diff --git a/srcpkgs/aspell-de/template b/srcpkgs/aspell-de/template new file mode 100644 index 00000000000..82e4768add2 --- /dev/null +++ b/srcpkgs/aspell-de/template @@ -0,0 +1,15 @@ +# Template file for 'aspell-de' +pkgname=aspell-de +version=20030222 +revision=1 +noarch=yes +wrksrc="aspell6-de-${version}-1" +build_style=configure +hostmakedepends="which" +makedepends="aspell-devel" +short_desc="German dictionary for aspell" +homepage="http://aspell.net/" +license="GPL-2" +maintainer="Christian Neukirchen " +distfiles="${GNU_SITE}/aspell/dict/de/aspell6-de-${version}-1.tar.bz2" +checksum=ba6c94e11bc2e0e6e43ce0f7822c5bba5ca5ac77129ef90c190b33632416e906 diff --git a/srcpkgs/autocutsel/template b/srcpkgs/autocutsel/template new file mode 100644 index 00000000000..5ad6827555a --- /dev/null +++ b/srcpkgs/autocutsel/template @@ -0,0 +1,12 @@ +# Template file for 'autocutsel' +pkgname=autocutsel +version=0.10.0 +revision=1 +build_style=gnu-configure +makedepends="libXaw-devel" +short_desc="Synchronize the two copy/paste buffers used by X applications" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="https://github.com/sigmike/autocutsel" +distfiles="https://github.com/sigmike/autocutsel/releases/download/$version/autocutsel-$version.tar.gz" +checksum=a2376330aa1a65f36621595a5a4eb5c2cabc16854b69d66c285f11f89bd05e3f diff --git a/srcpkgs/cloc/template b/srcpkgs/cloc/template new file mode 100644 index 00000000000..5a214f1b6bd --- /dev/null +++ b/srcpkgs/cloc/template @@ -0,0 +1,19 @@ +# Template file for 'cloc' +pkgname=cloc +version=1.60 +revision=1 +wrksrc=$pkgname +create_wrksrc=yes +noarch=yes +short_desc="Count Lines of Code" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://cloc.sourceforge.net" +distfiles="${SOURCEFORGE_SITE}/$pkgname/$pkgname/v$version/$pkgname-$version.pl" +skip_extraction="$pkgname-$version.pl" +checksum=4aa870bef104fd2b8f03c667ef8be2cd671cdf59f46c72046c43ed14e222a05c + +do_install() { + cp ${XBPS_SRCDISTDIR}/${pkgname}-${version}/${pkgname}-${version}.pl cloc + vinstall cloc 755 usr/bin +} diff --git a/srcpkgs/dwdiff/template b/srcpkgs/dwdiff/template new file mode 100644 index 00000000000..aa1374c30aa --- /dev/null +++ b/srcpkgs/dwdiff/template @@ -0,0 +1,14 @@ +# Template file for 'dwdiff' +pkgname=dwdiff +version=2.0.9 +revision=1 +build_style=configure +make_install_args="prefix=/usr" +makedepends="which icu-devel" +depends="diffutils" +short_desc="Word-level diff(1)" +maintainer="Christian Neukirchen " +license="GPL-3" +homepage="http://os.ghalkes.nl/dwdiff.html" +distfiles="http://os.ghalkes.nl/dist/$pkgname-$version.tgz" +checksum=c1c9217825ad3fac9936129cc26b73fa5479fb079e5c34522fc7066e74e31ef8 diff --git a/srcpkgs/fatrace/template b/srcpkgs/fatrace/template new file mode 100644 index 00000000000..fa1318e3669 --- /dev/null +++ b/srcpkgs/fatrace/template @@ -0,0 +1,11 @@ +# Template file for 'fatrace' +pkgname=fatrace +version=0.6 +revision=1 +build_style=gnu-makefile +short_desc="Report system wide file access events" +maintainer="Christian Neukirchen " +license="GPL-3" +homepage="http://launchpad.net/fatrace" +distfiles="http://launchpad.net/fatrace/trunk/$version/+download/$pkgname-$version.tar.bz2" +checksum=cd1cdd86772c2c49e20bf235c5e5ac5c7a1bd7aeaf7a50d708334c69cb6f9982 diff --git a/srcpkgs/fdm/template b/srcpkgs/fdm/template new file mode 100644 index 00000000000..801ea97631b --- /dev/null +++ b/srcpkgs/fdm/template @@ -0,0 +1,19 @@ +# Template file for 'fdm' +pkgname=fdm +version=1.7 +revision=1 +build_style=configure +hostmakedepends="bison" +makedepends="openssl-devel tdb-devel" +make_install_args="PREFIX=/usr MANDIR=/usr/share/man" +short_desc="Program to fetch and deliver mail" +maintainer="Christian Neukirchen " +license="custom" +homepage="http://fdm.sourceforge.net/" +distfiles="${SOURCEFORGE_SITE}/$pkgname/$pkgname/$pkgname-$version/$pkgname-$version.tar.gz" +checksum=484474094f124ce438c89dfab05519fe7b3aa8c8346d00f790a512ab950cef2a + +post_install() { + vmkdir usr/share/doc/${pkgname} + cp -r examples ${DESTDIR}/usr/share/doc/${pkgname} +} diff --git a/srcpkgs/lzop/template b/srcpkgs/lzop/template new file mode 100644 index 00000000000..c0ef25826e8 --- /dev/null +++ b/srcpkgs/lzop/template @@ -0,0 +1,12 @@ +# Template file for 'lzop' +pkgname=lzop +version=1.03 +revision=1 +build_style=gnu-configure +makedepends="lzo-devel" +short_desc="file compressor using lzo" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://www.lzop.org/" +distfiles="http://www.lzop.org/download/$pkgname-$version.tar.gz" +checksum=c1425b8c77d49f5a679d5a126c90ea6ad99585a55e335a613cae59e909dbb2c9 diff --git a/srcpkgs/mairix/template b/srcpkgs/mairix/template new file mode 100644 index 00000000000..92bd0c4416b --- /dev/null +++ b/srcpkgs/mairix/template @@ -0,0 +1,13 @@ +# Template file for 'mairix' +pkgname=mairix +version=0.23 +revision=1 +build_style=configure +configure_args="--prefix=/usr" +makedepends="flex bison bzip2-devel zlib-devel" +short_desc="A program for indexing and searching emails" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://www.rpcurnow.force9.co.uk/mairix/" +distfiles="${SOURCEFORGE_SITE}/${pkgname}/${pkgname}-${version}.tar.gz" +checksum=804e235b183c3350071a28cdda8eb465bcf447092a8206f40486191875bdf2fb diff --git a/srcpkgs/netpbm/files/config.mk b/srcpkgs/netpbm/files/config.mk new file mode 100644 index 00000000000..5c98d5f71dd --- /dev/null +++ b/srcpkgs/netpbm/files/config.mk @@ -0,0 +1,15 @@ +DEFAULT_TARGET = nonmerge +NETPBMLIBTYPE=unixshared +NETPBMLIBSUFFIX=so +STATICLIB_TOO=N +CFLAGS = -O3 -ffast-math -pedantic -fno-common -Wall -Wno-uninitialized -Wmissing-declarations -Wimplicit -Wwrite-strings -Wmissing-prototypes -Wundef -Wno-unknown-pragmas +CFLAGS_MERGE = -Wno-missing-declarations -Wno-missing-prototypes +LDRELOC = ld --reloc +LINKER_CAN_DO_EXPLICIT_LIBRARY=Y +LINKERISCOMPILER = N +CFLAGS_SHLIB += -fPIC +TIFFLIB = libtiff.so +JPEGLIB = libjpeg.so +ZLIB = libz.so +NETPBM_DOCURL = http://netpbm.sourceforge.net/doc/ +WANT_SSE = Y diff --git a/srcpkgs/netpbm/patches/netpbm-CAN-2005-2471.patch b/srcpkgs/netpbm/patches/netpbm-CAN-2005-2471.patch new file mode 100644 index 00000000000..0139cbd162a --- /dev/null +++ b/srcpkgs/netpbm/patches/netpbm-CAN-2005-2471.patch @@ -0,0 +1,16 @@ +--- converter/other/pstopnm.c.CAN-2005-2471 2005-08-15 02:39:46.000000000 +0200 ++++ converter/other/pstopnm.c 2005-08-16 15:38:15.000000000 +0200 +@@ -711,11 +711,11 @@ + ghostscriptProg, arg0, + deviceopt, outfileopt, gopt, ropt, textalphabitsopt, + "-q", "-dNOPAUSE", +- "-dSAFER", "-"); ++ "-dPARANOIDSAFER", "-"); + } + + execl(ghostscriptProg, arg0, deviceopt, outfileopt, gopt, ropt, "-q", +- "-dNOPAUSE", "-dSAFER", "-", NULL); ++ "-dNOPAUSE", "-dPARANOIDSAFER", "-", NULL); + + pm_error("execl() of Ghostscript ('%s') failed, errno=%d (%s)", + ghostscriptProg, errno, strerror(errno)); diff --git a/srcpkgs/netpbm/patches/netpbm-security-code.patch b/srcpkgs/netpbm/patches/netpbm-security-code.patch new file mode 100644 index 00000000000..87009709d42 --- /dev/null +++ b/srcpkgs/netpbm/patches/netpbm-security-code.patch @@ -0,0 +1,1660 @@ +diff -up analyzer/pgmtexture.c.security-code analyzer/pgmtexture.c +--- analyzer/pgmtexture.c.security-code 2012-04-09 15:31:32.000000000 +0200 ++++ analyzer/pgmtexture.c 2012-04-09 15:40:03.183620040 +0200 +@@ -97,7 +97,7 @@ vector(unsigned int const nl, + float * v; + + assert(nh >= nl); +- ++ overflow_add(nh - nl, 1); + MALLOCARRAY(v, (unsigned) (nh - nl + 1)); + + if (v == NULL) +@@ -129,6 +129,7 @@ matrix (unsigned int const nrl, + assert(nrh >= nrl); + + /* allocate pointers to rows */ ++ overflow_add(nrh - nrl, 1); + MALLOCARRAY(m, (unsigned) (nrh - nrl + 1)); + if (m == NULL) + pm_error("Unable to allocate memory for a matrix."); +@@ -136,7 +137,7 @@ matrix (unsigned int const nrl, + m -= ncl; + + assert (nch >= ncl); +- ++ overflow_add(nch - ncl, 1); + /* allocate rows and set pointers to them */ + for (i = nrl; i <= nrh; ++i) { + MALLOCARRAY(m[i], (unsigned) (nch - ncl + 1)); +diff -up converter/other/gemtopnm.c.security-code converter/other/gemtopnm.c +--- converter/other/gemtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/gemtopnm.c 2012-04-09 15:40:03.183620040 +0200 +@@ -106,6 +106,7 @@ main(argc, argv) + + pnm_writepnminit( stdout, cols, rows, MAXVAL, type, 0 ); + ++ overflow_add(cols, padright); + { + /* allocate input row data structure */ + int plane; +diff -up converter/other/jpegtopnm.c.security-code converter/other/jpegtopnm.c +--- converter/other/jpegtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200 ++++ converter/other/jpegtopnm.c 2012-04-09 15:40:03.184620028 +0200 +@@ -861,6 +861,8 @@ convertImage(FILE * + /* Calculate output image dimensions so we can allocate space */ + jpeg_calc_output_dimensions(cinfoP); + ++ overflow2(cinfoP->output_width, cinfoP->output_components); ++ + /* Start decompressor */ + jpeg_start_decompress(cinfoP); + +diff -up converter/other/pbmtopgm.c.security-code converter/other/pbmtopgm.c +--- converter/other/pbmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/pbmtopgm.c 2012-04-09 15:40:03.184620028 +0200 +@@ -47,6 +47,7 @@ main(int argc, char *argv[]) { + "than the image height (%u rows)", height, rows); + + outrow = pgm_allocrow(cols) ; ++ overflow2(width, height); + maxval = MIN(PGM_OVERALLMAXVAL, width*height); + pgm_writepgminit(stdout, cols, rows, maxval, 0) ; + +diff -up converter/other/pnmtoddif.c.security-code converter/other/pnmtoddif.c +--- converter/other/pnmtoddif.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/pnmtoddif.c 2012-04-09 15:40:03.185620015 +0200 +@@ -632,6 +632,7 @@ main(int argc, char *argv[]) { + switch (PNM_FORMAT_TYPE(format)) { + case PBM_TYPE: + ip.bits_per_pixel = 1; ++ overflow_add(cols, 7); + ip.bytes_per_line = (cols + 7) / 8; + ip.spectral = 2; + ip.components = 1; +@@ -647,6 +648,7 @@ main(int argc, char *argv[]) { + ip.polarity = 2; + break; + case PPM_TYPE: ++ overflow2(cols, 3); + ip.bytes_per_line = 3 * cols; + ip.bits_per_pixel = 24; + ip.spectral = 5; +diff -up converter/other/pnmtojpeg.c.security-code converter/other/pnmtojpeg.c +--- converter/other/pnmtojpeg.c.security-code 2012-04-09 15:31:39.000000000 +0200 ++++ converter/other/pnmtojpeg.c 2012-04-09 15:40:03.186620002 +0200 +@@ -605,7 +605,11 @@ read_scan_script(j_compress_ptr const ci + want JPOOL_PERMANENT. + */ + const unsigned int scan_info_size = nscans * sizeof(jpeg_scan_info); +- jpeg_scan_info * const scan_info = ++ const jpeg_scan_info * scan_info; ++ ++ overflow2(nscans, sizeof(jpeg_scan_info)); ++ ++ scan_info = + (jpeg_scan_info *) + (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE, + scan_info_size); +@@ -937,6 +941,8 @@ compute_rescaling_array(JSAMPLE ** const + const long half_maxval = maxval / 2; + long val; + ++ overflow_add(maxval, 1); ++ overflow2(maxval+1, sizeof(JSAMPLE)); + *rescale_p = (JSAMPLE *) + (cinfo.mem->alloc_small) ((j_common_ptr) &cinfo, JPOOL_IMAGE, + (size_t) (((long) maxval + 1L) * +@@ -1015,6 +1021,7 @@ convert_scanlines(struct jpeg_compress_s + */ + + /* Allocate the libpnm output and compressor input buffers */ ++ overflow2(cinfo_p->image_width, cinfo_p->input_components); + buffer = (*cinfo_p->mem->alloc_sarray) + ((j_common_ptr) cinfo_p, JPOOL_IMAGE, + (unsigned int) cinfo_p->image_width * cinfo_p->input_components, +diff -up converter/other/pnmtops.c.security-code converter/other/pnmtops.c +--- converter/other/pnmtops.c.security-code 2012-04-09 15:31:40.000000000 +0200 ++++ converter/other/pnmtops.c 2012-04-09 15:40:03.187619989 +0200 +@@ -256,17 +256,21 @@ parseCommandLine(int argc, const char ** + validateCompDimension(width, 72, "-width value"); + validateCompDimension(height, 72, "-height value"); + ++ overflow2(width, 72); + cmdlineP->width = width * 72; ++ overflow2(height, 72); + cmdlineP->height = height * 72; + + if (imagewidthSpec) { + validateCompDimension(imagewidth, 72, "-imagewidth value"); ++ overflow2(imagewidth, 72); + cmdlineP->imagewidth = imagewidth * 72; + } + else + cmdlineP->imagewidth = 0; + if (imageheightSpec) { +- validateCompDimension(imagewidth, 72, "-imageheight value"); ++ validateCompDimension(imageheight, 72, "-imageheight value"); ++ overflow2(imageheight, 72); + cmdlineP->imageheight = imageheight * 72; + } + else +diff -up converter/other/pnmtorle.c.security-code converter/other/pnmtorle.c +--- converter/other/pnmtorle.