From b764a223c0b6b4a0001839d8b0fd83b604fbb219 Mon Sep 17 00:00:00 2001
From: root <root@rshg054.dnsready.net>
Date: Sat, 7 Sep 2013 02:08:54 -0700
Subject: Sat Sep  7 02:08:44 PDT 2013

---
 extra/lcms/PKGBUILD            | 15 +++++++---
 extra/lcms/cve-2013-4276.patch | 62 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 73 insertions(+), 4 deletions(-)
 create mode 100644 extra/lcms/cve-2013-4276.patch

(limited to 'extra/lcms')

diff --git a/extra/lcms/PKGBUILD b/extra/lcms/PKGBUILD
index a8706fe41..7271ad881 100644
--- a/extra/lcms/PKGBUILD
+++ b/extra/lcms/PKGBUILD
@@ -1,18 +1,25 @@
-# $Id: PKGBUILD 148810 2012-02-05 11:51:27Z ibiru $
+# $Id: PKGBUILD 193922 2013-09-06 07:11:54Z bpiotrowski $
 # Maintainer: Tobias Kieslich <neri@archlinux.org>
 # Contributor: Ben <contrasutra@myrealbox.com>
 
 pkgname=lcms
 pkgver=1.19
-pkgrel=2
+pkgrel=4
 pkgdesc="Lightweight color management development library/engine"
 arch=('i686' 'x86_64')
 license=('custom')
 depends=('libtiff')
 url="http://www.littlecms.com"
 options=('!libtool')
-source=(http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pkgver}.tar.gz)
-md5sums=('8af94611baf20d9646c7c2c285859818')
+source=(http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pkgver}.tar.gz
+        cve-2013-4276.patch)
+md5sums=('8af94611baf20d9646c7c2c285859818'
+         'fa1db4861cfa05f4c4a2c826e1c35502')
+
+prepare() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+  patch -Np1 -i ../cve-2013-4276.patch
+}
 
 build() {
   cd "${srcdir}/${pkgname}-${pkgver}"
diff --git a/extra/lcms/cve-2013-4276.patch b/extra/lcms/cve-2013-4276.patch
new file mode 100644
index 000000000..8f2f32297
--- /dev/null
+++ b/extra/lcms/cve-2013-4276.patch
@@ -0,0 +1,62 @@
+diff -ur lcms-1.19.dfsg/samples/icctrans.c lcms-1.19.dfsg-patched/samples/icctrans.c
+--- lcms-1.19.dfsg/samples/icctrans.c	2009-10-30 15:57:45.000000000 +0000
++++ lcms-1.19.dfsg-patched/samples/icctrans.c	2013-08-06 11:53:14.385266647 +0100
+@@ -86,6 +86,8 @@
+ static LPcmsNAMEDCOLORLIST InputColorant = NULL;
+ static LPcmsNAMEDCOLORLIST OutputColorant = NULL;
+ 
++unsigned int Buffer_size = 4096;
++
+ 
+ // isatty replacement
+ 
+@@ -500,7 +502,7 @@
+ 
+     Prefix[0] = 0;
+     if (!lTerse)
+-        sprintf(Prefix, "%s=", C);
++        snprintf(Prefix, 20, "%s=", C);
+ 
+     if (InHexa)
+     {
+@@ -648,7 +650,9 @@
+ static
+ void GetLine(char* Buffer)
+ {    
+-    scanf("%s", Buffer);
++    char User_buffer[Buffer_size];
++    fgets(User_buffer, (Buffer_size - 1), stdin);
++    sscanf(User_buffer,"%s", Buffer);
+     
+     if (toupper(Buffer[0]) == 'Q') { // Quit?
+ 
+@@ -668,7 +672,7 @@
+ static
+ double GetAnswer(const char* Prompt, double Range)
+ {
+-    char Buffer[4096];
++    char Buffer[Buffer_size];
+     double val = 0.0;
+ 	       
+     if (Range == 0.0) {              // Range 0 means double value
+@@ -738,7 +742,7 @@
+ static
+ WORD GetIndex(void)
+ {
+-    char Buffer[4096], Name[40], Prefix[40], Suffix[40];
++    char Buffer[Buffer_size], Name[40], Prefix[40], Suffix[40];
+     int index, max;
+ 
+     max = cmsNamedColorCount(hTrans)-1;
+diff -ur lcms-1.19.dfsg/tifficc/tiffdiff.c lcms-1.19.dfsg-patched/tifficc/tiffdiff.c
+--- lcms-1.19.dfsg/tifficc/tiffdiff.c	2009-10-30 15:57:46.000000000 +0000
++++ lcms-1.19.dfsg-patched/tifficc/tiffdiff.c	2013-08-06 11:49:06.698951157 +0100
+@@ -633,7 +633,7 @@
+     cmsIT8SetSheetType(hIT8, "TIFFDIFF");
+     
+    
+-    sprintf(Buffer, "Differences between %s and %s", TiffName1, TiffName2);
++    snprintf(Buffer, 256, "Differences between %s and %s", TiffName1, TiffName2);
+   
+     cmsIT8SetComment(hIT8, Buffer);
+ 
-- 
cgit v1.2.3-54-g00ecf