user/libgd: [CVE] bump to 2.3.0

author: Max Rees <maxcrees@me.com> 2020-03-29 03:26:16 -0500
committer: Max Rees <maxcrees@me.com> 2020-04-05 12:22:26 +0000
commit: 7f8d4d642ad643f553e0fe74c0d48d59c81d178c (patch)
tree: 8a9062070516fe4e6b36e700133b50d0788bc531 /user/libgd
parent: 6b46644d45aa93ed99163a89a4b401b6b23daa77 (diff)
download: packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.tar.gz
packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.tar.bz2
packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.tar.xz
packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.zip
7 files changed, 12 insertions, 526 deletions
diff --git a/user/libgd/APKBUILD b/user/libgd/APKBUILD
index 2a537dfca..c5da3861e 100644
--- a/user/libgd/APKBUILD
+++ b/user/libgd/APKBUILD
@@ -1,27 +1,24 @@
 # Contributor: Carlo Landmeter <clandmeter@gmail.com>
 # Maintainer: 
 pkgname=libgd
-pkgver=2.2.5
-pkgrel=2
+pkgver=2.3.0
+pkgrel=0
 pkgdesc="Library for dynamic image creation"
 url="http://libgd.github.io/"
 arch="all"
-options="!check"  # Upstream bug 201 regression.
+options="!check"  # Multiple test suite failures. Assumes SSE+ math.
 license="MIT"
 depends=""
 makedepends="autoconf automake bash fontconfig-dev freetype-dev
 	libjpeg-turbo-dev libpng-dev libtool libwebp-dev tiff-dev zlib-dev
 	"
+# While the fontconfig/basic test checks for what happens if an empty
+# fontlist is passed to gdImageStringFT(), there still needs to be at
+# least one font installed on the system...
+checkdepends="ttf-liberation"
 subpackages="$pkgname-dev"
 replaces="gd"
-source="https://github.com/$pkgname/$pkgname/releases/download/gd-$pkgver/$pkgname-$pkgver.tar.xz
-	CVE-2016-7568.patch
-	CVE-2018-5711.patch
-	CVE-2018-14553.patch
-	CVE-2018-1000222.patch
-	CVE-2019-6977.patch
-	CVE-2019-6978.patch
-	"
+source="https://github.com/$pkgname/$pkgname/releases/download/gd-$pkgver/$pkgname-$pkgver.tar.xz"
 
 # secfixes:
 #   2.2.5-r1:
@@ -31,11 +28,8 @@ source="https://github.com/$pkgname/$pkgname/releases/download/gd-$pkgver/$pkgna
 #     - CVE-2019-6978
 #   2.2.5-r2:
 #     - CVE-2018-14553
-
-prepare() {
-	default_prepare
-	autoreconf -vif
-}
+#   2.3.0-r0:
+#     - CVE-2019-11038
 
 build() {
 	./configure \
@@ -61,13 +55,8 @@ dev() {
 	default_dev
 	depends="$pkgname perl"
 	replaces="gd-dev"
+	mkdir -p "$subpkgdir"/usr/bin
 	mv "$pkgdir"/usr/bin/bdftogd "$subpkgdir"/usr/bin
 }
 
-sha512sums="e4598e17a277a75e02255402182cab139cb3f2cffcd68ec05cc10bbeaf6bc7aa39162c3445cd4a7efc1a26b72b9152bbedb187351e3ed099ea51767319997a6b  libgd-2.2.5.tar.xz
-8310d11a2398e8617c9defc4500b9ce3897ac1026002ffa36000f1d1f8df19336005e8c1f6587533f1d787a4a54d7a3a28ad25bddbc966a018aedf4d8704a716  CVE-2016-7568.patch
-d6577566814cbe2d93b141a4216b32acdeb2989dc1712eb137565081b913151bbb4c69911c96b2bb7c90695078a85152d368aad183de494d1283fde25021751b  CVE-2018-5711.patch
-353491fab6c6e0916dca910c9d14f0e0efab6d9d88c48f6f3f2f69e60312489039b25d26980e7c5c2c04ed9e56003b99eae77bd412fbbed1d8eb47d561f7af74  CVE-2018-14553.patch
-d12462f1b159d50b9032435e9767a5d76e1797a88be950ed33dda7aa17005b7cb60560d04b9520e46d8111e1669d42ce28cb2c508f9c8825d545ac0335d2a10b  CVE-2018-1000222.patch
