On 2023/06/28 01:03, Nam Nguyen wrote: > > Here is an inline diff to update graphics/tiff to 4.5.1. > > changelog: > https://gitlab.com/libtiff/libtiff/-/releases/v4.5.1 > > This diff: > - updates to tiff 4.5.1 > - removes patches for backported fixes > - updates patch line numbers > - minor bumps tiff and updates library version comments to # 6.1 > > I minor bumped tiff and kept tiffxx. tiff should be bumped because of a > new struct, TIFFRational_t, in tiffio.h. see: > https://gitlab.com/libtiff/libtiff/-/commit/b90b20d36d7833f54a1f3014c324f6c21b988006#bc08ed70039d5dda0c481a3fe2ba5d16e2afed0a
a newly added struct by itself doesn't mean a minor bump. depends if it's used by some function call (and then, the new function or change in function call arguments would warrant a bump by itself) a _changed_ struct may well need a bump > Also, the minor bump can also be justified because tiff.h has some new > defines for DNG. Depends what it's used for, it might not be important. If those are just used as constants by code that uses them and not tied to any handling in the library then it wkn't matter. But bumps are fairly cheap, _as long as_ it's not something that needs backporting to -stable. > 4. diffing headers > tiffio.hxx is for the tiffxx shared library. > tiff.h and tiffio.h are for the tiff shared library. tiffio.hxx #includes tiff.h, so if you consider the tiff.h header changes enough to warrant a minor bump in libtiff, then libtiffxx needs that too so I think you either want no bump,.or a minor bump for both libs. > +++ Makefile 28 Jun 2023 07:32:27 -0000 > @@ -1,9 +1,8 @@ > COMMENT= tools and library routines for working with TIFF images > > -DISTNAME= tiff-4.5.0 > -REVISION= 0 > -SHARED_LIBS= tiff 42.0 # 13.0 > -SHARED_LIBS+= tiffxx 42.0 # 13.0 > +DISTNAME= tiff-4.5.1 > +SHARED_LIBS= tiff 42.1 # 6.1 > +SHARED_LIBS+= tiffxx 42.0 # 6.1 > CATEGORIES= graphics > > MASTER_SITES= https://download.osgeo.org/libtiff/ > Index: distinfo > =================================================================== > RCS file: /cvs/ports/graphics/tiff/distinfo,v > retrieving revision 1.28 > diff -u -p -u -p -r1.28 distinfo > --- distinfo 19 Dec 2022 08:50:38 -0000 1.28 > +++ distinfo 28 Jun 2023 07:32:27 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (tiff-4.5.0.tar.xz) = 2vrJecXntsZQAlVpxaTnIJlbpfF7wX5idtHxJCe+Jnw= > -SIZE (tiff-4.5.0.tar.xz) = 2320900 > +SHA256 (tiff-4.5.1.tar.xz) = PAgIZxFMJu2rMSlkSmO3CAKKkFFLf+MSbjjhHST5+Io= > +SIZE (tiff-4.5.1.tar.xz) = 2228040 > Index: patches/patch-doc_Makefile_in > =================================================================== > RCS file: /cvs/ports/graphics/tiff/patches/patch-doc_Makefile_in,v > retrieving revision 1.1 > diff -u -p -u -p -r1.1 patch-doc_Makefile_in > --- patches/patch-doc_Makefile_in 19 Dec 2022 08:50:38 -0000 1.1 > +++ patches/patch-doc_Makefile_in 28 Jun 2023 07:32:27 -0000 > @@ -1,7 +1,7 @@ > Index: doc/Makefile.in > --- doc/Makefile.in.orig > +++ doc/Makefile.in > -@@ -609,7 +609,7 @@ install-man3: $(man3_MANS) > +@@ -610,7 +610,7 @@ install-man3: $(man3_MANS) > if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ > echo "$$d$$p"; echo "$$p"; \ > done | \ > Index: patches/patch-libtiff_tif_close_c > =================================================================== > RCS file: patches/patch-libtiff_tif_close_c > diff -N patches/patch-libtiff_tif_close_c > --- patches/patch-libtiff_tif_close_c 22 Feb 2023 17:27:16 -0000 1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,23 +0,0 @@ > -TIFFClose() avoid NULL pointer dereference > -https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1e > - > -Index: libtiff/tif_close.c > ---- libtiff/tif_close.c.orig > -+++ libtiff/tif_close.c > -@@ -130,9 +130,12 @@ void TIFFCleanup(TIFF *tif) > - > - void TIFFClose(TIFF *tif) > - { > -- TIFFCloseProc closeproc = tif->tif_closeproc; > -- thandle_t fd = tif->tif_clientdata; > -+ if (tif != NULL) > -+ { > -+ TIFFCloseProc closeproc = tif->tif_closeproc; > -+ thandle_t fd = tif->tif_clientdata; > - > -- TIFFCleanup(tif); > -- (void)(*closeproc)(fd); > -+ TIFFCleanup(tif); > -+ (void)(*closeproc)(fd); > -+ } > - } > Index: patches/patch-tools_tiffcrop_c > =================================================================== > RCS file: patches/patch-tools_tiffcrop_c > diff -N patches/patch-tools_tiffcrop_c > --- patches/patch-tools_tiffcrop_c 22 Feb 2023 17:27:16 -0000 1.7 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,329 +0,0 @@ > -CVE-2022-48281 > -https://gitlab.com/libtiff/libtiff/-/commit/97d65859bc > - > -Correctly update buffersize after rotateImage() > -https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5e > - > -CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 > -and CVE-2023-0799 > -https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d > - > -CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 > -and CVE-2023-0804 > -https://gitlab.com/libtiff/libtiff/-/commit/82a7fbb1fa > - > -Index: tools/tiffcrop.c > ---- tools/tiffcrop.c.orig > -+++ tools/tiffcrop.c > -@@ -296,7 +296,6 @@ struct region > - uint32_t width; /* width in pixels */ > - uint32_t length; /* length in pixels */ > - uint32_t buffsize; /* size of buffer needed to hold the cropped region > */ > -- unsigned char *buffptr; /* address of start of the region */ > - }; > - > - /* Cropping parameters from command line and image data > -@@ -577,7 +576,7 @@ static int rotateContigSamples24bits(uint16_t, uint16_ > - static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t, > - uint32_t, uint32_t, uint8_t *, uint8_t > *); > - static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t > *, > -- unsigned char **); > -+ unsigned char **, size_t *, int); > - static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, > - unsigned char *); > - static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, > -@@ -2920,7 +2919,10 @@ int main(int argc, char *argv[]) > - } > - } > - > -- TIFFClose(out); > -+ if (out != NULL) > -+ { > -+ TIFFClose(out); > -+ } > - > - return (0); > - } /* end main */ > -@@ -5779,7 +5781,6 @@ static void initCropMasks(struct crop_mask *cps) > - cps->regionlist[i].width = 0; > - cps->regionlist[i].length = 0; > - cps->regionlist[i].buffsize = 0; > -- cps->regionlist[i].buffptr = NULL; > - cps->zonelist[i].position = 0; > - cps->zonelist[i].total = 0; > - } > -@@ -5932,18 +5933,40 @@ static int computeInputPixelOffsets(struct crop_mask > * > - > - crop->regionlist[i].buffsize = buffsize; > - crop->bufftotal += buffsize; > -+ > -+ /* For composite images with more than one region, the > -+ * combined_length or combined_width always needs to be equal, > -+ * respectively. > -+ * Otherwise, even the first section/region copy > -+ * action might cause buffer overrun. */ > - if (crop->img_mode == COMPOSITE_IMAGES) > - { > - switch (crop->edge_ref) > - { > - case EDGE_LEFT: > - case EDGE_RIGHT: > -+ if (i > 0 && zlength != crop->combined_length) > -+ { > -+ TIFFError( > -+ "computeInputPixelOffsets", > -+ "Only equal length regions can be combined > for " > -+ "-E left or right"); > -+ return (-1); > -+ } > - crop->combined_length = zlength; > - crop->combined_width += zwidth; > - break; > - case EDGE_BOTTOM: > - case EDGE_TOP: /* width from left, length from top */ > - default: > -+ if (i > 0 && zwidth != crop->combined_width) > -+ { > -+ TIFFError("computeInputPixelOffsets", > -+ "Only equal width regions can be " > -+ "combined for -E " > -+ "top or bottom"); > -+ return (-1); > -+ } > - crop->combined_width = zwidth; > - crop->combined_length += zlength; > - break; > -@@ -7241,9 +7264,13 @@ static