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/pnmtorle.c 2012-04-09 15:40:03.188619976 +0200 +@@ -19,6 +19,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * pnmtorle - A program which will convert pbmplus (ppm or pgm) images +diff -up converter/other/pnmtosgi.c.security-code converter/other/pnmtosgi.c +--- converter/other/pnmtosgi.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/pnmtosgi.c 2012-04-09 15:40:03.188619976 +0200 +@@ -254,6 +254,7 @@ build_channels(FILE * const ifp, int con + #endif + + if( storage != STORAGE_VERBATIM ) { ++ overflow2(channels, rows); + MALLOCARRAY_NOFAIL(table, channels * rows); + MALLOCARRAY_NOFAIL(rletemp, WORSTCOMPR(cols)); + } +@@ -306,6 +307,8 @@ compress(ScanElem * temp, + break; + case STORAGE_RLE: + tabrow = chan_no * rows + row; ++ overflow2(chan_no, rows); ++ overflow_add(chan_no* rows, row); + len = rle_compress(temp, cols); /* writes result into rletemp */ + channel[chan_no][row].length = len; + MALLOCARRAY(p, len); +diff -up converter/other/rletopnm.c.security-code converter/other/rletopnm.c +--- converter/other/rletopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/rletopnm.c 2012-04-09 15:40:03.189619963 +0200 +@@ -19,6 +19,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rletopnm - A conversion program to convert from Utah's "rle" image format +diff -up converter/other/sgitopnm.c.security-code converter/other/sgitopnm.c +--- converter/other/sgitopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/sgitopnm.c 2012-04-09 15:40:03.189619963 +0200 +@@ -359,10 +359,14 @@ readChannels(FILE * const ifP, + MALLOCARRAY_NOFAIL(image, head->ysize); + } else { + maxchannel = MIN(3, head->zsize); ++ overflow2(head->ysize, maxchannel); + MALLOCARRAY_NOFAIL(image, head->ysize * maxchannel); + } +- if (table) ++ if (table) { ++ overflow2(head->xsize, 2); ++ overflow_add(head->xsize*2, 2); + MALLOCARRAY_NOFAIL(temp, WORSTCOMPR(head->xsize)); ++ } + + for (channel = 0; channel < maxchannel; ++channel) { + unsigned int row; +diff -up converter/other/sirtopnm.c.security-code converter/other/sirtopnm.c +--- converter/other/sirtopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/sirtopnm.c 2012-04-09 15:40:03.190619951 +0200 +@@ -69,6 +69,7 @@ char* argv[]; + } + break; + case PPM_TYPE: ++ overflow3(cols, rows, 3); + picsize = cols * rows * 3; + planesize = cols * rows; + if ( !( sirarray = (unsigned char*) malloc( picsize ) ) ) +diff -up converter/other/tifftopnm.c.security-code converter/other/tifftopnm.c +--- converter/other/tifftopnm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/other/tifftopnm.c 2012-04-09 15:40:03.191619939 +0200 +@@ -1279,7 +1279,9 @@ convertRasterByRows(pnmOut * const + if (scanbuf == NULL) + pm_error("can't allocate memory for scanline buffer"); + +- MALLOCARRAY(samplebuf, cols * spp); ++ /* samplebuf is unsigned int * !!! */ ++ samplebuf = (unsigned int *) malloc3(cols , sizeof(unsigned int) , spp); ++ + if (samplebuf == NULL) + pm_error("can't allocate memory for row buffer"); + +diff -up converter/other/xwdtopnm.c.security-code converter/other/xwdtopnm.c +--- converter/other/xwdtopnm.c.security-code 2012-04-09 15:31:40.000000000 +0200 ++++ converter/other/xwdtopnm.c 2012-04-09 15:40:03.192619927 +0200 +@@ -209,6 +209,10 @@ processX10Header(X10WDFileHeader * cons + *colorsP = pnm_allocrow(2); + PNM_ASSIGN1((*colorsP)[0], 0); + PNM_ASSIGN1((*colorsP)[1], *maxvalP); ++ overflow_add(h10P->pixmap_width, 15); ++ if(h10P->pixmap_width < 0) ++ pm_error("assert: negative width"); ++ overflow2((((h10P->pixmap_width + 15) / 16) * 16 - h10P->pixmap_width), 8); + *padrightP = + (((h10P->pixmap_width + 15) / 16) * 16 - h10P->pixmap_width) * 8; + *bits_per_itemP = 16; +@@ -634,6 +638,7 @@ processX11Header(X11WDFileHeader * cons + + *colsP = h11FixedP->pixmap_width; + *rowsP = h11FixedP->pixmap_height; ++ overflow2(h11FixedP->bytes_per_line, 8); + *padrightP = + h11FixedP->bytes_per_line * 8 - + h11FixedP->pixmap_width * h11FixedP->bits_per_pixel; +diff -up converter/pbm/mdatopbm.c.security-code converter/pbm/mdatopbm.c +--- converter/pbm/mdatopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/mdatopbm.c 2012-04-09 15:40:03.192619927 +0200 +@@ -245,10 +245,13 @@ main(int argc, char **argv) { + pm_readlittleshort(infile, &yy); nInCols = yy; + } + ++ overflow2(nOutCols, 8); + nOutCols = 8 * nInCols; + nOutRows = nInRows; +- if (bScale) ++ if (bScale) { ++ overflow2(nOutRows, 2); + nOutRows *= 2; ++ } + + data = pbm_allocarray(nOutCols, nOutRows); + +diff -up converter/pbm/mgrtopbm.c.security-code converter/pbm/mgrtopbm.c +--- converter/pbm/mgrtopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/mgrtopbm.c 2012-04-09 15:40:03.193619915 +0200 +@@ -65,6 +65,8 @@ readMgrHeader(FILE * const ifP, + if (head.h_high < ' ' || head.l_high < ' ') + pm_error("Invalid width field in MGR header"); + ++ overflow_add(*colsP, pad); ++ + *colsP = (((int)head.h_wide - ' ') << 6) + ((int)head.l_wide - ' '); + *rowsP = (((int)head.h_high - ' ') << 6) + ((int) head.l_high - ' '); + *padrightP = ( ( *colsP + pad - 1 ) / pad ) * pad - *colsP; +diff -up converter/pbm/pbmtogem.c.security-code converter/pbm/pbmtogem.c +--- converter/pbm/pbmtogem.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtogem.c 2012-04-09 15:40:03.193619915 +0200 +@@ -79,6 +79,7 @@ putinit (int const rows, int const cols) + bitsperitem = 0; + bitshift = 7; + outcol = 0; ++ overflow_add(cols, 7); + outmax = (cols + 7) / 8; + outrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char)); + lastrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char)); +diff -up converter/pbm/pbmtogo.c.security-code converter/pbm/pbmtogo.c +--- converter/pbm/pbmtogo.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtogo.c 2012-04-09 15:40:03.193619915 +0200 +@@ -158,6 +158,7 @@ main(int argc, + bitrow = pbm_allocrow(cols); + + /* Round cols up to the nearest multiple of 8. */ ++ overflow_add(cols, 7); + rucols = ( cols + 7 ) / 8; + bytesperrow = rucols; /* GraphOn uses bytes */ + rucols = rucols * 8; +diff -up converter/pbm/pbmtolj.c.security-code converter/pbm/pbmtolj.c +--- converter/pbm/pbmtolj.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtolj.c 2012-04-09 15:40:03.194619902 +0200 +@@ -120,7 +120,11 @@ parseCommandLine(int argc, char ** argv, + static void + allocateBuffers(unsigned int const cols) { + ++ overflow_add(cols, 8); + rowBufferSize = (cols + 7) / 8; ++ overflow_add(rowBufferSize, 128); ++ overflow_add(rowBufferSize, rowBufferSize+128); ++ overflow_add(rowBufferSize+10, rowBufferSize/8); + packBufferSize = rowBufferSize + (rowBufferSize + 127) / 128 + 1; + deltaBufferSize = rowBufferSize + rowBufferSize / 8 + 10; + +diff -up converter/pbm/pbmtomacp.c.security-code converter/pbm/pbmtomacp.c +--- converter/pbm/pbmtomacp.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtomacp.c 2012-04-09 15:40:03.195619889 +0200 +@@ -101,6 +101,7 @@ char *argv[]; + if( !lflg ) + left = 0; + ++ overflow_add(left, MAX_COLS - 1); + if( rflg ) + { if( right - left >= MAX_COLS ) + right = left + MAX_COLS - 1; +@@ -111,6 +112,8 @@ char *argv[]; + if( !tflg ) + top = 0; + ++ overflow_add(top, MAX_LINES - 1); ++ + if( bflg ) + { if( bottom - top >= MAX_LINES ) + bottom = top + MAX_LINES - 1; +diff -up converter/pbm/pbmtomda.c.security-code converter/pbm/pbmtomda.c +--- converter/pbm/pbmtomda.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtomda.c 2012-04-09 15:40:03.195619889 +0200 +@@ -179,6 +179,7 @@ int main(int argc, char **argv) + + nOutRowsUnrounded = bScale ? nInRows/2 : nInRows; + ++ overflow_add(nOutRowsUnrounded, 3); + nOutRows = ((nOutRowsUnrounded + 3) / 4) * 4; + /* MDA wants rows a multiple of 4 */ + nOutCols = nInCols / 8; +diff -up converter/pbm/pbmtoppa/pbm.c.security-code converter/pbm/pbmtoppa/pbm.c +--- converter/pbm/pbmtoppa/pbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtoppa/pbm.c 2012-04-09 15:40:03.195619889 +0200 +@@ -105,6 +105,7 @@ int pbm_readline(pbm_stat* pbm,unsigned + return 0; + + case P4: ++ overflow_add(pbm->width, 7); + tmp=(pbm->width+7)/8; + tmp2=fread(data,1,tmp,pbm->fptr); + if(tmp2 == tmp) +@@ -129,7 +130,8 @@ void pbm_unreadline (pbm_stat *pbm, void + return; + + pbm->unread = 1; +- pbm->revdata = malloc ((pbm->width+7)/8); ++ overflow_add(pbm->width, 7); ++ pbm->revdata = malloc((pbm->width+7)/8); + memcpy (pbm->revdata, data, (pbm->width+7)/8); + pbm->current_line--; + } +diff -up converter/pbm/pbmtoppa/pbmtoppa.c.security-code converter/pbm/pbmtoppa/pbmtoppa.c +--- converter/pbm/pbmtoppa/pbmtoppa.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtoppa/pbmtoppa.c 2012-04-09 15:40:03.196619876 +0200 +@@ -441,6 +441,7 @@ main(int argc, char *argv[]) { + pm_error("main(): unrecognized parameter '%s'", argv[argn]); + } + ++ overflow_add(Width, 7); + Pwidth=(Width+7)/8; + printer.fptr=out; + +diff -up converter/pbm/pbmtoxbm.c.security-code converter/pbm/pbmtoxbm.c +--- converter/pbm/pbmtoxbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtoxbm.c 2012-04-09 15:40:03.196619876 +0200 +@@ -335,6 +335,8 @@ convertRaster(FILE * const ifP, + + unsigned char * bitrow; + unsigned int row; ++ ++ overflow_add(cols, padright); + + putinit(xbmVersion); + +diff -up converter/pbm/pbmtoybm.c.security-code converter/pbm/pbmtoybm.c +--- converter/pbm/pbmtoybm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtoybm.c 2012-04-09 15:40:03.197619863 +0200 +@@ -113,6 +113,7 @@ main(int argc, const char *argv[]) { + bitrow = pbm_allocrow(cols); + + /* Compute padding to round cols up to the nearest multiple of 16. */ ++ overflow_add(cols, 16); + padright = ((cols + 15) / 16) * 16 - cols; + + putinit(cols, rows); +diff -up converter/pbm/pbmtozinc.c.security-code converter/pbm/pbmtozinc.c +--- converter/pbm/pbmtozinc.