-df84e469515f684d79ebad163e137401627310a984ac1ae6a4d31b739b3dc6d9144f101e9bfc3211af1d7cdbaa827721d21a9fe528e69b9b60a943ec8a7ab74b  CVE-2019-6977.patch
-3bf31941365a878bef899afa14a89e4ad0fbfb3280d34b2118c8484698e15eff600751ae3ce146a4f006e6c21730cb18899bae3538f6cc2651025274b40cf1ca  CVE-2019-6978.patch"
+sha512sums="5b201d22560e147a3d5471010b898ad0268c3a2453b870d1267b6ba92e540cf9f75099336c1ab08217e41827ac86fe04525726bf29ad117e5dcbaef9a8d0622a  libgd-2.3.0.tar.xz"
diff --git a/user/libgd/CVE-2016-7568.patch b/user/libgd/CVE-2016-7568.patch
deleted file mode 100644
index 56156411e..000000000
--- a/user/libgd/CVE-2016-7568.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 2806adfdc27a94d333199345394d7c302952b95f Mon Sep 17 00:00:00 2001
-From: trylab <trylab@users.noreply.github.com>
-Date: Tue, 6 Sep 2016 18:35:32 +0800
-Subject: [PATCH] Fix integer overflow in gdImageWebpCtx
-
-Integer overflow can be happened in expression gdImageSX(im) * 4 *
-gdImageSY(im). It could lead to heap buffer overflow in the following
-code. This issue has been reported to the PHP Bug Tracking System. The
-proof-of-concept file will be supplied some days later. This issue was
-discovered by Ke Liu of Tencent's Xuanwu LAB.
----
- src/gd_webp.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/gd_webp.c b/src/gd_webp.c
-index 8eb4dee..9886399 100644
---- a/src/gd_webp.c
-+++ b/src/gd_webp.c
-@@ -199,6 +199,14 @@ BGD_DECLARE(void) gdImageWebpCtx (gdImagePtr im, gdIOCtx * outfile, int quality)
- 		quality = 80;
- 	}
- 
-+	if (overflow2(gdImageSX(im), 4)) {
-+		return;
-+	}
-+
-+	if (overflow2(gdImageSX(im) * 4, gdImageSY(im))) {
-+		return;
-+	}
-+
- 	argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im));
- 	if (!argb) {
- 		return;
diff --git a/user/libgd/CVE-2018-1000222.patch b/user/libgd/CVE-2018-1000222.patch
deleted file mode 100644
index 80f9712bf..000000000
--- a/user/libgd/CVE-2018-1000222.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Sat, 14 Jul 2018 13:54:08 -0400
-Subject: [PATCH] bmp: check return value in gdImageBmpPtr
-
-Closes #447.
----
- src/gd_bmp.c | 17 ++++++++++++++---
- 1 file changed, 14 insertions(+), 3 deletions(-)
-
-diff --git a/src/gd_bmp.c b/src/gd_bmp.c
-index bde0b9d3..78f40d9a 100644
---- a/src/gd_bmp.c
-+++ b/src/gd_bmp.c
-@@ -47,6 +47,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp
- static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header);
- static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info);
- 
-+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression);
-+
- #define BMP_DEBUG(s)
- 
- static int gdBMPPutWord(gdIOCtx *out, int w)
-@@ -87,8 +89,10 @@ BGD_DECLARE(void *) gdImageBmpPtr(gdImagePtr im, int *size, int compression)
- 	void *rv;
- 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
- 	if (out == NULL) return NULL;
--	gdImageBmpCtx(im, out, compression);
--	rv = gdDPExtractData(out, size);
-+	if (!_gdImageBmpCtx(im, out, compression))
-+		rv = gdDPExtractData(out, size);
-+	else
-+		rv = NULL;
- 	out->gd_free(out);
- 	return rv;
- }
-@@ -141,6 +145,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression)
- 		compression - whether to apply RLE or not.
