.01/urt/rle_open_f.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/rle_open_f.c 2012-04-09 15:40:03.234619402 +0200
+@@ -163,65 +163,7 @@ dealWithSubprocess(const char * const f
+ FILE ** const fpP,
bool * const noSubprocessP,
const char ** const errorP) {
-
+-
-#ifdef NO_OPEN_PIPES
*noSubprocessP = TRUE;
-#else
@@ -1559,9 +1594,9 @@ diff -up netpbm-10.47.04/urt/rle_open_f.c.security netpbm-10.47.04/urt/rle_open_
}
-diff -up netpbm-10.47.04/urt/rle_putcom.c.security netpbm-10.47.04/urt/rle_putcom.c
---- netpbm-10.47.04/urt/rle_putcom.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/rle_putcom.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/urt/rle_putcom.c.security-code netpbm-10.58.01/urt/rle_putcom.c
+--- netpbm-10.58.01/urt/rle_putcom.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/rle_putcom.c 2012-04-09 15:40:03.234619402 +0200
@@ -14,6 +14,8 @@
* If you modify this software, you should include a notice giving the
* name of the person performing the modification, the date of modification,
@@ -1587,9 +1622,9 @@ diff -up netpbm-10.47.04/urt/rle_putcom.c.security netpbm-10.47.04/urt/rle_putco
/* Not found */
/* Can't realloc because somebody else might be pointing to this
* comments block. Of course, if this were true, then the
-diff -up netpbm-10.47.04/urt/Runput.c.security netpbm-10.47.04/urt/Runput.c
---- netpbm-10.47.04/urt/Runput.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/Runput.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/urt/Runput.c.security-code netpbm-10.58.01/urt/Runput.c
+--- netpbm-10.58.01/urt/Runput.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/Runput.c 2012-04-09 15:40:03.235619390 +0200
@@ -17,6 +17,8 @@
*
* Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire
@@ -1622,9 +1657,9 @@ diff -up netpbm-10.47.04/urt/Runput.c.security netpbm-10.47.04/urt/Runput.c
if ( h_cmap == NULL )
{
fprintf( stderr,
-diff -up netpbm-10.47.04/urt/scanargs.c.security netpbm-10.47.04/urt/scanargs.c
---- netpbm-10.47.04/urt/scanargs.c.security 2009-10-21 13:39:11.000000000 +0200
-+++ netpbm-10.47.04/urt/scanargs.c 2009-10-21 15:09:34.000000000 +0200
+diff -up netpbm-10.58.01/urt/scanargs.c.security-code netpbm-10.58.01/urt/scanargs.c
+--- netpbm-10.58.01/urt/scanargs.c.security-code 2012-04-09 15:31:45.000000000 +0200
++++ netpbm-10.58.01/urt/scanargs.c 2012-04-09 15:40:03.235619390 +0200
@@ -38,6 +38,8 @@
*
* Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire
@@ -1633,8 +1668,8 @@ diff -up netpbm-10.47.04/urt/scanargs.c.security netpbm-10.47.04/urt/scanargs.c
+ * 2002-12-19: Fix maths wrapping bugs. Alan Cox <alan@redhat.com>
*/
- #include "rle.h"
-@@ -65,8 +67,8 @@ typedef int *ptr;
+ #include <stdio.h>
+@@ -63,8 +65,8 @@ typedef int *ptr;
/*
* Storage allocation macros
*/
@@ -1643,26 +1678,5 @@ diff -up netpbm-10.47.04/urt/scanargs.c.security netpbm-10.47.04/urt/scanargs.c
+#define NEW( type, cnt ) (type *) malloc2( (cnt) , sizeof( type ) )
+#define RENEW( type, ptr, cnt ) (type *) realloc2( ptr, (cnt), sizeof( type ) )
- #if defined(c_plusplus) && !defined(USE_PROTOTYPES)
- #define USE_PROTOTYPES
---- advanced/urt/rle_hdr.c.old 2012-01-21 05:57:25.000000000 -0500
-+++ advanced/urt/rle_hdr.c 2012-01-21 05:57:50.000000000 -0500
-@@ -29,6 +29,18 @@
-
- #include <string.h>
-
-+/*
-+ * Provided by pm library
-+ */
-+
-+extern void overflow_add(int, int);
-+#define overflow2(a,b) __overflow2(a,b)
-+extern void __overflow2(int, int);
-+extern void overflow3(int, int, int);
-+extern void *malloc2(int, int);
-+/*extern void *malloc3(int, int, int);*/
-+extern void *realloc2(void *, int, int);
-+
- /*****************************************************************
- * TAG( rle_names )
- *
+ static CONST_DECL char * prformat( CONST_DECL char *, int );
+ static int isnum( CONST_DECL char *, int, int );
diff --git a/extra/netpbm/netpbm-security-scripts.patch b/extra/netpbm/netpbm-security-scripts.patch
index 557914b66..831be8295 100644
--- a/extra/netpbm/netpbm-security-scripts.patch
+++ b/extra/netpbm/netpbm-security-scripts.patch
@@ -356,24 +356,6 @@ diff -up netpbm-10.47.05/editor/ppmfade.security-scripts netpbm-10.47.05/editor/
+system("rm $tmpdir/junk*$$.ppm");
exit(0);
-diff -up netpbm-10.47.05/editor/ppmquantall.security-scripts netpbm-10.47.05/editor/ppmquantall
---- netpbm-10.47.05/editor/ppmquantall.security-scripts 2009-12-10 08:34:32.000000000 +0100
-+++ netpbm-10.47.05/editor/ppmquantall 2010-03-16 21:28:09.000000000 +0100
-@@ -70,12 +70,8 @@ for i in ${files[@]}; do
- heights=(${heights[*]} `grep -v '^#' $i | sed '1d; s/.* //; 2q'`)
- done
-
--tempdir="${TMPDIR-/tmp}/ppmquantall.$$"
--mkdir -m 0700 $tempdir || \
-- { echo "Could not create temporary file. Exiting."; exit 1;}
--trap 'rm -rf $tempdir' 0 1 3 15
--
--all=$tempdir/pqa.all.$$
-+all=$(mktemp -t pqa.all.XXXXXXXXXX) || exit 1
-+rm -f $all
-
- pnmcat -topbottom -jleft -white ${files[@]} | pnmquant $newcolors > $all
- if [ $? != 0 ]; then
diff -up netpbm-10.47.05/editor/ppmshadow.security-scripts netpbm-10.47.05/editor/ppmshadow
--- netpbm-10.47.05/editor/ppmshadow.security-scripts 2009-12-10 08:34:32.000000000 +0100
+++ netpbm-10.47.05/editor/ppmshadow 2010-03-16 21:28:09.000000000 +0100