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmtozinc.c 2012-04-09 15:40:03.197619863 +0200 +@@ -65,6 +65,7 @@ main(int argc, char * argv[]) { + bitrow = pbm_allocrow( cols ); + + /* Compute padding to round cols up to the nearest multiple of 16. */ ++ overflow_add(cols, 16); + padright = ( ( cols + 15 ) / 16 ) * 16 - cols; + + printf( "USHORT %s[] = {\n",name); +diff -up converter/pbm/pbmto10x.c.security-code converter/pbm/pbmto10x.c +--- converter/pbm/pbmto10x.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmto10x.c 2012-04-09 15:40:03.197619863 +0200 +@@ -162,7 +162,7 @@ main(int argc, char * argv[]) { + res_60x72(); + + pm_close(ifp); +- exit(0); ++ return 0; + } + + +diff -up converter/pbm/pbmto4425.c.security-code converter/pbm/pbmto4425.c +--- converter/pbm/pbmto4425.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pbmto4425.c 2012-04-09 15:40:03.198619851 +0200 +@@ -2,6 +2,7 @@ + + #include "nstring.h" + #include "pbm.h" ++#include + + static char bit_table[2][3] = { + {1, 4, 0x10}, +@@ -160,7 +161,7 @@ main(int argc, char * argv[]) { + xres = vmap_width * 2; + yres = vmap_height * 3; + +- vmap = malloc(vmap_width * vmap_height * sizeof(char)); ++ vmap = malloc3(vmap_width, vmap_height, sizeof(char)); + if(vmap == NULL) + { + pm_error( "Cannot allocate memory" ); +diff -up converter/pbm/pktopbm.c.security-code converter/pbm/pktopbm.c +--- converter/pbm/pktopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/pktopbm.c 2012-04-09 15:40:03.198619851 +0200 +@@ -277,6 +277,7 @@ main(int argc, char *argv[]) { + if (flagbyte == 7) { /* long form preamble */ + integer packetlength = get32() ; /* character packet length */ + car = get32() ; /* character number */ ++ overflow_add(packetlength, pktopbm_pkloc); + endofpacket = packetlength + pktopbm_pkloc; + /* calculate end of packet */ + if ((car >= MAXPKCHAR) || !filename[car]) { +diff -up converter/pbm/thinkjettopbm.l.security-code converter/pbm/thinkjettopbm.l +--- converter/pbm/thinkjettopbm.l.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/thinkjettopbm.l 2012-04-09 15:40:03.199619839 +0200 +@@ -114,7 +114,9 @@ DIG [0-9] + \033\*b{DIG}+W { + int l; + if (rowCount >= rowCapacity) { ++ overflow_add(rowCapacity, 100); + rowCapacity += 100; ++ overflow2(rowCapacity, sizeof *rows); + rows = realloc (rows, rowCapacity * sizeof *rows); + if (rows == NULL) + pm_error ("Out of memory."); +@@ -226,6 +228,8 @@ yywrap (void) + /* + * Quite simple since ThinkJet bit arrangement matches PBM + */ ++ ++ overflow2(maxRowLength, 8); + pbm_writepbminit(stdout, maxRowLength*8, rowCount, 0); + + packed_bitrow = malloc(maxRowLength); +diff -up converter/pbm/ybmtopbm.c.security-code converter/pbm/ybmtopbm.c +--- converter/pbm/ybmtopbm.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ converter/pbm/ybmtopbm.c 2012-04-09 15:40:03.199619839 +0200 +@@ -49,6 +49,7 @@ getinit(FILE * const ifP, + pm_error("EOF / read error"); + + *depthP = 1; ++ overflow_add(*colsP, 15); + *padrightP = ((*colsP + 15) / 16) * 16 - *colsP; + } + +diff -up converter/pgm/lispmtopgm.c.security-code converter/pgm/lispmtopgm.c +--- converter/pgm/lispmtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/pgm/lispmtopgm.c 2012-04-09 15:40:03.199619839 +0200 +@@ -58,6 +58,7 @@ main( argc, argv ) + pm_error( "depth (%d bits) is too large", depth); + + pgm_writepgminit( stdout, cols, rows, (gray) maxval, 0 ); ++ overflow_add(cols, 7); + grayrow = pgm_allocrow( ( cols + 7 ) / 8 * 8 ); + + for ( row = 0; row < rows; ++row ) +@@ -102,7 +103,9 @@ getinit( file, colsP, rowsP, depthP, pad + + if ( *depthP == 0 ) + *depthP = 1; /* very old file */ +- ++ ++ overflow_add((int)colsP, 31); ++ + *padrightP = ( ( *colsP + 31 ) / 32 ) * 32 - *colsP; + + if ( *colsP != (cols_32 - *padrightP) ) { +diff -up converter/pgm/psidtopgm.c.security-code converter/pgm/psidtopgm.c +--- converter/pgm/psidtopgm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/pgm/psidtopgm.c 2012-04-09 15:40:03.200619827 +0200 +@@ -78,6 +78,7 @@ main(int argc, + pm_error("bits/sample (%d) is too large.", bitspersample); + + pgm_writepgminit(stdout, cols, rows, maxval, 0); ++ overflow_add(cols, 7); + grayrow = pgm_allocrow((cols + 7) / 8 * 8); + for (row = 0; row < rows; ++row) { + unsigned int col; +diff -up converter/ppm/ilbmtoppm.c.security-code converter/ppm/ilbmtoppm.c +--- converter/ppm/ilbmtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/ilbmtoppm.c 2012-04-09 15:40:03.201619815 +0200 +@@ -592,6 +592,7 @@ decode_row(FILE * const ifP, + rawtype *chp; + + cols = bmhdP->w; ++ overflow_add(cols, 15); + bytes = RowBytes(cols); + for( plane = 0; plane < nPlanes; plane++ ) { + int mask; +@@ -679,6 +680,23 @@ decode_mask(FILE * const ifP, + Multipalette handling + ****************************************************************************/ + ++static void * ++xmalloc2(x, y) ++ int x; ++ int y; ++{ ++ void *mem; ++ ++ overflow2(x,y); ++ if( x * y == 0 ) ++ return NULL; ++ ++ mem = malloc2(x,y); ++ if( mem == NULL ) ++ pm_error("out of memory allocating %d bytes", x * y); ++ return mem; ++} ++ + + static void + multi_adjust(cmap, row, palchange) +@@ -1341,6 +1359,9 @@ dcol_to_ppm(FILE * const ifP, + if( redmaxval != maxval || greenmaxval != maxval || bluemaxval != maxval ) + pm_message("scaling colors to %d bits", pm_maxvaltobits(maxval)); + ++ overflow_add(redmaxval, 1); ++ overflow_add(greenmaxval, 1); ++ overflow_add(bluemaxval, 1); + MALLOCARRAY_NOFAIL(redtable, redmaxval +1); + MALLOCARRAY_NOFAIL(greentable, greenmaxval +1); + MALLOCARRAY_NOFAIL(bluetable, bluemaxval +1); +@@ -1763,7 +1784,9 @@ PCHG_ConvertSmall(PCHG, cmap, mask, data + ChangeCount32 = *data++; + datasize -= 2; + ++ overflow_add(ChangeCount16, ChangeCount32); + changes = ChangeCount16 + ChangeCount32; ++ overflow_add(changes, 1); + for( i = 0; i < changes; i++ ) { + if( totalchanges >= PCHG->TotalChanges ) goto fail; + if( datasize < 2 ) goto fail; +@@ -2028,6 +2051,9 @@ read_pchg(FILE * const ifp, + cmap->mp_change[i] = NULL; + if( PCHG.StartLine < 0 ) { + int nch; ++ if(PCHG.MaxReg < PCHG.MinReg) ++ pm_error("assert: MinReg > MaxReg"); ++ overflow_add(PCHG.MaxReg-PCHG.MinReg, 2); + nch = PCHG.MaxReg - PCHG.MinReg +1; + MALLOCARRAY_NOFAIL(cmap->mp_init, nch + 1); + for( i = 0; i < nch; i++ ) +@@ -2104,6 +2130,7 @@ process_body( FILE * const ifp, + if( typeid == ID_ILBM ) { + int isdeep; + ++ overflow_add(bmhdP->w, 15); + MALLOCARRAY_NOFAIL(ilbmrow, RowBytes(bmhdP->w)); + *viewportmodesP |= fakeviewport; /* -isham/-isehb */ + +diff -up converter/ppm/imgtoppm.c.security-code converter/ppm/imgtoppm.c +--- converter/ppm/imgtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/imgtoppm.c 2012-04-09 15:40:03.202619802 +0200 +@@ -84,6 +84,7 @@ main(int argc, char ** argv) { + len = atoi((char*) buf ); + if ( fread( buf, len, 1, ifp ) != 1 ) + pm_error( "bad colormap buf" ); ++ overflow2(cmaplen, 3); + if ( cmaplen * 3 != len ) + { + pm_message( +@@ -105,6 +106,7 @@ main(int argc, char ** argv) { + pm_error( "bad pixel data header" ); + buf[8] = '\0'; + len = atoi((char*) buf ); ++ overflow2(cols, rows); + if ( len != cols * rows ) + pm_message( + "pixel data length (%d) does not match image size (%d)", +diff -up converter/ppm/Makefile.security-code converter/ppm/Makefile +--- converter/ppm/Makefile.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/Makefile 2012-04-09 15:40:03.202619802 +0200 +@@ -11,7 +11,7 @@ SUBDIRS = hpcdtoppm ppmtompeg + + PORTBINARIES = 411toppm eyuvtoppm gouldtoppm ilbmtoppm imgtoppm \ + leaftoppm mtvtoppm neotoppm \ +- pcxtoppm pc1toppm pi1toppm picttoppm pjtoppm \ ++ pcxtoppm pc1toppm pi1toppm pjtoppm \ + ppmtoacad ppmtoapplevol ppmtoarbtxt ppmtoascii \ + ppmtobmp ppmtoeyuv ppmtogif ppmtoicr ppmtoilbm \ + ppmtoleaf ppmtolj ppmtomitsu ppmtoneo \ +diff -up converter/ppm/pcxtoppm.c.security-code converter/ppm/pcxtoppm.c +--- converter/ppm/pcxtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/pcxtoppm.c 2012-04-09 15:40:03.203619789 +0200 +@@ -409,6 +409,7 @@ pcx_planes_to_pixels(pixels, bitplanes, + /* + * clear the pixel buffer + */ ++ overflow2(bytesperline, 8); + npixels = (bytesperline * 8) / bitsperpixel; + p = pixels; + while (--npixels >= 0) +@@ -470,6 +471,7 @@ pcx_16col_to_ppm(FILE * const ifP, + } + + /* BytesPerLine should be >= BitsPerPixel * cols / 8 */ ++ overflow2(BytesPerLine, 8); + rawcols = BytesPerLine * 8 / BitsPerPixel; + if (headerCols > rawcols) { + pm_message("warning - BytesPerLine = %d, " +diff -up converter/ppm/picttoppm.c.security-code converter/ppm/picttoppm.c +--- converter/ppm/picttoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/picttoppm.c 2012-04-09 15:40:03.205619763 +0200 +@@ -1,3 +1,5 @@ ++#error "Unfixable. Don't ship me" ++ + /* + * picttoppm.c -- convert a MacIntosh PICT file to PPM format. + * +diff -up converter/ppm/pjtoppm.c.security-code converter/ppm/pjtoppm.c +--- converter/ppm/pjtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/pjtoppm.c 2012-04-09 15:40:03.206619751 +0200 +@@ -127,19 +127,21 @@ main(argc, argv) + case 'V': /* send plane */ + case 'W': /* send last plane */ + if (rows == -1 || r >= rows || image == NULL) { +- if (rows == -1 || r >= rows) ++ if (rows == -1 || r >= rows) { ++ overflow_add(rows, 100); + rows += 100; ++ } + if (image == NULL) { +- MALLOCARRAY(image, rows * planes); +- MALLOCARRAY(imlen, rows * planes); ++ image = (unsigned char **) ++ malloc3(rows , planes , sizeof(unsigned char *)); ++ imlen = (int *) malloc3(rows , planes, sizeof(int)); + } + else { ++ overflow2(rows,planes); + image = (unsigned char **) +- realloc(image, +- rows * planes * ++ realloc2(image, rows * planes, + sizeof(unsigned char *)); +- imlen = (int *) +- realloc(imlen, rows * planes * sizeof(int)); ++ imlen = (int *) realloc2(imlen, rows * planes, sizeof(int)); + } + } + if (image == NULL || imlen == NULL) +@@ -212,8 +214,10 @@ main(argc, argv) + for (i = 0, c = 0; c < imlen[p + r * planes]; c += 2) + for (cmd = image[p + r * planes][c], + val = image[p + r * planes][c+1]; +- cmd >= 0 && i < newcols; cmd--, i++) ++ cmd >= 0 && i < newcols; cmd--, i++) { + buf[i] = val; ++ overflow_add(i, 1); ++ } + cols = cols > i ? cols : i; + free(image[p + r * planes]); + /* +@@ -224,6 +228,7 @@ main(argc, argv) + image[p + r * planes] = (unsigned char *) realloc(buf, i); + } + } ++ overflow2(cols, 8); + cols *= 8; + } + +diff -up converter/ppm/ppmtoeyuv.c.security-code converter/ppm/ppmtoeyuv.c +--- converter/ppm/ppmtoeyuv.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/ppm/ppmtoeyuv.c 2012-04-09 15:40:03.206619751 +0200 +@@ -114,6 +114,7 @@ create_multiplication_tables(const pixva + + int index; + ++ overflow_add(maxval, 1); + MALLOCARRAY_NOFAIL(mult299 , maxval+1); + MALLOCARRAY_NOFAIL(mult587 , maxval+1); + MALLOCARRAY_NOFAIL(mult114 , maxval+1); +diff -up converter/ppm/ppmtoicr.c.security-code converter/ppm/ppmtoicr.c +--- converter/ppm/ppmtoicr.