- */
- BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
-+{
-+	_gdImageBmpCtx(im, out, compression);
-+}
-+
-+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
- {
- 	int bitmap_size = 0, info_size, total_size, padding;
- 	int i, row, xpos, pixel;
-@@ -148,6 +157,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
- 	unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL;
- 	FILE *tmpfile_for_compression = NULL;
- 	gdIOCtxPtr out_original = NULL;
-+	int ret = 1;
- 
- 	/* No compression if its true colour or we don't support seek */
- 	if (im->trueColor) {
-@@ -325,6 +335,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
- 		out_original = NULL;
- 	}
- 
-+	ret = 0;
- cleanup:
- 	if (tmpfile_for_compression) {
- #ifdef _WIN32
-@@ -338,7 +349,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
- 	if (out_original) {
- 		out_original->gd_free(out_original);
- 	}
--	return;
-+	return ret;
- }
- 
- static int compress_row(unsigned char *row, int length)
diff --git a/user/libgd/CVE-2018-14553.patch b/user/libgd/CVE-2018-14553.patch
deleted file mode 100644
index 7510101d1..000000000
--- a/user/libgd/CVE-2018-14553.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From a93eac0e843148dc2d631c3ba80af17e9c8c860f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?F=C3=A1bio=20Cabral=20Pacheco?= <fcabralpacheco@gmail.com>
-Date: Fri, 20 Dec 2019 12:03:33 -0300
-Subject: [PATCH] Fix potential NULL pointer dereference in gdImageClone()
-
----
- src/gd.c                          |  9 +--------
- tests/gdimageclone/CMakeLists.txt |  1 +
- tests/gdimageclone/Makemodule.am  |  3 ++-
- tests/gdimageclone/style.c        | 30 ++++++++++++++++++++++++++++++
- 5 files changed, 35 insertions(+), 9 deletions(-)
- create mode 100644 tests/gdimageclone/style.c
-
-diff --git a/src/gd.c b/src/gd.c
-index 592a0286..d564d1f9 100644
---- a/src/gd.c
-+++ b/src/gd.c
-@@ -2865,14 +2865,6 @@ BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
- 		}
- 	}
- 
--	if (src->styleLength > 0) {
--		dst->styleLength = src->styleLength;
--		dst->stylePos    = src->stylePos;
--		for (i = 0; i < src->styleLength; i++) {
--			dst->style[i] = src->style[i];
--		}
--	}
--
- 	dst->interlace   = src->interlace;
- 
- 	dst->alphaBlendingFlag = src->alphaBlendingFlag;
-@@ -2907,6 +2899,7 @@ BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
- 
- 	if (src->style) {
- 		gdImageSetStyle(dst, src->style, src->styleLength);
-+		dst->stylePos = src->stylePos;
- 	}
- 
- 	for (i = 0; i < gdMaxColors; i++) {
-diff --git a/tests/gdimageclone/CMakeLists.txt b/tests/gdimageclone/CMakeLists.txt
-index e6ccc318..662f4e96 100644
---- a/tests/gdimageclone/CMakeLists.txt
-+++ b/tests/gdimageclone/CMakeLists.txt
-@@ -1,5 +1,6 @@
- LIST(APPEND TESTS_FILES
- 	bug00300
-+	style
- )
- 
- ADD_GD_TESTS()
-diff --git a/tests/gdimageclone/Makemodule.am b/tests/gdimageclone/Makemodule.am
-index 4b1b54c0..51abf5c1 100644
---- a/tests/gdimageclone/Makemodule.am
-+++ b/tests/gdimageclone/Makemodule.am
-@@ -1,5 +1,6 @@
- libgd_test_programs += \
--	gdimageclone/bug00300
-+	gdimageclone/bug00300 \
-+	gdimageclone/style
- 
- EXTRA_DIST += \
- 	gdimageclone/CMakeLists.txt
-diff --git a/tests/gdimageclone/style.c b/tests/gdimageclone/style.c
-new file mode 100644
-index 00000000..c2b246ed
---- /dev/null
-+++ b/tests/gdimageclone/style.c
-@@ -0,0 +1,30 @@
-+/**
-+ * Cloning an image should exactly reproduce all style related data
-+ */
-+
-+
-+#include <string.h>
-+#include "gd.h"
-+#include "gdtest.h"
-+
-+
-+int main()
-+{
-+    gdImagePtr im, clone;
-+    int style[] = {0, 0, 0};
-+
-+    im = gdImageCreate(8, 8);
-+    gdImageSetStyle(im, style, sizeof(style)/sizeof(style[0]));
-+
-+    clone = gdImageClone(im);
-+    gdTestAssert(clone != NULL);
-+
-+    gdTestAssert(clone->styleLength == im->styleLength);
-+    gdTestAssert(clone->stylePos == im->stylePos);
-+    gdTestAssert(!memcmp(clone->style, im->style, sizeof(style)/sizeof(style[0])));
-+
-+    gdImageDestroy(clone);
-+    gdImageDestroy(im);
-+
-+    return gdNumFailures();
-+}
diff --git a/user/libgd/CVE-2018-5711.patch b/user/libgd/CVE-2018-5711.patch
deleted file mode 100644
index dff2b9ea2..000000000
--- a/user/libgd/CVE-2018-5711.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From a11f47475e6443b7f32d21f2271f28f417e2ac04 Mon Sep 17 00:00:00 2001
-From: "Christoph M. Becker" <cmbecker69@gmx.de>
-Date: Wed, 29 Nov 2017 19:37:38 +0100
-Subject: [PATCH] Fix #420: Potential infinite loop in gdImageCreateFromGifCtx
-
-Due to a signedness confusion in `GetCode_` a corrupt GIF file can
-trigger an infinite loop.  Furthermore we make sure that a GIF without
-any palette entries is treated as invalid *after* open palette entries
-have been removed.