int correct_orientation(struct image_data *imag > - (uint16_t)(image->adjustments & ROTATE_ANY)); > - return (-1); > - } > -- > -- if (rotateImage(rotation, image, &image->width, &image->length, > -- work_buff_ptr)) > -+ /* Dummy variable in order not to switch two times the > -+ * image->width,->length within rotateImage(), > -+ * but switch xres, yres there. */ > -+ uint32_t width = image->width; > -+ uint32_t length = image->length; > -+ if (rotateImage(rotation, image, &width, &length, work_buff_ptr, > NULL, > -+ TRUE)) > - { > - TIFFError("correct_orientation", "Unable to rotate image"); > - return (-1); > -@@ -7298,6 +7325,46 @@ static int extractCompositeRegions(struct image_data * > - crop->combined_width = 0; > - crop->combined_length = 0; > - > -+ /* If there is more than one region, check beforehand whether all the > width > -+ * and length values of the regions are the same, respectively. */ > -+ switch (crop->edge_ref) > -+ { > -+ default: > -+ case EDGE_TOP: > -+ case EDGE_BOTTOM: > -+ for (i = 1; i < crop->selections; i++) > -+ { > -+ uint32_t crop_width0 = > -+ crop->regionlist[i - 1].x2 - crop->regionlist[i - 1].x1 > + 1; > -+ uint32_t crop_width1 = > -+ crop->regionlist[i].x2 - crop->regionlist[i].x1 + 1; > -+ if (crop_width0 != crop_width1) > -+ { > -+ TIFFError("extractCompositeRegions", > -+ "Only equal width regions can be combined for > -E " > -+ "top or bottom"); > -+ return (1); > -+ } > -+ } > -+ break; > -+ case EDGE_LEFT: > -+ case EDGE_RIGHT: > -+ for (i = 1; i < crop->selections; i++) > -+ { > -+ uint32_t crop_length0 = > -+ crop->regionlist[i - 1].y2 - crop->regionlist[i - 1].y1 > + 1; > -+ uint32_t crop_length1 = > -+ crop->regionlist[i].y2 - crop->regionlist[i].y1 + 1; > -+ if (crop_length0 != crop_length1) > -+ { > -+ TIFFError("extractCompositeRegions", > -+ "Only equal length regions can be combined > for " > -+ "-E left or right"); > -+ return (1); > -+ } > -+ } > -+ } > -+ > - for (i = 0; i < crop->selections; i++) > - { > - /* rows, columns, width, length are expressed in pixels */ > -@@ -7312,7 +7379,6 @@ static int extractCompositeRegions(struct image_data * > - /* These should not be needed for composite images */ > - crop->regionlist[i].width = crop_width; > - crop->regionlist[i].length = crop_length; > -- crop->regionlist[i].buffptr = crop_buff; > - > - src_rowsize = ((img_width * bps * spp) + 7) / 8; > - dst_rowsize = (((crop_width * bps * count) + 7) / 8); > -@@ -7322,7 +7388,8 @@ static int extractCompositeRegions(struct image_data * > - default: > - case EDGE_TOP: > - case EDGE_BOTTOM: > -- if ((i > 0) && (crop_width != crop->regionlist[i - > 1].width)) > -+ if ((crop->selections > i + 1) && > -+ (crop_width != crop->regionlist[i + 1].width)) > - { > - TIFFError("extractCompositeRegions", > - "Only equal width regions can be combined for > -E " > -@@ -7415,7 +7482,8 @@ static int extractCompositeRegions(struct image_data * > - case EDGE_LEFT: /* splice the pieces of each row together, side > by > - side */ > - case EDGE_RIGHT: > -- if ((i > 0) && (crop_length != crop->regionlist[i - > 1].length)) > -+ if ((crop->selections > i + 1) && > -+ (crop_length != crop->regionlist[i + 1].length)) > - { > - TIFFError("extractCompositeRegions", > - "Only equal length regions can be combined > for " > -@@ -7573,7 +7641,6 @@ static int extractSeparateRegion(struct image_data *im > - > - crop->regionlist[region].width = crop_width; > - crop->regionlist[region].length = crop_length; > -- crop->regionlist[region].buffptr = crop_buff; > - > - src = read_buff; > - dst = crop_buff; > -@@ -8563,8 +8630,13 @@ static int processCropSelections(struct image_data *im > - if (crop->crop_mode & CROP_ROTATE) /* rotate should be last as it > can > - reallocate the buffer */ > - { > -+ /* rotateImage() set up a new