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/ppmtoicr.c 2012-04-09 15:40:03.207619739 +0200 +@@ -169,7 +169,7 @@ char* argv[]; + + if (rleflag) { + pm_message("sending run-length encoded picture data ..." ); +- testimage = (char*) malloc(rows*cols); ++ testimage = (char*) malloc2(rows, cols); + p = testimage; + for (i=0; i PCL_MAXVAL) + pm_error("color range too large; reduce with ppmcscale"); ++ if (cols < 0 || rows < 0) ++ pm_error("negative size is not possible"); + + /* Figure out the colormap. */ + pm_message("Computing colormap..."); +@@ -296,6 +298,8 @@ main(int argc, const char * argv[]) { + case 0: /* direct mode (no palette) */ + bpp = bitsperpixel(maxval); /* bits per pixel */ + bpg = bpp; bpb = bpp; ++ overflow2(bpp, 3); ++ overflow_add(bpp*3, 7); + bpp = (bpp*3+7)>>3; /* bytes per pixel now */ + bpr = (bpp<<3)-bpg-bpb; + bpp *= cols; /* bytes per row now */ +@@ -305,9 +309,13 @@ main(int argc, const char * argv[]) { + case 3: case 7: pclindex++; + default: + bpp = 8/pclindex; ++ overflow_add(cols, bpp); ++ if(bpp == 0) ++ pm_error("assert: no bpp"); + bpp = (cols+bpp-1)/bpp; /* bytes per row */ + } + } ++ overflow2(bpp,2); + inrow = (char *)malloc((unsigned)bpp); + outrow = (char *)malloc((unsigned)bpp*2); + runcnt = (signed char *)malloc((unsigned)bpp); +diff -up converter/ppm/ppmtowinicon.c.security-code converter/ppm/ppmtowinicon.c +--- converter/ppm/ppmtowinicon.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/ppmtowinicon.c 2012-04-09 15:40:03.213619664 +0200 +@@ -12,6 +12,7 @@ + + #include + #include ++#include + + #include "pm_c_util.h" + #include "winico.h" +@@ -219,6 +220,7 @@ createAndBitmap (gray ** const ba, int c + MALLOCARRAY_NOFAIL(rowData, rows); + icBitmap->xBytes = xBytes; + icBitmap->data = rowData; ++ overflow2(xBytes, rows); + icBitmap->size = xBytes * rows; + for (y=0;yxBytes = xBytes; + icBitmap->data = rowData; ++ overflow2(xBytes, rows); + icBitmap->size = xBytes * rows; + + for (y=0;yxBytes = xBytes; + icBitmap->data = rowData; ++ overflow2(xBytes, rows); + icBitmap->size = xBytes * rows; + + for (y=0;ybitcount = bpp; + entry->ih = createInfoHeader(entry, xorBitmap, andBitmap); + entry->colors = palette->colors; ++ overflow2(4, entry->color_count); ++ overflow_add(xorBitmap->size, andBitmap->size); ++ overflow_add(xorBitmap->size + andBitmap->size, 40); ++ overflow_add(xorBitmap->size + andBitmap->size + 40, 4 * entry->color_count); + entry->size_in_bytes = + xorBitmap->size + andBitmap->size + 40 + (4 * entry->color_count); + if (verbose) +diff -up converter/ppm/ppmtoxpm.c.security-code converter/ppm/ppmtoxpm.c +--- converter/ppm/ppmtoxpm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/ppmtoxpm.c 2012-04-09 15:40:03.214619651 +0200 +@@ -197,6 +197,7 @@ genNumstr(unsigned int const input, int + unsigned int i; + + /* Allocate memory for printed number. Abort if error. */ ++ overflow_add(digits, 1); + if (!(str = (char *) malloc(digits + 1))) + pm_error("out of memory"); + +@@ -314,6 +315,7 @@ genCmap(colorhist_vector const chv, + unsigned int charsPerPixel; + unsigned int xpmMaxval; + ++ if (includeTransparent) overflow_add(ncolors, 1); + MALLOCARRAY(cmap, cmapSize); + if (cmapP == NULL) + pm_error("Out of memory allocating %u bytes for a color map.", +diff -up converter/ppm/qrttoppm.c.security-code converter/ppm/qrttoppm.c +--- converter/ppm/qrttoppm.c.security-code 2012-04-09 15:31:42.000000000 +0200 ++++ converter/ppm/qrttoppm.c 2012-04-09 15:40:03.215619638 +0200 +@@ -46,7 +46,7 @@ main( argc, argv ) + + ppm_writeppminit( stdout, cols, rows, maxval, 0 ); + pixelrow = ppm_allocrow( cols ); +- buf = (unsigned char *) malloc( 3 * cols ); ++ buf = (unsigned char *) malloc2( 3 , cols ); + if ( buf == (unsigned char *) 0 ) + pm_error( "out of memory" ); + +diff -up converter/ppm/sldtoppm.c.security-code converter/ppm/sldtoppm.c +--- converter/ppm/sldtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/sldtoppm.c 2012-04-09 15:40:03.216619626 +0200 +@@ -455,6 +455,8 @@ slider(slvecfn slvec, + + /* Allocate image buffer and clear it to black. */ + ++ overflow_add(ixdots,1); ++ overflow_add(iydots,1); + pixels = ppm_allocarray(pixcols = ixdots + 1, pixrows = iydots + 1); + PPM_ASSIGN(rgbcolor, 0, 0, 0); + ppmd_filledrectangle(pixels, pixcols, pixrows, pixmaxval, 0, 0, +diff -up converter/ppm/ximtoppm.c.security-code converter/ppm/ximtoppm.c +--- converter/ppm/ximtoppm.c.security-code 2012-04-09 15:31:44.000000000 +0200 ++++ converter/ppm/ximtoppm.c 2012-04-09 15:40:03.216619626 +0200 +@@ -117,6 +117,7 @@ ReadXimHeader(FILE * const in_fp, + header->bits_channel = atoi(a_head.bits_per_channel); + header->alpha_flag = atoi(a_head.alpha_channel); + if (strlen(a_head.author)) { ++ overflow_add(strlen(a_head.author),1); + if (!(header->author = calloc((unsigned int)strlen(a_head.author)+1, + 1))) { + pm_message("ReadXimHeader: can't calloc author string" ); +@@ -126,6 +127,7 @@ ReadXimHeader(FILE * const in_fp, + strncpy(header->author, a_head.author, strlen(a_head.author)); + } + if (strlen(a_head.date)) { ++ overflow_add(strlen(a_head.date),1); + if (!(header->date =calloc((unsigned int)strlen(a_head.date)+1,1))){ + pm_message("ReadXimHeader: can't calloc date string" ); + return(0); +@@ -134,6 +136,7 @@ ReadXimHeader(FILE * const in_fp, + strncpy(header->date, a_head.date, strlen(a_head.date)); + } + if (strlen(a_head.program)) { ++ overflow_add(strlen(a_head.program),1); + if (!(header->program = calloc( + (unsigned int)strlen(a_head.program) + 1, 1))) { + pm_message("ReadXimHeader: can't calloc program string" ); +@@ -160,6 +163,7 @@ ReadXimHeader(FILE * const in_fp, + if (header->nchannels == 3 && header->bits_channel == 8) + header->ncolors = 0; + else if (header->nchannels == 1 && header->bits_channel == 8) { ++ overflow2(header->ncolors, sizeof(Color)); + header->colors = (Color *)calloc((unsigned int)header->ncolors, + sizeof(Color)); + if (header->colors == NULL) { +diff -up editor/pamcut.c.security-code editor/pamcut.c +--- editor/pamcut.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/pamcut.c 2012-04-09 15:40:03.218619602 +0200 +@@ -655,6 +655,8 @@ cutOneImage(FILE * const ifP + + outpam = inpam; /* Initial value -- most fields should be same */ + outpam.file = ofP; ++ overflow_add(rightcol, 1); ++ overflow_add(bottomrow, 1); + outpam.width = rightcol - leftcol + 1; + outpam.height = bottomrow - toprow + 1; + +diff -up editor/pbmreduce.c.security-code editor/pbmreduce.c +--- editor/pbmreduce.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/pbmreduce.c 2012-04-09 15:40:03.219619590 +0200 +@@ -94,6 +94,7 @@ main( argc, argv ) + if (halftone == QT_FS) { + unsigned int col; + /* Initialize Floyd-Steinberg. */ ++ overflow_add(newcols, 2); + MALLOCARRAY(thiserr, newcols + 2); + MALLOCARRAY(nexterr, newcols + 2); + if (thiserr == NULL || nexterr == NULL) +diff -up editor/pnmgamma.c.security-code editor/pnmgamma.c +--- editor/pnmgamma.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ editor/pnmgamma.c 2012-04-09 15:40:03.220619577 +0200 +@@ -586,6 +586,7 @@ createGammaTables(enum transferFunction + xelval ** const btableP) { + + /* Allocate space for the tables. */ ++ overflow_add(maxval, 1); + MALLOCARRAY(*rtableP, maxval+1); + MALLOCARRAY(*gtableP, maxval+1); + MALLOCARRAY(*btableP, maxval+1); +diff -up editor/pnmhisteq.c.security-code editor/pnmhisteq.c +--- editor/pnmhisteq.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/pnmhisteq.c 2012-04-09 15:40:03.220619577 +0200 +@@ -103,6 +103,7 @@ computeLuminosityHistogram(xel * const * + unsigned int pixelCount; + unsigned int * lumahist; + ++ overflow_add(maxval, 1); + MALLOCARRAY(lumahist, maxval + 1); + if (lumahist == NULL) + pm_error("Out of storage allocating array for %u histogram elements", +diff -up editor/pnmindex.csh.security-code editor/pnmindex.csh +--- editor/pnmindex.csh.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/pnmindex.csh 2012-04-09 15:40:03.221619564 +0200 +@@ -1,5 +1,8 @@ + #!/bin/csh -f + # ++echo "Unsafe code, needs debugging, do not ship" ++exit 1 ++# + # pnmindex - build a visual index of a bunch of anymaps + # + # Copyright (C) 1991 by Jef Poskanzer. +diff -up editor/pnmpad.c.security-code editor/pnmpad.c +--- editor/pnmpad.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ editor/pnmpad.c 2012-04-09 15:40:03.221619564 +0200 +@@ -527,6 +527,8 @@ main(int argc, const char ** argv) { + + computePadSizes(cmdline, cols, rows, &lpad, &rpad, &tpad, &bpad); + ++ overflow_add(cols, lpad); ++ overflow_add(cols + lpad, rpad); + newcols = cols + lpad + rpad; + + if (PNM_FORMAT_TYPE(format) == PBM_TYPE) +diff -up editor/pnmremap.c.security-code editor/pnmremap.c +--- editor/pnmremap.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/pnmremap.c 2012-04-09 15:40:03.222619551 +0200 +@@ -409,7 +409,7 @@ initFserr(struct pam * const pamP, + unsigned int plane; + + unsigned int const fserrSize = pamP->width + 2; +- ++ overflow_add(pamP->width, 2); + fserrP->width = pamP->width; + + MALLOCARRAY(fserrP->thiserr, pamP->depth); +@@ -445,6 +445,7 @@ floydInitRow(struct pam * const pamP, st + + int col; + ++ overflow_add(pamP->width, 2); + for (col = 0; col < pamP->width + 2; ++col) { + unsigned int plane; + for (plane = 0; plane < pamP->depth; ++plane) +diff -up editor/pnmscalefixed.c.security-code editor/pnmscalefixed.c +--- editor/pnmscalefixed.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ editor/pnmscalefixed.c 2012-04-09 15:40:03.223619538 +0200 +@@ -214,6 +214,8 @@ compute_output_dimensions(const struct c + const int rows, const int cols, + int * newrowsP, int * newcolsP) { + ++ overflow2(rows, cols); ++ + if (cmdline.pixels) { + if (rows * cols <= cmdline.pixels) { + *newrowsP = rows; +@@ -265,6 +267,8 @@ compute_output_dimensions(const struct c + + if (*newcolsP < 1) *newcolsP = 1; + if (*newrowsP < 1) *newrowsP = 1; ++ ++ overflow2(*newcolsP, *newrowsP); + } + + +@@ -446,6 +450,9 @@ main(int argc, char **argv ) { + unfilled. We can address that by stretching, whereas the other + case would require throwing away some of the input. + */ ++ ++ overflow2(newcols, SCALE); ++ overflow2(newrows, SCALE); + sxscale = SCALE * newcols / cols; + syscale = SCALE * newrows / rows; + +diff -up editor/pnmshear.c.security-code editor/pnmshear.c +--- editor/pnmshear.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/pnmshear.c 2012-04-09 15:40:03.224619526 +0200 +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + + #include "pm_c_util.h" + #include "ppm.h" +@@ -236,6 +237,11 @@ main(int argc, char * argv[]) { + + shearfac = fabs(tan(cmdline.angle)); + ++ if(rows * shearfac >= INT_MAX-1) ++ pm_error("image too large"); ++ ++ overflow_add(rows * shearfac, cols+1); ++ + newcols = rows * shearfac + cols + 0.999999; + + pnm_writepnminit(stdout, newcols, rows, newmaxval, newformat, 0); +diff -up editor/ppmdither.c.security-code editor/ppmdither.c +--- editor/ppmdither.