-
-CVE-2018-5711
-
-See also https://bugs.php.net/bug.php?id=75571.
----
- src/gd_gif_in.c             |  12 ++++++------
- tests/gif/.gitignore        |   1 +
- tests/gif/CMakeLists.txt    |   1 +
- tests/gif/Makemodule.am     |   2 ++
- tests/gif/php_bug_75571.c   |  28 ++++++++++++++++++++++++++++
- tests/gif/php_bug_75571.gif | Bin 0 -> 1731 bytes
- 6 files changed, 38 insertions(+), 6 deletions(-)
- create mode 100644 tests/gif/php_bug_75571.c
- create mode 100644 tests/gif/php_bug_75571.gif
-
-diff --git a/src/gd_gif_in.c b/src/gd_gif_in.c
-index daf26e79..0a8bd717 100644
---- a/src/gd_gif_in.c
-+++ b/src/gd_gif_in.c
-@@ -335,11 +335,6 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGifCtx(gdIOCtxPtr fd)
- 		return 0;
- 	}
- 
--	if(!im->colorsTotal) {
--		gdImageDestroy(im);
--		return 0;
--	}
--
- 	/* Check for open colors at the end, so
- 	 * we can reduce colorsTotal and ultimately
- 	 * BitsPerPixel */
-@@ -351,6 +346,11 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGifCtx(gdIOCtxPtr fd)
- 		}
- 	}
- 
-+	if(!im->colorsTotal) {
-+		gdImageDestroy(im);
-+		return 0;
-+	}
-+
- 	return im;
- }
- 
-@@ -447,7 +447,7 @@ static int
- GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroDataBlockP)
- {
- 	int i, j, ret;
--	unsigned char count;
-+	int count;
- 
- 	if(flag) {
- 		scd->curbit = 0;
diff --git a/user/libgd/CVE-2019-6977.patch b/user/libgd/CVE-2019-6977.patch
deleted file mode 100644
index 4cfb9ab98..000000000
--- a/user/libgd/CVE-2019-6977.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Bug: https://bts.adelielinux.org/show_bug.cgi?id=159
-Backported-From: http://git.php.net/?p=php-src.git;a=commit;h=7a12dad4dd6c370835b13afae214b240082c7538
-Author: A. Wilcox <awilfox@adelielinux.org>
-Bug: https://bugs.php.net/bug.php?id=77270
-Author: Christoph M. Becker <cmbecker69@gmx.de>
-Committer: Stanislav Malyshev <stas@php.net>
-Upstream-Status: unknown
-
---- libgd-2.2.5/src/gd_color_match.c.old	2017-08-30 11:05:54.000000000 +0000
-+++ libgd-2.2.5/src/gd_color_match.c	2019-10-03 16:17:55.842322245 +0000
-@@ -31,8 +31,8 @@
- 		return -4; /* At least 1 color must be allocated */
- 	}
- 
--	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * im2->colorsTotal);
--	memset (buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal );
-+	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * gdMaxColors);
-+	memset( buf, 0, sizeof(unsigned long) * 5 * gdMaxColors );
- 
- 	for (x=0; x < im1->sx; x++) {
- 		for( y=0; y<im1->sy; y++ ) {
diff --git a/user/libgd/CVE-2019-6978.patch b/user/libgd/CVE-2019-6978.patch
deleted file mode 100644
index 0cfdda919..000000000
--- a/user/libgd/CVE-2019-6978.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-From 553702980ae89c83f2d6e254d62cf82e204956d0 Mon Sep 17 00:00:00 2001
-From: "Christoph M. Becker" <cmbecker69@gmx.de>
-Date: Thu, 17 Jan 2019 11:54:55 +0100
-Subject: [PATCH] Fix #492: Potential double-free in gdImage*Ptr()
-
-Whenever `gdImage*Ptr()` calls `gdImage*Ctx()` and the latter fails, we
-must not call `gdDPExtractData()`; otherwise a double-free would
-happen.  Since `gdImage*Ctx()` are void functions, and we can't change
-that for BC reasons, we're introducing static helpers which are used
-internally.
