On 24 October 2014 13:08, Jason Tubnor <ja...@tubnor.net> wrote: > > > Thoughts / OK / Commit ? > > ---------------------- > > -DISTNAME= gif2png-2.5.2 > +DISTNAME= gif2png-2.5.9 > REVISION= 1
As suggested to me, REVISION needed to be removed. Below is the new diff with this removed: ----------------------- Index: Makefile =================================================================== RCS file: /cvs/ports/graphics/gif2png/Makefile,v retrieving revision 1.42 diff -u -p -u -p -r1.42 Makefile --- Makefile 3 Jun 2013 02:46:57 -0000 1.42 +++ Makefile 25 Oct 2014 06:42:23 -0000 @@ -1,9 +1,8 @@ -# $OpenBSD: Makefile,v 1.42 2013/06/03 02:46:57 naddy Exp $ +# $OpenBSD: Makefile,v 1.43 2014/10/24 10:26:56 naddy Exp $ COMMENT= converts GIF images to the PNG format -DISTNAME= gif2png-2.5.2 -REVISION= 1 +DISTNAME= gif2png-2.5.9 CATEGORIES= graphics HOMEPAGE= http://www.catb.org/~esr/gif2png/ Index: distinfo =================================================================== RCS file: /cvs/ports/graphics/gif2png/distinfo,v retrieving revision 1.7 diff -u -p -u -p -r1.7 distinfo --- distinfo 17 Oct 2010 06:51:48 -0000 1.7 +++ distinfo 25 Oct 2014 06:42:23 -0000 @@ -1,5 +1,2 @@ -MD5 (gif2png-2.5.2.tar.gz) = IgCEHwJ8hIHEuFGdq/dFsA== -RMD160 (gif2png-2.5.2.tar.gz) = o2GxivI+WbcxIa4loVW1T7YusUo= -SHA1 (gif2png-2.5.2.tar.gz) = Dp5m1nKP5+Lc3mGtDjmKYIlJRrM= -SHA256 (gif2png-2.5.2.tar.gz) = wbQGatN83LhoHOzt1j2u2MtcgnNE2kZScPMkvBL/Ptc= -SIZE (gif2png-2.5.2.tar.gz) = 171740 +SHA256 (gif2png-2.5.9.tar.gz) = yEBrfAwI9QSVKhcZ4E8jZu5EyIjA7frDpj/qKrBbZMc= +SIZE (gif2png-2.5.9.tar.gz) = 137750 cvs server: Diffing files cvs server: Diffing patches Index: patches/patch-gif2png_c =================================================================== RCS file: /cvs/ports/graphics/gif2png/patches/patch-gif2png_c,v retrieving revision 1.2 diff -u -p -u -p -r1.2 patch-gif2png_c --- patches/patch-gif2png_c 8 Jul 2011 20:36:09 -0000 1.2 +++ patches/patch-gif2png_c 25 Oct 2014 06:42:23 -0000 @@ -1,36 +1,6 @@ -$OpenBSD: patch-gif2png_c,v 1.2 2011/07/08 20:36:09 naddy Exp $ - -Fixes cmdline buffer overflow described in - -http://lists.grok.org.uk/pipermail/full-disclosure/2009-December/072002.html -http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978 - -From: http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup - -Fix build with png-1.5. - ---- gif2png.c.orig Wed Nov 11 13:28:02 2009 -+++ gif2png.c Wed Jul 6 17:39:37 2011 -@@ -10,6 +10,7 @@ - #include <string.h> - #include <stdlib.h> - #include <unistd.h> /* for isatty() */ -+#include <zlib.h> - - #if !defined(TRUE) - #define FALSE 0 -@@ -120,8 +121,8 @@ int writefile(struct GIFelement *s,struct GIFelement * - int colors_used = 0; - byte remap[MAXCMSIZE]; - int low_prec; -- png_struct *png_ptr = xalloc(sizeof (png_struct)); -- png_info *info_ptr = xalloc(sizeof (png_info)); -+ png_struct *png_ptr; -+ png_info *info_ptr; - int p; - int gray_bitdepth; - png_color pal_rgb[MAXCMSIZE], *pltep; -@@ -136,6 +137,19 @@ int writefile(struct GIFelement *s,struct GIFelement * +--- gif2png.c.orig Fri Mar 9 16:08:27 2012 ++++ gif2png.c Fri Oct 24 11:58:55 2014 +@@ -140,6 +140,19 @@ static int writefile(struct GIFelement *s, struct GIFe png_text software; png_text comment; @@ -49,30 +19,44 @@ Fix build with png-1.5. + /* these volatile declarations prevent gcc warnings ("variable might be * clobbered by `longjmp' or `vfork'") */ - volatile int gray = TRUE; -@@ -682,7 +696,10 @@ int processfile(char *fname, FILE *fp) + volatile bool gray = true; +@@ -751,7 +764,7 @@ static int processfile(char *fname, FILE *fp) - strcpy(outname, fname); + /* create output filename */ -- file_ext = outname+strlen(outname)-4; -+ file_ext = outname+strlen(outname); -+ if (file_ext >= outname + 4) -+ file_ext -= 4; -+ - if (strcmp(file_ext, ".gif") != 0 && strcmp(file_ext, ".GIF") != 0 && - strcmp(file_ext, "_gif") != 0 && strcmp(file_ext, "_GIF") != 0) { - /* try to derive basename */ -@@ -874,6 +891,13 @@ int main(int argc, char *argv[]) +- (void)strcpy(outname, fname); ++ (void)strlcpy(outname, fname, strlen(fname)+1); + + file_ext = outname+strlen(outname); + if (file_ext >= outname + 4) +@@ -771,7 +784,7 @@ static int processfile(char *fname, FILE *fp) } - } else { - for (i = ac;i<argc; i++) { -+ /* make sure that there is enough space for a '.p<NUM>' suffix; -+ this check catches also the '.gif' case below. */ -+ if (strlen(argv[i]) >= sizeof name - sizeof ".p" - 3 * sizeof(int)) { -+ fprintf(stderr, "%s: name too long\n", argv[i]); -+ errors = 1; -+ continue; -+ } - strcpy(name, argv[i]); + } + +- (void)strcpy(file_ext, ".png"); /* images are named .png, .p01, .p02, ... */ ++ (void)strlcpy(file_ext, ".png", 5); /* images are named .png, .p01, .p02, ... */ + + start = NULL; + +@@ -802,7 +815,7 @@ static int processfile(char *fname, FILE *fp) + ++numpngs; + start = NULL; + /*@-bufferoverflowhigh*/ +- (void)sprintf(file_ext, ".p%02d", i); ++ (void)snprintf(file_ext, 5, ".p%02d", i); + /*@=bufferoverflowhigh*/ + } + } +@@ -972,10 +985,10 @@ int main(int argc, char *argv[]) + continue; + } + +- (void)strcpy(name, argv[i]); ++ (void)strlcpy(name, argv[i], strlen(argv[i])+1); if ((fp = fopen(name, "rb")) == NULL) { /* retry with .gif appended */ +- (void)strcat(name, ".gif"); ++ (void)strlcat(name, ".gif", 5); + fp = fopen(name,"rb"); + } + if (fp == NULL) {
