Merge pull request #64380 from risicle/ris-graphicsmagick-1-3-32

graphicsmagick: 1.3.31 -> 1.3.32, security release
This commit is contained in:
Graham Christensen 2019-07-06 10:05:59 -04:00 committed by GitHub
commit aa2a7e49b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 45 additions and 2 deletions

View File

@ -0,0 +1,42 @@
# reduced version of commit f30492f40f78d867b43422215057dd21de4ba447
# from upstream hg repository:
RegisterPNGImage(): Pass correct size value to strlcat().
diff -r 95c4711e8bee -r f30492f40f78 coders/png.c
--- a/coders/png.c Mon Jun 17 07:24:30 2019 -0500
+++ b/coders/png.c Mon Jun 17 18:54:43 2019 -0500
@@ -6427,26 +6427,26 @@
*version='\0';
#if defined(PNG_LIBPNG_VER_STRING)
- (void) strlcat(version,"libpng ",MaxTextExtent);
- (void) strlcat(version,PNG_LIBPNG_VER_STRING,MaxTextExtent);
+ (void) strlcat(version,"libpng ",sizeof(version));
+ (void) strlcat(version,PNG_LIBPNG_VER_STRING,sizeof(version));
#if (PNG_LIBPNG_VER > 10005)
if (LocaleCompare(PNG_LIBPNG_VER_STRING,png_get_header_ver(NULL)) != 0)
{
- (void) strlcat(version,",",MaxTextExtent);
- (void) strlcat(version,png_get_libpng_ver(NULL),MaxTextExtent);
+ (void) strlcat(version,",",sizeof(version));
+ (void) strlcat(version,png_get_libpng_ver(NULL),sizeof(version));
}
#endif
#endif
#if defined(ZLIB_VERSION)
if (*version != '\0')
- (void) strlcat(version,", ",MaxTextExtent);
- (void) strlcat(version,"zlib ",MaxTextExtent);
- (void) strlcat(version,ZLIB_VERSION,MaxTextExtent);
+ (void) strlcat(version,", ",sizeof(version));
+ (void) strlcat(version,"zlib ",sizeof(version));
+ (void) strlcat(version,ZLIB_VERSION,sizeof(version));
if (LocaleCompare(ZLIB_VERSION,zlib_version) != 0)
{
- (void) strlcat(version,",",MaxTextExtent);
- (void) strlcat(version,zlib_version,MaxTextExtent);
+ (void) strlcat(version,",",sizeof(version));
+ (void) strlcat(version,zlib_version,sizeof(version));
}
#endif

View File

@ -4,15 +4,16 @@
stdenv.mkDerivation rec {
name = "graphicsmagick-${version}";
version = "1.3.31";
version = "1.3.32";
src = fetchurl {
url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
sha256 = "0y22740f25qxsqqqg26xqlfp920dm57b7hrgaqmx7azksrcvnsq9";
sha256 = "1qclp9i31idpcbbqswmnq2q11lmv0a7cvdb1y72xcky8sshaahmq";
};
patches = [
./disable-popen.patch
./1.3.32-darwin-png-strlcat-fix.patch
];
configureFlags = [