-
-We're adding a regression test for `gdImageJpegPtr()`, but not for
-`gdImageGifPtr()` and `gdImageWbmpPtr()` since we don't know how to
-trigger failure of the respective `gdImage*Ctx()` calls.
-
-This potential security issue has been reported by Solmaz Salimi (aka.
-Rooney).
----
- src/gd_gif_out.c                  | 18 +++++++++++++++---
- src/gd_jpeg.c                     | 20 ++++++++++++++++----
- src/gd_wbmp.c                     | 21 ++++++++++++++++++---
- tests/jpeg/.gitignore             |  1 +
- tests/jpeg/CMakeLists.txt         |  1 +
- tests/jpeg/Makemodule.am          |  3 ++-
- tests/jpeg/jpeg_ptr_double_free.c | 31 +++++++++++++++++++++++++++++++
- 7 files changed, 84 insertions(+), 11 deletions(-)
- create mode 100644 tests/jpeg/jpeg_ptr_double_free.c
-
-diff --git a/src/gd_gif_out.c b/src/gd_gif_out.c
-index 298a5812..d5a95346 100644
---- a/src/gd_gif_out.c
-+++ b/src/gd_gif_out.c
-@@ -99,6 +99,7 @@ static void char_init(GifCtx *ctx);
- static void char_out(int c, GifCtx *ctx);
- static void flush_char(GifCtx *ctx);
- 
-+static int _gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out);
- 
- 
- 
-@@ -131,8 +132,11 @@ BGD_DECLARE(void *) gdImageGifPtr(gdImagePtr im, int *size)
- 	void *rv;
- 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
- 	if (out == NULL) return NULL;
--	gdImageGifCtx(im, out);
--	rv = gdDPExtractData(out, size);
-+	if (!_gdImageGifCtx(im, out)) {
-+		rv = gdDPExtractData(out, size);
-+	} else {
-+		rv = NULL;
-+	}
- 	out->gd_free(out);
- 	return rv;
- }
-@@ -220,6 +224,12 @@ BGD_DECLARE(void) gdImageGif(gdImagePtr im, FILE *outFile)
- 
- */
- BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
-+{
-+	_gdImageGifCtx(im, out);
-+}
-+
-+/* returns 0 on success, 1 on failure */
-+static int _gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
- {
- 	gdImagePtr pim = 0, tim = im;
- 	int interlace, BitsPerPixel;
-@@ -231,7 +241,7 @@ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
- 		based temporary image. */
- 		pim = gdImageCreatePaletteFromTrueColor(im, 1, 256);
- 		if(!pim) {
--			return;
-+			return 1;
- 		}
- 		tim = pim;
- 	}
-@@ -247,6 +257,8 @@ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
- 		/* Destroy palette based temporary image. */
- 		gdImageDestroy(	pim);
- 	}
-+
-+	return 0;
- }
- 
- 
-diff --git a/src/gd_jpeg.c b/src/gd_jpeg.c
-index fc058420..96ef4302 100644
---- a/src/gd_jpeg.c
-+++ b/src/gd_jpeg.c
-@@ -123,6 +123,8 @@ static void fatal_jpeg_error(j_common_ptr cinfo)
- 	exit(99);
- }
- 
-+static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality);
-+
- /*
-  * Write IM to OUTFILE as a JFIF-formatted JPEG image, using quality
-  * QUALITY.  If QUALITY is in the range 0-100, increasing values
-@@ -237,8 +239,11 @@ BGD_DECLARE(void *) gdImageJpegPtr(gdImagePtr im, int *size, int quality)
- 	void *rv;
- 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
- 	if (out == NULL) return NULL;
--	gdImageJpegCtx(im, out, quality);
--	rv = gdDPExtractData(out, size);
-+	if (!_gdImageJpegCtx(im, out, quality)) {
-+		rv = gdDPExtractData(out, size);
-+	} else {
-+		rv = NULL;
-+	}
- 	out->gd_free(out);
- 	return rv;
- }
-@@ -259,6 +264,12 @@ void jpeg_gdIOCtx_dest(j_compress_ptr cinfo, gdIOCtx *outfile);