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/ppmdither.c 2012-04-09 15:40:03.224619526 +0200 +@@ -355,7 +355,11 @@ dithMatrix(unsigned int const dithPower) + unsigned int const dithMatSize = + (dithDim * sizeof(*dithMat)) + /* pointers */ + (dithDim * dithDim * sizeof(**dithMat)); /* data */ +- ++ ++ overflow2(dithDim, sizeof(*dithMat)); ++ overflow3(dithDim, dithDim, sizeof(**dithMat)); ++ overflow_add(dithDim * sizeof(*dithMat), dithDim * dithDim * sizeof(**dithMat)); ++ + dithMat = malloc(dithMatSize); + + if (dithMat == NULL) +diff -up editor/specialty/pamoil.c.security-code editor/specialty/pamoil.c +--- editor/specialty/pamoil.c.security-code 2012-04-09 15:31:33.000000000 +0200 ++++ editor/specialty/pamoil.c 2012-04-09 15:40:03.224619526 +0200 +@@ -112,6 +112,7 @@ main(int argc, char *argv[] ) { + tuples = pnm_readpam(ifp, &inpam, PAM_STRUCT_SIZE(tuple_type)); + pm_close(ifp); + ++ overflow_add(inpam.maxval, 1); + MALLOCARRAY(hist, inpam.maxval + 1); + if (hist == NULL) + pm_error("Unable to allocate memory for histogram."); +diff -up generator/pbmtext.c.security-code generator/pbmtext.c +--- generator/pbmtext.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ generator/pbmtext.c 2012-04-09 15:40:03.225619514 +0200 +@@ -96,12 +96,14 @@ parseCommandLine(int argc, const char ** + + for (i = 1; i < argc; ++i) { + if (i > 1) { ++ overflow_add(totaltextsize, 1); + totaltextsize += 1; + text = realloc(text, totaltextsize); + if (text == NULL) + pm_error("out of memory allocating space for input text"); + strcat(text, " "); + } ++ overflow_add(totaltextsize, strlen(argv[i])); + totaltextsize += strlen(argv[i]); + text = realloc(text, totaltextsize); + if (text == NULL) +@@ -712,6 +714,7 @@ getText(const char cmdline_text + pm_error("A line of input text is longer than %u characters." + "Cannot process.", (unsigned)sizeof(buf)-1); + if (lineCount >= maxlines) { ++ overflow2(maxlines, 2); + maxlines *= 2; + REALLOCARRAY(text_array, maxlines); + if (text_array == NULL) +@@ -832,6 +835,7 @@ main(int argc, const char *argv[]) { + hmargin = fontP->maxwidth; + } else { + vmargin = fontP->maxheight; ++ overflow2(2, fontP->maxwidth); + hmargin = 2 * fontP->maxwidth; + } + } +diff -up generator/pgmcrater.c.security-code generator/pgmcrater.c +--- generator/pgmcrater.c.security-code 2012-04-09 15:31:34.000000000 +0200 ++++ generator/pgmcrater.c 2012-04-09 15:40:03.226619502 +0200 +@@ -130,7 +130,7 @@ static void gencraters() + /* Acquire the elevation array and initialize it to mean + surface elevation. */ + +- MALLOCARRAY(aux, SCRX * SCRY); ++ aux = (unsigned short *) malloc3(SCRX, SCRY, sizeof(short)); + if (aux == NULL) + pm_error("out of memory allocating elevation array"); + +diff -up lib/libpam.c.security-code lib/libpam.c +--- lib/libpam.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ lib/libpam.c 2012-04-09 15:40:03.227619490 +0200 +@@ -220,7 +220,8 @@ allocPamRow(const struct pam * const pam + unsigned int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample); + tuple * tuplerow; + +- tuplerow = malloc(pamP->width * (sizeof(tuple *) + bytesPerTuple)); ++ overflow_add(sizeof(tuple *), bytesPerTuple); ++ tuplerow = malloc2(pamP->width, (sizeof(tuple *) + bytesPerTuple)); + + if (tuplerow != NULL) { + /* Now we initialize the pointers to the individual tuples +diff -up lib/libpammap.c.security-code lib/libpammap.c +--- lib/libpammap.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ lib/libpammap.c 2012-04-09 15:40:03.228619477 +0200 +@@ -104,6 +104,8 @@ allocTupleIntListItem(struct pam * const + */ + struct tupleint_list_item * retval; + ++ overflow2(pamP->depth, sizeof(sample)); ++ overflow_add(sizeof(*retval)-sizeof(retval->tupleint.tuple), pamP->depth*sizeof(sample)); + unsigned int const size = + sizeof(*retval) - sizeof(retval->tupleint.tuple) + + pamP->depth * sizeof(sample); +diff -up lib/libpm.c.security-code lib/libpm.c +--- lib/libpm.c.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ lib/libpm.c 2012-04-09 15:40:03.229619464 +0200 +@@ -808,4 +808,53 @@ pm_parse_height(const char * const arg) + } + + ++/* ++ * Maths wrapping ++ */ ++ ++void __overflow2(int a, int b) ++{ ++ if(a < 0 || b < 0) ++ pm_error("object too large"); ++ if(b == 0) ++ return; ++ if(a > INT_MAX / b) ++ pm_error("object too large"); ++} ++ ++void overflow3(int a, int b, int c) ++{ ++ overflow2(a,b); ++ overflow2(a*b, c); ++} ++ ++void overflow_add(int a, int b) ++{ ++ if( a > INT_MAX - b) ++ pm_error("object too large"); ++} ++ ++void *malloc2(int a, int b) ++{ ++ overflow2(a, b); ++ if(a*b == 0) ++ pm_error("Zero byte allocation"); ++ return malloc(a*b); ++} ++ ++void *malloc3(int a, int b, int c) ++{ ++ overflow3(a, b, c); ++ if(a*b*c == 0) ++ pm_error("Zero byte allocation"); ++ return malloc(a*b*c); ++} ++ ++void *realloc2(void * a, int b, int c) ++{ ++ overflow2(b, c); ++ if(b*c == 0) ++ pm_error("Zero byte allocation"); ++ return realloc(a, b*c); ++} + +diff -up lib/pm.h.security-code lib/pm.h +--- lib/pm.h.security-code 2012-04-09 15:31:38.000000000 +0200 ++++ lib/pm.h 2012-04-09 15:40:03.229619464 +0200 +@@ -432,4 +432,11 @@ pm_parse_height(const char * const arg); + #endif + + ++void *malloc2(int, int); ++void *malloc3(int, int, int); ++#define overflow2(a,b) __overflow2(a,b) ++void __overflow2(int, int); ++void overflow3(int, int, int); ++void overflow_add(int, int); ++ + #endif +diff -up other/pnmcolormap.c.security-code other/pnmcolormap.c +--- other/pnmcolormap.c.security-code 2012-04-09 15:31:32.000000000 +0200 ++++ other/pnmcolormap.c 2012-04-09 15:40:03.230619451 +0200 +@@ -840,6 +840,7 @@ colormapToSquare(struct pam * const pamP + pamP->width = intsqrt; + else + pamP->width = intsqrt + 1; ++ overflow_add(intsqrt, 1); + } + { + unsigned int const intQuotient = colormap.size / pamP->width; +diff -up urt/README.security-code urt/README +--- urt/README.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/README 2012-04-09 15:40:03.231619438 +0200 +@@ -18,3 +18,8 @@ in its initializer in the original. But + defines stdout as a variable, so that wouldn't compile. So I changed + it to NULL and added a line to rle_hdr_init to set that field to + 'stdout' dynamically. 2000.06.02 BJH. ++ ++Redid the code to check for maths overflows and other crawly horrors. ++Removed pipe through and compress support (unsafe) ++ ++Alan Cox +diff -up urt/rle_addhist.c.security-code urt/rle_addhist.c +--- urt/rle_addhist.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/rle_addhist.c 2012-04-09 15:40:03.231619438 +0200 +@@ -14,6 +14,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_addhist.c - Add to the HISTORY comment in header +@@ -71,13 +73,19 @@ rle_addhist(char * argv[], + return; + + length = 0; +- for (i = 0; argv[i]; ++i) ++ for (i = 0; argv[i]; ++i) { ++ overflow_add(length, strlen(argv[i])); ++ overflow_add(length+1, strlen(argv[i])); + length += strlen(argv[i]) +1; /* length of each arg plus space. */ ++ } + + time(&temp); + timedate = ctime(&temp); + length += strlen(timedate); /* length of date and time in ASCII. */ + ++ overflow_add(strlen(padding), 4); ++ overflow_add(strlen(histoire), strlen(padding) + 4); ++ overflow_add(length, strlen(histoire) + strlen(padding) + 4); + length += strlen(padding) + 3 + strlen(histoire) + 1; + /* length of padding, "on " and length of history name plus "="*/ + if (in_hdr) /* if we are interested in the old comments... */ +@@ -85,9 +93,12 @@ rle_addhist(char * argv[], + else + old = NULL; + +- if (old && *old) ++ if (old && *old) { ++ overflow_add(length, strlen(old)); + length += strlen(old); /* add length if there. */ ++ } + ++ overflow_add(length, 1); + ++length; /*Cater for the null. */ + + MALLOCARRAY(newc, length); +diff -up urt/rle_getrow.c.security-code urt/rle_getrow.c +--- urt/rle_getrow.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/rle_getrow.c 2012-04-09 15:40:03.232619426 +0200 +@@ -17,6 +17,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_getrow.c - Read an RLE file in. +@@ -168,6 +170,7 @@ rle_get_setup(rle_hdr * const the_hdr) { + register char * cp; + + VAXSHORT( comlen, infile ); /* get comment length */ ++ overflow_add(comlen, 1); + evenlen = (comlen + 1) & ~1; /* make it even */ + if ( evenlen ) + { +diff -up urt/rle_hdr.c.security-code urt/rle_hdr.c +--- urt/rle_hdr.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/rle_hdr.c 2012-04-09 15:40:03.233619414 +0200 +@@ -14,6 +14,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_hdr.c - Functions to manipulate rle_hdr structures. +@@ -80,7 +82,10 @@ int img_num; + /* Fill in with copies of the strings. */ + if ( the_hdr->cmd != pgmname ) + { +- char *tmp = (char *)malloc( strlen( pgmname ) + 1 ); ++ char *tmp ; ++ ++ overflow_add(strlen(pgmname), 1); ++ tmp = malloc( strlen( pgmname ) + 1 ); + RLE_CHECK_ALLOC( pgmname, tmp, 0 ); + strcpy( tmp, pgmname ); + the_hdr->cmd = tmp; +@@ -88,7 +93,9 @@ int img_num; + + if ( the_hdr->file_name != fname ) + { +- char *tmp = (char *)malloc( strlen( fname ) + 1 ); ++ char *tmp; ++ overflow_add(strlen(fname), 1); ++ tmp = malloc( strlen( fname ) + 1 ); + RLE_CHECK_ALLOC( pgmname, tmp, 0 ); + strcpy( tmp, fname ); + the_hdr->file_name = tmp; +@@ -153,6 +160,7 @@ rle_hdr *from_hdr, *to_hdr; + if ( to_hdr->bg_color ) + { + int size = to_hdr->ncolors * sizeof(int); ++ overflow2(to_hdr->ncolors, sizeof(int)); + to_hdr->bg_color = (int *)malloc( size ); + RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->bg_color, "background color" ); + memcpy( to_hdr->bg_color, from_hdr->bg_color, size ); +@@ -161,7 +169,7 @@ rle_hdr *from_hdr, *to_hdr; + if ( to_hdr->cmap ) + { + int size = to_hdr->ncmap * (1 << to_hdr->cmaplen) * sizeof(rle_map); +- to_hdr->cmap = (rle_map *)malloc( size ); ++ to_hdr->cmap = (rle_map *)malloc3( to_hdr->ncmap, 1<cmaplen, sizeof(rle_map)); + RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->cmap, "color map" ); + memcpy( to_hdr->cmap, from_hdr->cmap, size ); + } +@@ -174,11 +182,16 @@ rle_hdr *from_hdr, *to_hdr; + int size = 0; + CONST_DECL char **cp; + for ( cp=to_hdr->comments; *cp; cp++ ) ++ { ++ overflow_add(size, 1); + size++; /* Count the comments. */ ++ } + /* Check if there are really any comments. */ + if ( size ) + { ++ overflow_add(size, 1); + size++; /* Copy the NULL pointer, too. */ ++ overflow2(size, sizeof(char *)); + size *= sizeof(char *); + to_hdr->comments = (CONST_DECL char **)malloc( size ); + RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->comments, "comments" ); +diff -up urt/rle.h.security-code urt/rle.h +--- urt/rle.h.