buffer and calculates its size > -+ * individually. Therefore, seg_buffs size needs to be updated > -+ * accordingly. */ > -+ size_t rot_buf_size = 0; > - if (rotateImage(crop->rotation, image, &crop->combined_width, > -- &crop->combined_length, &crop_buff)) > -+ &crop->combined_length, &crop_buff, > &rot_buf_size, > -+ FALSE)) > - { > - TIFFError("processCropSelections", > - "Failed to rotate composite regions by %" PRIu32 > -@@ -8573,9 +8645,7 @@ static int processCropSelections(struct image_data *im > - return (-1); > - } > - seg_buffs[0].buffer = crop_buff; > -- seg_buffs[0].size = > -- (((crop->combined_width * image->bps + 7) / 8) * > image->spp) * > -- crop->combined_length; > -+ seg_buffs[0].size = rot_buf_size; > - } > - } > - else /* Separated Images */ > -@@ -8591,7 +8661,7 @@ static int processCropSelections(struct image_data *im > - cropsize + NUM_BUFF_OVERSIZE_BYTES); > - else > - { > -- prev_cropsize = seg_buffs[0].size; > -+ prev_cropsize = seg_buffs[i].size; > - if (prev_cropsize < cropsize) > - { > - next_buff = _TIFFrealloc( > -@@ -8686,10 +8756,14 @@ static int processCropSelections(struct image_data > *im > - * ->yres, what it schouldn't do here, when more than one > - * section is processed. ToDo: Therefore rotateImage() and > its > - * usage has to be reworked (e.g. like mirrorImage()) !! > -- */ > -+ * Furthermore, rotateImage() set up a new buffer and > calculates > -+ * its size individually. Therefore, seg_buffs size needs > to be > -+ * updated accordingly. */ > -+ size_t rot_buf_size = 0; > - if (rotateImage(crop->rotation, image, > - &crop->regionlist[i].width, > -- &crop->regionlist[i].length, &crop_buff)) > -+ &crop->regionlist[i].length, &crop_buff, > -+ &rot_buf_size, FALSE)) > - { > - TIFFError("processCropSelections", > - "Failed to rotate crop region by %" PRIu16 > -@@ -8702,10 +8776,7 @@ static int processCropSelections(struct image_data *im > - crop->combined_width = total_width; > - crop->combined_length = total_length; > - seg_buffs[i].buffer = crop_buff; > -- seg_buffs[i].size = > -- (((crop->regionlist[i].width * image->bps + 7) / 8) * > -- image->spp) * > -- crop->regionlist[i].length; > -+ seg_buffs[i].size = rot_buf_size; > - } > - } /* for crop->selections loop */ > - } /* Separated Images (else case) */ > -@@ -8836,7 +8907,7 @@ static int createCroppedImage(struct image_data *image > - CROP_ROTATE) /* rotate should be last as it can reallocate the > buffer */ > - { > - if (rotateImage(crop->rotation, image, &crop->combined_width, > -- &crop->combined_length, crop_buff_ptr)) > -+ &crop->combined_length, crop_buff_ptr, NULL, TRUE)) > - { > - TIFFError("createCroppedImage", > - "Failed to rotate image or cropped selection by %" > PRIu16 > -@@ -9552,7 +9623,8 @@ static int rotateContigSamples32bits(uint16_t rotation > - /* Rotate an image by a multiple of 90 degrees clockwise */ > - static int rotateImage(uint16_t rotation, struct image_data *image, > - uint32_t *img_width, uint32_t *img_length, > -- unsigned char **ibuff_ptr) > -+ unsigned char **ibuff_ptr, size_t *rot_buf_size, > -+ int rot_image_params) > - { > - int shift_width; > - uint32_t bytes_per_pixel, bytes_per_sample; > -@@ -9610,6 +9682,8 @@ static int rotateImage(uint16_t rotation, struct image > - return (-1); > - } > - _TIFFmemset(rbuff, '\0', buffsize + NUM_BUFF_OVERSIZE_BYTES); > -+ if (rot_buf_size != NULL) > -+ *rot_buf_size = buffsize; > - > - ibuff = *ibuff_ptr; > - switch (rotation) > -@@ -9768,11 +9842,15 @@ static int rotateImage(uint16_t rotation, struct > image > - > - *img_width = length; > - *img_length = width; > -- image->width = length; > -- image->length = width; > -- res_temp = image->xres; > -- image->xres = image->yres; > -- image->yres = res_temp; > -+ /* Only toggle image parameters if whole input image