- 
- */
- BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
-+{
-+	_gdImageJpegCtx(im, outfile, quality);
-+}
-+
-+/* returns 0 on success, 1 on failure */
-+static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
- {
- 	struct jpeg_compress_struct cinfo;
- 	struct jpeg_error_mgr jerr;
-@@ -293,7 +304,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
- 		if(row) {
- 			gdFree(row);
- 		}
--		return;
-+		return 1;
- 	}
- 
- 	cinfo.err->emit_message = jpeg_emit_message;
-@@ -334,7 +345,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
- 	if(row == 0) {
- 		gd_error("gd-jpeg: error: unable to allocate JPEG row structure: gdCalloc returns NULL\n");
- 		jpeg_destroy_compress(&cinfo);
--		return;
-+		return 1;
- 	}
- 
- 	rowptr[0] = row;
-@@ -411,6 +424,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
- 	jpeg_finish_compress(&cinfo);
- 	jpeg_destroy_compress(&cinfo);
- 	gdFree(row);
-+	return 0;
- }
- 
- 
-diff --git a/src/gd_wbmp.c b/src/gd_wbmp.c
-index f19a1c96..a49bdbec 100644
---- a/src/gd_wbmp.c
-+++ b/src/gd_wbmp.c
-@@ -88,6 +88,8 @@ int gd_getin(void *in)
- 	return (gdGetC((gdIOCtx *)in));
- }
- 
-+static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out);
-+
- /*
- 	Function: gdImageWBMPCtx
- 
-@@ -100,6 +102,12 @@ int gd_getin(void *in)
- 		out   - the stream where to write
- */
- BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
-+{
-+	_gdImageWBMPCtx(image, fg, out);
-+}
-+
-+/* returns 0 on success, 1 on failure */
-+static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
- {
- 	int x, y, pos;
- 	Wbmp *wbmp;
-@@ -107,7 +115,7 @@ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
- 	/* create the WBMP */
- 	if((wbmp = createwbmp(gdImageSX(image), gdImageSY(image), WBMP_WHITE)) == NULL) {
- 		gd_error("Could not create WBMP\n");
--		return;
-+		return 1;
- 	}
- 
- 	/* fill up the WBMP structure */
-@@ -123,11 +131,15 @@ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
- 
- 	/* write the WBMP to a gd file descriptor */
- 	if(writewbmp(wbmp, &gd_putout, out)) {
-+		freewbmp(wbmp);
- 		gd_error("Could not save WBMP\n");
-+		return 1;
- 	}
- 
- 	/* des submitted this bugfix: gdFree the memory. */
- 	freewbmp(wbmp);
-+
-+	return 0;
- }
- 
- /*
-@@ -271,8 +283,11 @@ BGD_DECLARE(void *) gdImageWBMPPtr(gdImagePtr im, int *size, int fg)
- 	void *rv;
- 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
- 	if (out == NULL) return NULL;
--	gdImageWBMPCtx(im, fg, out);
--	rv = gdDPExtractData(out, size);
-+	if (!_gdImageWBMPCtx(im, fg, out)) {
-+		rv = gdDPExtractData(out, size);
-+	} else {
-+		rv = NULL;
-+	}
- 	out->gd_free(out);
- 	return rv;
- }
author	Max Rees <maxcrees@me.com>	2020-03-29 03:26:16 -0500
committer	Max Rees <maxcrees@me.com>	2020-04-05 12:22:26 +0000
commit	7f8d4d642ad643f553e0fe74c0d48d59c81d178c (patch)
tree	8a9062070516fe4e6b36e700133b50d0788bc531 /user/libgd
parent	6b46644d45aa93ed99163a89a4b401b6b23daa77 (diff)
download	packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.tar.gz packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.tar.bz2 packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.tar.xz packages-7f8d4d642ad643f553e0fe74c0d48d59c81d178c.zip