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/rle.h 2012-04-09 15:40:03.233619414 +0200 +@@ -14,6 +14,9 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox ++ * Header declarations needed + */ + /* + * rle.h - Global declarations for Utah Raster Toolkit RLE programs. +@@ -160,6 +163,17 @@ rle_hdr /* End of typedef. * + */ + extern rle_hdr rle_dflt_hdr; + ++/* ++ * Provided by pm library ++ */ ++ ++extern void overflow_add(int, int); ++#define overflow2(a,b) __overflow2(a,b) ++extern void __overflow2(int, int); ++extern void overflow3(int, int, int); ++extern void *malloc2(int, int); ++extern void *malloc3(int, int, int); ++extern void *realloc2(void *, int, int); + + /* Declare RLE library routines. */ + +diff -up urt/rle_open_f.c.security-code urt/rle_open_f.c +--- urt/rle_open_f.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/rle_open_f.c 2012-04-09 15:40:03.234619402 +0200 +@@ -163,65 +163,7 @@ dealWithSubprocess(const char * const f + FILE ** const fpP, + bool * const noSubprocessP, + const char ** const errorP) { +- +-#ifdef NO_OPEN_PIPES + *noSubprocessP = TRUE; +-#else +- const char *cp; +- +- reapChildren(catchingChildrenP, pids); +- +- /* Real file, not stdin or stdout. If name ends in ".Z", +- * pipe from/to un/compress (depending on r/w mode). +- * +- * If it starts with "|", popen that command. +- */ +- +- cp = file_name + strlen(file_name) - 2; +- /* Pipe case. */ +- if (file_name[0] == '|') { +- pid_t thepid; /* PID from my_popen */ +- +- *noSubprocessP = FALSE; +- +- *fpP = my_popen(file_name + 1, mode, &thepid); +- if (*fpP == NULL) +- *errorP = "%s: can't invoke <<%s>> for %s: "; +- else { +- /* One more child to catch, eventually. */ +- if (*catchingChildrenP < MAX_CHILDREN) +- pids[(*catchingChildrenP)++] = thepid; +- } +- } else if (cp > file_name && *cp == '.' && *(cp + 1) == 'Z' ) { +- /* Compress case. */ +- pid_t thepid; /* PID from my_popen. */ +- const char * command; +- +- *noSubprocessP = FALSE; +- +- if (*mode == 'w') +- pm_asprintf(&command, "compress > %s", file_name); +- else if (*mode == 'a') +- pm_asprintf(&command, "compress >> %s", file_name); +- else +- pm_asprintf(&command, "compress -d < %s", file_name); +- +- *fpP = my_popen(command, mode, &thepid); +- +- if (*fpP == NULL) +- *errorP = "%s: can't invoke 'compress' program, " +- "trying to open %s for %s"; +- else { +- /* One more child to catch, eventually. */ +- if (*catchingChildrenP < MAX_CHILDREN) +- pids[(*catchingChildrenP)++] = thepid; +- } +- pm_strfree(command); +- } else { +- *noSubprocessP = TRUE; +- *errorP = NULL; +- } +-#endif + } + + +diff -up urt/rle_putcom.c.security-code urt/rle_putcom.c +--- urt/rle_putcom.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/rle_putcom.c 2012-04-09 15:40:03.234619402 +0200 +@@ -14,6 +14,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_putcom.c - Add a picture comment to the header struct. +@@ -98,12 +100,14 @@ rle_putcom(const char * const value, + const char * v; + const char ** old_comments; + int i; +- for (i = 2, cp = the_hdr->comments; *cp != NULL; ++i, ++cp) ++ for (i = 2, cp = the_hdr->comments; *cp != NULL; ++i, ++cp) { ++ overflow_add(i, 1); + if (match(value, *cp) != NULL) { + v = *cp; + *cp = value; + return v; + } ++ } + /* Not found */ + /* Can't realloc because somebody else might be pointing to this + * comments block. Of course, if this were true, then the +diff -up urt/Runput.c.security-code urt/Runput.c +--- urt/Runput.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/Runput.c 2012-04-09 15:40:03.235619390 +0200 +@@ -17,6 +17,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * Runput.c - General purpose Run Length Encoding. +@@ -202,9 +204,11 @@ RunSetup(rle_hdr * the_hdr) + if ( the_hdr->background != 0 ) + { + register int i; +- register rle_pixel *background = +- (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); ++ register rle_pixel *background; + register int *bg_color; ++ ++ overflow_add(the_hdr->ncolors,1); ++ background = (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); + /* + * If even number of bg color bytes, put out one more to get to + * 16 bit boundary. +@@ -224,7 +228,7 @@ RunSetup(rle_hdr * the_hdr) + /* Big-endian machines are harder */ + register int i, nmap = (1 << the_hdr->cmaplen) * + the_hdr->ncmap; +- register char *h_cmap = (char *)malloc( nmap * 2 ); ++ register char *h_cmap = (char *)malloc2( nmap, 2 ); + if ( h_cmap == NULL ) + { + fprintf( stderr, +diff -up urt/scanargs.c.security-code urt/scanargs.c +--- urt/scanargs.c.security-code 2012-04-09 15:31:45.000000000 +0200 ++++ urt/scanargs.c 2012-04-09 15:40:03.235619390 +0200 +@@ -38,6 +38,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + + #include +@@ -63,8 +65,8 @@ typedef int *ptr; + /* + * Storage allocation macros + */ +-#define NEW( type, cnt ) (type *) malloc( (cnt) * sizeof( type ) ) +-#define RENEW( type, ptr, cnt ) (type *) realloc( ptr, (cnt) * sizeof( type ) ) ++#define NEW( type, cnt ) (type *) malloc2( (cnt) , sizeof( type ) ) ++#define RENEW( type, ptr, cnt ) (type *) realloc2( ptr, (cnt), sizeof( type ) ) + + static CONST_DECL char * prformat( CONST_DECL char *, int ); + static int isnum( CONST_DECL char *, int, int ); +--- lib/libpbm1.c.orig 2014-06-16 21:12:28.499230631 -0400 ++++ lib/libpbm1.c 2014-06-16 21:12:55.932519324 -0400 +@@ -78,6 +78,7 @@ + } else { + pm_filepos const bytesPerRow = (cols+7)/8; + pm_filepos const needRasterSize = rows * bytesPerRow; ++ overflow2(bytesPerRow, rows); + pm_check(fileP, checkType, needRasterSize, retvalP); + } + } +--- converter/ppm/ppmtoilbm.c.orig 2014-06-16 21:23:40.061473868 -0400 ++++ converter/ppm/ppmtoilbm.c 2014-06-16 21:23:44.701466379 -0400 +@@ -185,6 +185,7 @@ + unsigned int i; + int * table; + ++ overflow_add(oldmaxval, 1); + MALLOCARRAY_NOFAIL(table, oldmaxval + 1); + for (i = 0; i <= oldmaxval; ++i) + table[i] = ROUNDDIV(i * newmaxval, oldmaxval); diff --git a/srcpkgs/netpbm/patches/netpbm-security-scripts.patch b/srcpkgs/netpbm/patches/netpbm-security-scripts.patch new file mode 100644 index 00000000000..9c3069f1667 --- /dev/null +++ b/srcpkgs/netpbm/patches/netpbm-security-scripts.patch @@ -0,0 +1,373 @@ +diff -up converter/other/anytopnm.security-scripts converter/other/anytopnm +--- converter/other/anytopnm.security-scripts 2009-12-10 08:34:36.000000000 +0100 ++++ converter/other/anytopnm 2010-03-16 21:28:09.000000000 +0100 +@@ -510,10 +510,7 @@ else + inputFile="-" + fi + +-tempdir="${TMPDIR-/tmp}/anytopnm.$$" +-mkdir -m 0700 $tempdir || \ +- { echo "Could not create temporary file. Exiting."; exit 1;} +-trap 'rm -rf $tempdir' 0 ++tempdir=$(mktemp -d -t anytopnm.XXXXXXXXXX) || exit 1 + + # Take out all spaces + # Find the filename extension for last-ditch efforts later +@@ -539,9 +536,17 @@ if [ "$filetype" = "unknown" ]; then + echo "$progname: unknown file type. " \ + "'file' says mime type is '$mimeType', " 1>&2 + echo "type description is '$typeDescription'" 1>&2 ++ if [ -d "$tempdir" ] ; then ++ rm -rf "$tempdir" ++ fi ++ + exit 1 + fi + + convertIt $file $filetype + ++if [ -d "$tempdir" ] ; then ++ rm -rf "$tempdir" ++fi ++ + exit 0 +diff -up editor/pamstretch-gen.security-scripts editor/pamstretch-gen +--- editor/pamstretch-gen.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ editor/pamstretch-gen 2010-03-16 21:28:47.000000000 +0100 +@@ -31,13 +31,9 @@ if [ "$1" = "" ]; then + exit 1 + fi + +-tempdir="${TMPDIR-/tmp}/pamstretch-gen.$$" +-mkdir -m 0700 $tempdir || \ +- { echo "Could not create temporary file. Exiting."; exit 1;} ++tempfile=$(mktemp /tmp/pnmig.XXXXXXXXXX) || exit 1 + trap 'rm -rf $tempdir' 0 1 3 15 + +-tempfile=$tempdir/pnmig +- + if ! cat $2 >$tempfile 2>/dev/null; then + echo 'pamstretch-gen: error reading file' 1>&2 + exit 1 +diff -up editor/pnmmargin.security-scripts editor/pnmmargin +--- editor/pnmmargin.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ editor/pnmmargin 2010-03-16 21:28:09.000000000 +0100 +@@ -11,15 +11,11 @@ + # documentation. This software is provided "as is" without express or + # implied warranty. + +-tempdir="${TMPDIR-/tmp}/pnmmargin.$$" +-mkdir -m 0700 $tempdir || \ +- { echo "Could not create temporary file. Exiting." 1>&2; exit 1;} +-trap 'rm -rf $tempdir' 0 1 3 15 +- +-tmp1=$tempdir/pnmm1 +-tmp2=$tempdir/pnmm2 +-tmp3=$tempdir/pnmm3 +-tmp4=$tempdir/pnmm4 ++tmpdir=$(mktemp -d -t ppmmargin.XXXXXXX) || exit 1 ++tmp1="$tmpdir/tmp1" ++tmp2="$tmpdir/tmp2" ++tmp3="$tmpdir/tmp3" ++tmp4="$tmpdir/tmp4" + + color="-gofigure" + plainopt="" +@@ -90,6 +86,7 @@ else + -white | -black ) + pnmpad $plainopt $color \ + -left=$size -right=$size -top=$size -bottom=$size $tmp1 ++ rm -rf "$tmpdir" + exit + ;; + * ) +diff -up editor/ppmfade.security-scripts editor/ppmfade +--- editor/ppmfade.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ editor/ppmfade 2010-03-16 21:28:09.000000000 +0100 +@@ -14,6 +14,7 @@ + # + #-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- + use strict; ++use File::Temp "tempdir"; + + my $SPREAD = 1; + my $SHIFT = 2; +@@ -111,20 +112,26 @@ if ($first_file ne "undefined") { + + print("Frames are " . $width . "W x " . $height . "H\n"); + ++# ++# We create a tmp-directory right here ++# ++my $tmpdir = tempdir("ppmfade.XXXXXX", CLEANUP => 1); ++ ++ + if ($first_file eq "undefined") { + print "Fading from black to "; +- system("ppmmake \\#000 $width $height >junk1$$.ppm"); ++ system("ppmmake \\#000 $width $height >$tmpdir/junk1$$.ppm"); + } else { + print "Fading from $first_file to "; +- system("cp", $first_file, "junk1$$.ppm"); ++ system("cp", $first_file, "$tmpdir/junk1$$.ppm"); + } + + if ($last_file eq "undefined") { + print "black.