is > rotated. */ > -+ if (rot_image_params) > -+ { > -+ image->width = length; > -+ image->length = width; > -+ res_temp = image->xres; > -+ image->xres = image->yres; > -+ image->yres = res_temp; > -+ } > - break; > - > - case 270: > -@@ -9855,11 +9933,15 @@ static int rotateImage(uint16_t rotation, struct > image > - > - *img_width = length; > - *img_length = width; > -- image->width = length; > -- image->length = width; > -- res_temp = image->xres; > -- image->xres = image->yres; > -- image->yres = res_temp; > -+ /* Only toggle image parameters if whole input image is > rotated. */ > -+ if (rot_image_params) > -+ { > -+ image->width = length; > -+ image->length = width; > -+ res_temp = image->xres; > -+ image->xres = image->yres; > -+ image->yres = res_temp; > -+ } > - break; > - default: > - break; > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/graphics/tiff/pkg/PLIST,v > retrieving revision 1.32 > diff -u -p -u -p -r1.32 PLIST > --- pkg/PLIST 19 Dec 2022 08:50:39 -0000 1.32 > +++ pkg/PLIST 28 Jun 2023 07:32:27 -0000 > @@ -200,6 +200,7 @@ share/doc/tiff/manual/_sources/images.rs > share/doc/tiff/manual/_sources/index.rst.txt > share/doc/tiff/manual/_sources/internals.rst.txt > share/doc/tiff/manual/_sources/libtiff.rst.txt > +share/doc/tiff/manual/_sources/multi_page.rst.txt > share/doc/tiff/manual/_sources/project/ > share/doc/tiff/manual/_sources/project/acknowledgements.rst.txt > share/doc/tiff/manual/_sources/project/bugs.rst.txt > @@ -265,6 +266,7 @@ share/doc/tiff/manual/_sources/releases/ > share/doc/tiff/manual/_sources/releases/v4.3.0.rst.txt > share/doc/tiff/manual/_sources/releases/v4.4.0.rst.txt > share/doc/tiff/manual/_sources/releases/v4.5.0.rst.txt > +share/doc/tiff/manual/_sources/releases/v4.5.1.rst.txt > share/doc/tiff/manual/_sources/specification/ > share/doc/tiff/manual/_sources/specification/bigtiff.rst.txt > share/doc/tiff/manual/_sources/specification/coverage-bigtiff.rst.txt > @@ -296,14 +298,11 @@ share/doc/tiff/manual/_sources/tools/tif > share/doc/tiff/manual/_sources/tools/tiffset.rst.txt > share/doc/tiff/manual/_sources/tools/tiffsplit.rst.txt > share/doc/tiff/manual/_static/ > -share/doc/tiff/manual/_static/_sphinx_javascript_frameworks_compat.js > share/doc/tiff/manual/_static/basic.css > share/doc/tiff/manual/_static/contents.png > share/doc/tiff/manual/_static/doctools.js > share/doc/tiff/manual/_static/documentation_options.js > share/doc/tiff/manual/_static/file.png > -share/doc/tiff/manual/_static/jquery-3.6.0.js > -share/doc/tiff/manual/_static/jquery.js > share/doc/tiff/manual/_static/language_data.js > share/doc/tiff/manual/_static/minus.png > share/doc/tiff/manual/_static/navigation.png > @@ -312,8 +311,6 @@ share/doc/tiff/manual/_static/pygments.c > share/doc/tiff/manual/_static/searchtools.js > share/doc/tiff/manual/_static/sphinx_highlight.js > share/doc/tiff/manual/_static/sphinxdoc.css > -share/doc/tiff/manual/_static/underscore-1.13.1.js > -share/doc/tiff/manual/_static/underscore.js > share/doc/tiff/manual/addingtags.html > share/doc/tiff/manual/build.html > share/doc/tiff/manual/contrib.html > @@ -383,6 +380,7 @@ share/doc/tiff/manual/images.html > share/doc/tiff/manual/index.html > share/doc/tiff/manual/internals.html > share/doc/tiff/manual/libtiff.html > +share/doc/tiff/manual/multi_page.html > share/doc/tiff/manual/objects.inv > share/doc/tiff/manual/project/ > share/doc/tiff/manual/project/acknowledgements.html > @@ -449,6 +447,7 @@ share/doc/tiff/manual/releases/v4.2.0.ht > share/doc/tiff/manual/releases/v4.3.0.html > share/doc/tiff/manual/releases/v4.4.0.html > share/doc/tiff/manual/releases/v4.5.0.html > +share/doc/tiff/manual/releases/v4.5.1.html > share/doc/tiff/manual/search.html > share/doc/tiff/manual/searchindex.js > share/doc/tiff/manual/specification/ >