\n"; +- system("ppmmake \\#000 $width $height >junk2$$.ppm"); ++ system("ppmmake \\#000 $width $height >$tmpdir/junk2$$.ppm"); + } else { + print "$last_file\n"; +- system("cp", $last_file, "junk2$$.ppm"); ++ system("cp", $last_file, "$tmpdir/junk2$$.ppm"); + } + + # +@@ -132,14 +139,14 @@ if ($last_file eq "undefined") { + # + + # Here's what our temporary files are: +-# junk1$$.ppm: The original (fade-from) image +-# junk2$$.ppm: The target (fade-from) image +-# junk3$$.ppm: The frame of the fade for the current iteration of the +-# the for loop. +-# junk1a$$.ppm: If the fade involves a ppmmix sequence from one intermediate +-# image to another, this is the first frame of that +-# sequence. +-# junk2a$$.ppm: This is the last frame of the above-mentioned ppmmix sequence ++# $tmpdir/junk1$$.ppm: The original (fade-from) image ++# $tmpdir/junk2$$.ppm: The target (fade-from) image ++# $tmpdir/junk3$$.ppm: The frame of the fade for the current iteration of the ++# the for loop. ++# $tmpdir/junk1a$$.ppm: If the fade involves a ppmmix sequence from one intermediate ++# image to another, this is the first frame of that ++# sequence. ++# $tmpdir/junk2a$$.ppm: This is the last frame of the above-mentioned ppmmix sequence + + my $i; # Frame number + for ($i = 1; $i <= $nframes; $i++) { +@@ -147,147 +154,147 @@ for ($i = 1; $i <= $nframes; $i++) { + if ($mode eq $SPREAD) { + if ($i <= 10) { + my $n = $spline20[$i] * 100; +- system("ppmspread $n junk1$$.ppm >junk3$$.ppm"); ++ system("ppmspread $n $tmpdir/junk1$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n; + $n = $spline20[$i] * 100; +- system("ppmspread $n junk1$$.ppm >junk1a$$.ppm"); ++ system("ppmspread $n $tmpdir/junk1$$.ppm >$tmpdir/junk1a$$.ppm"); + $n = (1-$spline20[$i-10]) * 100; +- system("ppmspread $n junk2$$.ppm >junk2a$$.ppm"); ++ system("ppmspread $n $tmpdir/junk2$$.ppm >$tmpdir/junk2a$$.ppm"); + $n = $spline10[$i-10]; +- system("ppmmix $n junk1a$$.ppm junk2a$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1a$$.ppm $tmpdir/junk2a$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = (1-$spline20[$i-10])*100; +- system("ppmspread $n junk2$$.ppm >junk3$$.ppm"); ++ system("ppmspread $n $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + } elsif ($mode eq $SHIFT) { + if ($i <= 10) { + my $n = $spline20[$i] * 100; +- system("ppmshift $n junk1$$.ppm >junk3$$.ppm"); ++ system("ppmshift $n $tmpdir/junk1$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n; + $n = $spline20[$i] * 100; +- system("ppmshift $n junk1$$.ppm >junk1a$$.ppm"); ++ system("ppmshift $n $tmpdir/junk1$$.ppm >$tmpdir/junk1a$$.ppm"); + $n = (1-$spline20[$i-10])*100; +- system("ppmshift $n junk2$$.ppm >junk2a$$.ppm"); ++ system("ppmshift $n $tmpdir/junk2$$.ppm >$tmpdir/junk2a$$.ppm"); + $n = $spline10[$i-10]; +- system("ppmmix $n junk1a$$.ppm junk2a$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1a$$.ppm $tmpdir/junk2a$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = (1-$spline20[$i-10]) * 100; +- system("ppmshift $n junk2$$.ppm >junk3$$.ppm"); ++ system("ppmshift $n $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + } elsif ($mode eq $RELIEF) { + if ($i == 1) { +- system("ppmrelief junk1$$.ppm >junk1r$$.ppm"); ++ system("ppmrelief $tmpdir/junk1$$.ppm >$tmpdir/junk1r$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1r$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1r$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1r$$.ppm junk2r$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1r$$.ppm $tmpdir/junk2r$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2r$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2r$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmrelief junk2$$.ppm >junk2r$$.ppm"); ++ system("ppmrelief $tmpdir/junk2$$.ppm >$tmpdir/junk2r$$.ppm"); + } + } elsif ($mode eq $OIL) { + if ($i == 1) { +- system("ppmtopgm junk1$$.ppm | pgmoil >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk1o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk1$$.ppm | pgmoil >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk1o$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1o$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1o$$.ppm junk2o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1o$$.ppm $tmpdir/junk2o$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2o$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2o$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmtopgm junk2$$.ppm | pgmoil >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk2o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk2$$.ppm | pgmoil >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk2o$$.ppm"); + } + } elsif ($mode eq $EDGE) { + if ($i == 1) { +- system("ppmtopgm junk1$$.ppm | pgmedge >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk1o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk1$$.ppm | pgmedge >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk1o$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1o$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1o$$.ppm junk2o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1o$$.ppm $tmpdir/junk2o$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2o$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2o$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmtopgm junk2$$.ppm | pgmedge >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk2o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk2$$.ppm | pgmedge >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk2o$$.ppm"); + } + } elsif ($mode eq $BENTLEY) { + if ($i == 1) { +- system("ppmtopgm junk1$$.ppm | pgmbentley >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk1o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk1$$.ppm | pgmbentley >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk1o$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1o$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1o$$.ppm junk2o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1o$$.ppm $tmpdir/junk2o$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2o$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2o$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmtopgm junk2$$.ppm | pgmbentley >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk2o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk2$$.ppm | pgmbentley >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk2o$$.ppm"); + } + } elsif ($mode eq $BLOCK) { + if ($i <= 10) { + my $n = 1 - 1.9*$spline20[$i]; +- system("pamscale $n junk1$$.ppm | " . +- "pamscale -width $width -height $height >junk3$$.ppm"); ++ system("pamscale $n $tmpdir/junk1$$.ppm | " . ++ "pamscale -width $width -height $height >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1a$$.ppm junk2a$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1a$$.ppm $tmpdir/junk2a$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = 1 - 1.9*$spline20[31-$i]; +- system("pamscale $n junk2$$.ppm | " . +- "pamscale -width $width -height $height >junk3$$.ppm"); ++ system("pamscale $n $tmpdir/junk2$$.ppm | " . ++ "pamscale -width $width -height $height >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("cp", "junk3$$.ppm", "junk1a$$.ppm"); +- system("pamscale $n junk2$$.ppm | " . +- "pamscale -width $width -height $height >junk2a$$.ppm"); ++ system("cp", "$tmpdir/junk3$$.ppm", "$tmpdir/junk1a$$.ppm"); ++ system("pamscale $n $tmpdir/junk2$$.ppm | " . ++ "pamscale -width $width -height $height >$tmpdir/junk2a$$.ppm"); + } + } elsif ($mode eq $MIX) { + my $fade_factor = sqrt(1/($nframes-$i+1)); +- system("ppmmix $fade_factor junk1$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $fade_factor $tmpdir/junk1$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + print("Internal error: impossible mode value '$mode'\n"); + } + + my $outfile = sprintf("%s.%04d.ppm", $base_name, $i); +- system("cp", "junk3$$.ppm", $outfile); ++ system("cp", "$tmpdir/junk3$$.ppm", $outfile); + } + + # + # Clean up shop. + # +-system("rm junk*$$.ppm"); ++system("rm $tmpdir/junk*$$.ppm"); + + exit(0); +diff -up editor/ppmshadow.security-scripts editor/ppmshadow +--- editor/ppmshadow.security-scripts 2009-12-10 08:34:32.000000000 +0100 ++++ editor/ppmshadow 2010-03-16 21:28:09.000000000 +0100 +@@ -72,9 +72,10 @@ sub makeConvolutionKernel($$) { + + + my $tmpdir = $ENV{TMPDIR} || "/tmp"; +-my $ourtmp = "$tmpdir/ppmshadow$$"; +-mkdir($ourtmp, 0777) or +- die("Unable to create directory for temporary files '$ourtmp"); ++my $ourtmp; chomp($ourtmp = `mktemp -d -t PPMshadow.XXXXXX`); ++if ($? >> 8) { ++ die "Can't create directory for temporary files"; ++} + + # Process command line options + +--- editor/pnmmargin.orig 2014-06-16 21:30:27.480812666 -0400 ++++ editor/pnmmargin 2014-06-16 21:30:41.500789921 -0400 +@@ -101,3 +101,4 @@ + fi + + ++rm -rf "$tmpdir" diff --git a/srcpkgs/netpbm/template b/srcpkgs/netpbm/template new file mode 100644 index 00000000000..cda23130570 --- /dev/null +++ b/srcpkgs/netpbm/template @@ -0,0 +1,35 @@ +# Template file for 'netpbm' +pkgname=netpbm +version=10.66.03 +revision=1 +wrksrc=advanced +makedepends="pkg-config perl python flex libjpeg-turbo-devel tiff-devel libpng-devel zlib-devel libxml2-devel libX11-devel" +depends="" +short_desc="Toolkit for manipulation of graphic images" +maintainer="Christian Neukirchen " +license="BSD,GPL,LGPL,custom" +homepage="http://netpbm.sourceforge.net/" +distfiles="ftp://ftp.archlinux.org/other/packages/$pkgname/$pkgname-$version.tar.xz + ftp://ftp.archlinux.org/other/packages/$pkgname/$pkgname-doc-31Jan2014.tar.xz" +checksum="705551823155dcfebdb6b914447769a62eefd7157efd1dae925b36fb7cc647b1 + 74bcf840ee643c6917330c382484010cb99c004a3fcf05391bebcac63815acb3" + +do_configure() { + cat config.mk.in ${FILESDIR}/config.mk >config.mk + sed -i 's|/link|/lib|' lib/Makefile + sed -i 's|install.manwebmain install.manweb install.man|install.man|' GNUmakefile +} + +do_build() { + make ${makejobs} + make MAKEMAN="${PWD}/buildtools/makeman" USERGUIDE=. \ + -C ../doc -f "${PWD}/buildtools/manpage.mk" manpages +} + +do_install() { + make pkgdir=$DESTDIR/usr PKGMANDIR=share/man install-run install-dev + rm $DESTDIR/usr/share/man/man?/* + make MAKEMAN="${PWD}/buildtools/makeman" MANDIR="$DESTDIR/usr/share/man" \ + -C ../doc -f "${PWD}/buildtools/manpage.mk" installman + vinstall doc/copyright_summary 644 usr/share/licenses/$pkgname +} diff --git a/srcpkgs/nmh/template b/srcpkgs/nmh/template new file mode 100644 index 00000000000..c097f2cd5fd --- /dev/null +++ b/srcpkgs/nmh/template @@ -0,0 +1,44 @@ +# Template file for 'nmh' +pkgname=nmh +version=1.6 +revision=1 +build_style=gnu-configure +configure_args="--sysconfdir=/etc/nmh --libdir=/usr/libexec/nmh --with-cyrus-sasl --with-tls" +makedepends="ncurses-devel db-devel libsasl-devel openssl-devel" +depends="" +conf_files="etc/nmh/MailAliases + etc/nmh/components + etc/nmh/digestcomps + etc/nmh/distcomps + etc/nmh/forwcomps + etc/nmh/mhl.body + etc/nmh/mhl.digest + etc/nmh/mhl.format + etc/nmh/mhl.forward + etc/nmh/mhl.headers + etc/nmh/mhl.reply + etc/nmh/mhn.defaults + etc/nmh/mts.conf + etc/nmh/rcvdistcomps + etc/nmh/rcvdistcomps.outbox + etc/nmh/replcomps + etc/nmh/replgroupcomps + etc/nmh/scan.MMDDYY + etc/nmh/scan.YYYYMMDD + etc/nmh/scan.default + etc/nmh/scan.mailx + etc/nmh/scan.nomime + etc/nmh/scan.size + etc/nmh/scan.time + etc/nmh/scan.timely + etc/nmh/scan.unseen" +short_desc="Message Handling System (New RAND Mail Handler)" +maintainer="Christian Neukirchen " +license="BSD" +homepage="http://www.nongnu.org/nmh/" +distfiles="http://download.savannah.gnu.org/releases/$pkgname/$pkgname-1.6.tar.gz" +checksum=29338ae2bc8722fe8a5904b7b601a63943b72b07b6fcda53f3a354edb6a64bc3 + +post_install() { + vinstall COPYRIGHT 644 usr/share/licenses/$pkgname LICENSE +} diff --git a/srcpkgs/nzbget/template b/srcpkgs/nzbget/template new file mode 100644 index 00000000000..1b00690f9dd --- /dev/null +++ b/srcpkgs/nzbget/template @@ -0,0 +1,14 @@ +# Template file for 'nzbget' +pkgname=nzbget +version=12.0 +revision=1 +build_style=gnu-configure +configure_args="--disable-parcheck --with-tlslib=OpenSSL" +makedepends="pkg-config libxml2-devel ncurses-devel openssl-devel" +depends="" +short_desc="Download from Usenet using .nzb files" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://nzbget.net/" +distfiles="${SOURCEFORGE_SITE}/$pkgname/files/$pkgname-$version.tar.gz" +checksum=023c4e3b9c7e920d9ea72b60135b438ce13543454f79984c06fd15365b9a882e diff --git a/srcpkgs/opam/template b/srcpkgs/opam/template new file mode 100644 index 00000000000..761f70292a4 --- /dev/null +++ b/srcpkgs/opam/template @@ -0,0 +1,15 @@ +# Template file for 'opam' +pkgname=opam +version=1.1.1 +revision=1 +build_style=gnu-configure +disable_parallel_build=yes +wrksrc=$pkgname-full-$version +depends="ocaml curl" +makedepends="ncurses-devel $depends" +short_desc="OCaml package manager" +maintainer="Christian Neukirchen " +license="LGPL-3" +homepage="http://opam.ocamlpro.com" +distfiles="http://www.ocamlpro.com/pub/$pkgname-full-$version.tar.gz" +checksum=bfcb78109cf88612b5170b25bb96aa576ed3908c8a68b9164a7ae16f9f59ae38 diff --git a/srcpkgs/par/template b/srcpkgs/par/template new file mode 100644 index 00000000000..402bc7c02f5 --- /dev/null +++ b/srcpkgs/par/template @@ -0,0 +1,20 @@ +# Template file for 'par' +pkgname=par +version=1.52 +revision=1 +build_style=gnu-configure +wrksrc=Par152 +short_desc="Paragraph reformatter" +maintainer="Christian Neukirchen " +license="custom" +homepage="http://www.nicemice.net/par/" +distfiles="http://www.nicemice.net/par/Par152-autoconf.tar.gz + http://www.nicemice.net/par/Par152.tar.gz" +checksum="034fb943236523629eefee0a33fc6afb5b881648a2fc5c6bef7fd1b89ce44d34 + 33dcdae905f4b4267b4dc1f3efb032d79705ca8d2122e17efdecfd8162067082" + +do_install() { + vinstall par 755 usr/bin + vinstall par.1 644 usr/share/man/man1 + vinstall par.doc 644 usr/share/licenses/$pkgname +} diff --git a/srcpkgs/plan9port/files/plan9.sh b/srcpkgs/plan9port/files/plan9.sh new file mode 100644 index 00000000000..de3c0027f99 --- /dev/null +++ b/srcpkgs/plan9port/files/plan9.sh @@ -0,0 +1,4 @@ +export PLAN9=/opt/plan9 +export PATH=$PATH:$PLAN9/bin +export ROOTPATH=$ROOTPATH:$PLAN9/bin +export MANPATH=$MANPATH:$PLAN9/man diff --git a/srcpkgs/plan9port/template b/srcpkgs/plan9port/template new file mode 100644 index 00000000000..3c365e6458d --- /dev/null +++ b/srcpkgs/plan9port/template @@ -0,0 +1,32 @@ +# Template file for 'plan9port' +pkgname=plan9port +version=20140306 +revision=1 +wrksrc=$pkgname +makedepends="which libX11-devel libXt-devel libXext-devel freetype-devel fontconfig-devel" +depends="" +short_desc="Port of many Plan 9 programs to Unix-like operating systems" +maintainer="Christian Neukirchen " +license="GPL-3" +homepage="http://swtch.com/plan9port/" +distfiles="https://$pkgname.googlecode.com/files/$pkgname-$version.tgz" +checksum=cbb826cde693abdaa2051c49e7ebf75119bf2a4791fe3b3229f1ac36a408eaeb + +do_build() { + ./INSTALL +} + +do_install() { + xargs -a lib/moveplan9.files -d'\n' sed -i "s#$wrksrc#/opt/plan9#" + + vinstall $FILESDIR/plan9.sh 644 etc/profile.d + vinstall LICENSE 644 usr/share/doc/$pkgname + vinstall README 644 usr/share/doc/$pkgname + vinstall CHANGES 644 usr/share/doc/$pkgname + vinstall CONTRIBUTORS 644 usr/share/doc/$pkgname + + vmkdir opt + cp -a $wrksrc $DESTDIR/opt/plan9 + cd $DESTDIR/opt/plan9 + rm install.{log,sum} .xbps* +} diff --git a/srcpkgs/pv/template b/srcpkgs/pv/template new file mode 100644 index 00000000000..fa7dd153270 --- /dev/null +++ b/srcpkgs/pv/template @@ -0,0 +1,11 @@ +# Template file for 'pv' +pkgname=pv +version=1.5.3 +revision=1 +build_style=gnu-configure +short_desc="Monitor the progress of data through a pipeline" +maintainer="Christian Neukirchen " +license="Artistic" +homepage="http://www.ivarch.com/programs/pv.shtml" +distfiles="http://www.ivarch.com/programs/sources/$pkgname-$version.tar.bz2" +checksum=76f3999b1c3b3027163dce6ef667cdf8dafb75218ee25e54a03bfe590478f90e diff --git a/srcpkgs/qiv/template b/srcpkgs/qiv/template new file mode 100644 index 00000000000..1cad30e811a --- /dev/null +++ b/srcpkgs/qiv/template @@ -0,0 +1,24 @@ +# Template file for 'qiv' +pkgname=qiv +version=2.3.1 +revision=1 +build_style=gnu-makefile +hostmakedepends="pkg-config" +makedepends="file-devel gtk+-devel libexif-devel lcms2-devel imlib2-devel" +depends="file" +short_desc="Quick Image Viewer" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://spiegl.de/qiv/" +distfiles="http://spiegl.de/qiv/download/$pkgname-$version.tgz" +checksum=675396b539e6511135fe73c867f9fdd6d912c24c7562797cb047c27d0c2c8ee6 + +do_configure() { + sed -i "s|\./qiv|echo &|" Makefile + sed -i "s|/man/|/share&|" Makefile + sed -i "s|install -s|install|" Makefile +} + +do_install() { + make install PREFIX=$DESTDIR/usr +} diff --git a/srcpkgs/rc/patches/quoting-fix.patch b/srcpkgs/rc/patches/quoting-fix.patch new file mode 100644 index 00000000000..48490f2d59d --- /dev/null +++ b/srcpkgs/rc/patches/quoting-fix.patch @@ -0,0 +1,24 @@ +--- tree.c 2001-10-01 09:21:08.000000000 -0300 ++++ tree.c.new 2007-09-30 00:36:37.968464448 -0300 +@@ -81,8 +81,9 @@ + n->u[2].i = s->u[2].i; + break; + case nWord: +- n = (*alloc)(offsetof(Node, u[2])); ++ n = (*alloc)(offsetof(Node, u[3])); + n->u[0].s = strcpy((char *) (*alloc)(strlen(s->u[0].s) + 1), s->u[0].s); ++ n->u[2].i = s->u[2].i; + if (s->u[1].s != NULL) { + size_t i = strlen(s->u[0].s); + n->u[1].s = (*alloc)(i); +--- footobar.c 2001-10-12 06:10:27.000000000 -0300 ++++ footobar.c.new 2007-09-30 00:39:06.458259082 -0300 +@@ -73,7 +73,7 @@ + case nForin: fmtprint(f, "for(%T in %T)%T", n->u[0].p, n->u[1].p, n->u[2].p); break; + case nVarsub: fmtprint(f, "$%T(%T)", n->u[0].p, n->u[1].p); break; + case nWord: +- fmtprint(f, quotep(n->u[0].s, dollar) ? "%#S" : "%S", n->u[0].s); ++ fmtprint(f, n->u[2].i || quotep(n->u[0].s, dollar) ? "%#S" : "%S", n->u[0].s); + break; + case nLappend: { + static bool inlist; diff --git a/srcpkgs/rc/template b/srcpkgs/rc/template new file mode 100644 index 00000000000..5d7ac6fa826 --- /dev/null +++ b/srcpkgs/rc/template @@ -0,0 +1,14 @@ +# Template file for 'rc' +pkgname=rc +version=1.7.1 +revision=1 +build_style=gnu-configure +configure_args="--with-readline" +makedepends="readline-devel" +depends="" +short_desc="An alternative implementation of the plan 9 rc shell" +maintainer="Christian Neukirchen " +license="custom" +homepage="http://tobold.org/article/rc" +distfiles="http://static.tobold.org/$pkgname/$pkgname-$version.tar.gz" +checksum=1cff23e897a038422458ba01567a5a2650935205862c3bbf73e773807c248240 diff --git a/srcpkgs/rlwrap/template b/srcpkgs/rlwrap/template new file mode 100644 index 00000000000..a9d7cce078d --- /dev/null +++ b/srcpkgs/rlwrap/template @@ -0,0 +1,13 @@ +# Template file for 'rlwrap' +pkgname=rlwrap +version=0.41 +revision=1 +build_style=gnu-configure +makedepends="readline-devel" +depends="perl" +short_desc="Adds readline-style editing and history to programs" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://utopia.knoware.nl/~hlub/uck/rlwrap/" +distfiles="http://utopia.knoware.nl/~hlub/uck/rlwrap/$pkgname-$version.tar.gz" +checksum=34497647b68df4ee031acf4ef80c09c79fe02b9027e8988a64e13f9ebc17c20a diff --git a/srcpkgs/tidy-devel b/srcpkgs/tidy-devel new file mode 120000 index 00000000000..52a9e8c12ad --- /dev/null +++ b/srcpkgs/tidy-devel @@ -0,0 +1 @@ +tidy \ No newline at end of file diff --git a/srcpkgs/tidy/template b/srcpkgs/tidy/template new file mode 100644 index 00000000000..c1b8f4fafb3 --- /dev/null +++ b/srcpkgs/tidy/template @@ -0,0 +1,25 @@ +# Template file for 'tidy' +pkgname=tidy +version=1.46 +wrksrc=tidyhtml-$version/tidy +hostmakedepends="libtool automake autoconf" +revision=1 +build_style=gnu-configure +short_desc="A tool to tidy down your HTML code to a clean style" +maintainer="Christian Neukirchen " +license="custom" +homepage="http://tidy.sourceforge.net/" +distfiles="ftp://ftp.archlinux.org/other/tidyhtml/tidyhtml-1.46.tar.bz2" +checksum=0555085b98238b7c36c5536a5c71b949fef3b58250b12cc51e5713a662aba7fe + +pre_configure() { + sh build/gnuauto/setup.sh +} + +tidy-devel_package() { + short_desc+=" - development files" + pkg_install() { + vmove usr/include + vmove usr/lib/"*.a" + } +} diff --git a/srcpkgs/unclutter/template b/srcpkgs/unclutter/template new file mode 100644 index 00000000000..8e9f29dc53f --- /dev/null +++ b/srcpkgs/unclutter/template @@ -0,0 +1,21 @@ +# Template file for 'unclutter' +pkgname=unclutter +version=8 +revision=1 +wrksrc=$pkgname +makedepends="libX11-devel" +short_desc="A small program for hiding the mouse cursor" +maintainer="Christian Neukirchen " +license="PD" +homepage="http://ftp.x.org/contrib/utilities/unclutter-8.README" +distfiles="http://ftp.x.org/contrib/utilities/$pkgname-$version.tar.Z>$pkgname-$version.tar.gz" +checksum=b855a78d4465ab2f86287eacac63a73f1504b08522840aa37718776e7ec9192a + +do_build() { + make CC="$CC" CFLAGS="$CFLAGS" INSTPGMFLAGS= +} + +do_install() { + vinstall unclutter 755 usr/bin + vinstall unclutter.man 644 usr/share/man/man1 unclutter.1 +} diff --git a/srcpkgs/xbindkeys/template b/srcpkgs/xbindkeys/template new file mode 100644 index 00000000000..9deb6b2053f --- /dev/null +++ b/srcpkgs/xbindkeys/template @@ -0,0 +1,13 @@ +# Template file for 'xbindkeys' +pkgname=xbindkeys +version=1.8.6 +revision=1 +build_style=gnu-configure +makedepends="pkg-config libX11-devel guile-devel guile gc-devel" +depends="guile" +short_desc="Launch shell commands with your keyboard or your mouse under X" +maintainer="Christian Neukirchen " +license="GPL-2" +homepage="http://www.nongnu.org/xbindkeys/xbindkeys.html" +distfiles="http://www.nongnu.org/${pkgname}/${pkgname}-${version}.tar.gz" +checksum=6c0d18be19fc19ab9b4595edf3a23c0a6946c8a5eb5c1bc395471c8f9a710d18 diff --git a/srcpkgs/xdotool/template b/srcpkgs/xdotool/template new file mode 100644 index 00000000000..22fa904a0fb --- /dev/null +++ b/srcpkgs/xdotool/template @@ -0,0 +1,16 @@ +# Template file for 'xdotool' +pkgname=xdotool +version=2.20110530.1 +revision=1 +build_style=gnu-makefile +hostmakedepends="perl" +makedepends="libXtst-devel libXinerama-devel" +make_build_target="all static" +make_install_args="INSTALLMAN=$DESTDIR/usr/share/man" +make_install_target="install-static installman" +short_desc="Command-line X11 automation tool" +maintainer="Christian Neukirchen " +license="BSD" +homepage="http://www.semicomplete.com/projects/xdotool/" +distfiles="http://semicomplete.googlecode.com/files/$pkgname-$version.tar.gz" +checksum=e7b42c8b1d391970e1c1009b256033f30e57d8e0a2a3de229fd61ecfc27baf67 diff --git a/srcpkgs/xlbiff/template b/srcpkgs/xlbiff/template new file mode 100644 index 00000000000..0c75f041781 --- /dev/null +++ b/srcpkgs/xlbiff/template @@ -0,0 +1,24 @@ +# Template file for 'xlbiff' +pkgname=xlbiff +version=4.1 +revision=1 +makedepends="libX11-devel libXaw-devel" +short_desc="X Literate Biff, a mail notifier" +maintainer="Christian Neukirchen " +license="PD" +homepage="http://www.edsantiago.com/xlbiff/" +distfiles="http://www.edsantiago.com/xlbiff/$pkgname-$version.tar.gz" +checksum=ca758c186d8fbe3505b86ba7aea21c6e20733a5b37e6ff5c308f09e8425e4697 + +do_build() { + make -f Makefile.std MHLIBDIR=/etc/nmh CC="$CC" DEBUG="$CFLAGS" + sed -n 2,30p xlbiff.c >LICENSE +} + +do_install() { + vinstall xlbiff 755 usr/bin + vinstall xlbiff.man 644 usr/share/man/man1 xlbiff.1 + vinstall xlbiff.form 644 etc/nmh + vinstall XLbiff.ad 644 usr/lib/X11/app-defaults + vinstall LICENSE 644 usr/share/licenses/$pkgname +}