rpms/autotrace
7
0
Fork 0
Code Issues Pull Requests Releases Activity

autotrace 0.31.9 (API/ABI compatible)

Browse Source 
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
This commit is contained in:
Peter Lemenkov 2022-08-30 21:05:29 +02:00
parent 9360ae01ba
commit c5b859dd94
12 changed files with 31 additions and 303 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
autotrace-0.31.1.tar.gz
/autotrace-0.31.9.tar.gz

12
autotrace-0.31.1-CVE-2013-1953.patch
View File

@ -1,12 +0,0 @@
diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
--- autotrace-0.31.1/input-bmp.c.orig 2002-10-10 22:44:08.000000000 +0200
+++ autotrace-0.31.1/input-bmp.c 2013-06-28 10:24:58.336056959 +0200
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
/* 36 */
Maps = 4;
}
- else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
+ else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
{
if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
{

16
autotrace-0.31.1-CVE-2016-7392.patch
View File

@ -1,16 +0,0 @@
Subject: Fix heap-based buffer overflow in pstoedit_suffix_table_init
ID: CVE-2016-7392
Author: unknown (taken from DLA-621-1)
Bug-Debian: https://bugs.debian.org/837599
--- a/output-pstoedit.c
+++ b/output-pstoedit.c
@@ -84,7 +84,7 @@
dd_tmp = dd_start;
while (dd_tmp->symbolicname)
dd_tmp++;
- XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
+ XMALLOC(pstoedit_suffix_table, sizeof(char *) * (2 * (dd_tmp - dd_start) + 1));
#if defined (OUTPUT_PSTOEDIT_DEBUG) && defined(__GNUC__)
fprintf(stderr, "OUTPUT PSTOEDIT BACKEND DEBUG(%s)\n", __FUNCTION__);

17
autotrace-0.31.1-CVE-2019-19004.patch
View File

@ -1,17 +0,0 @@
diff -urN autotrace-0.31.1.old/input-bmp.c autotrace-0.31.1/input-bmp.c
--- autotrace-0.31.1.old/input-bmp.c 2021-04-30 15:03:16.264446518 +0530
+++ autotrace-0.31.1/input-bmp.c 2021-04-30 15:06:14.682051209 +0530
@@ -220,6 +220,13 @@
* word length (32 bits == 4 bytes)
*/
+ unsigned long overflowTest = Bitmap_Head.biWidth * Bitmap_Head.biBitCnt;
+ if (overflowTest / Bitmap_Head.biWidth != Bitmap_Head.biBitCnt) {
+ LOG("Error reading BMP file header. Width is too large\n");
+ at_exception_fatal(&exp, "Error reading BMP file header. Width is too large");
+ goto cleanup;
+ }
+
rowbytes= ( (Bitmap_Head.biWidth * Bitmap_Head.biBitCnt - 1) / 32) * 4 + 4;
#ifdef DEBUG

35
autotrace-0.31.1-CVE-2019-19005.patch
View File

@ -1,35 +0,0 @@
diff -urN autotrace-0.31.1.old/xstd.h autotrace-0.31.1/xstd.h
--- autotrace-0.31.1.old/xstd.h 2002-10-11 02:14:17.000000000 +0530
+++ autotrace-0.31.1/xstd.h 2021-04-30 15:22:25.853589944 +0530
@@ -20,6 +20,7 @@
#define XMALLOC(new_mem, size) \
do \
{ \
+ assert(size); \
new_mem = (at_address) malloc (size); \
assert(new_mem); \
} while (0)
@@ -28,6 +29,7 @@
#define XCALLOC(new_mem, size) \
do \
{ \
+ assert(size); \
new_mem = (at_address) calloc (size, 1); \
assert(new_mem); \
} while (0)
@@ -55,6 +57,7 @@
#define XMALLOC(new_mem, size) \
do \
{ \
+ assert(size); \
(at_address&)(new_mem) = (at_address) malloc (size); \
assert(new_mem); \
} while (0)
@@ -63,6 +66,7 @@
#define XCALLOC(new_mem, sizex) \
do \
{ \
+ assert(size); \
(at_address&)(new_mem) = (void *) calloc (sizex, 1); \
assert(new_mem); \
} while (0)

20
autotrace-0.31.1-multilib-fix.patch
View File

@ -1,20 +0,0 @@
diff -up autotrace-0.31.1/autotrace-config.in.orig autotrace-0.31.1/autotrace-config.in
--- autotrace-0.31.1/autotrace-config.in.orig 2002-11-08 19:18:31.000000000 +0100
+++ autotrace-0.31.1/autotrace-config.in 2013-07-19 10:05:14.516133368 +0200
@@ -4,6 +4,7 @@ af_libs=
af_cflags=
prefix=@prefix@
exec_prefix=@exec_prefix@
+libdir=`pkg-config --variable=libdir autotrace`
##
@@ -205,7 +206,7 @@ fi
#dummy because this should always be selected
af_cflags="$af_cflags -I@includedir@"
-af_libs="-L@libdir@ -lautotrace @LIBPNG_LDFLAGS@ @MAGICK_LDFLAGS@ @LIBSWF_LDFLAGS@ @LIBPSTOEDIT_LIBS@ $af_libs"
+af_libs="-L$libdir -lautotrace @LIBPNG_LDFLAGS@ @MAGICK_LDFLAGS@ @LIBSWF_LDFLAGS@ @LIBPSTOEDIT_LIBS@ $af_libs"

33
autotrace-0.31.1-pstoedit-detection-fix.patch
View File

@ -1,33 +0,0 @@
--- autotrace-0.31.1.orig/configure.in
+++ autotrace-0.31.1/configure.in
@@ -282,8 +300,12 @@ AC_CHECK_LIB(dl,main,[LIBLD_LDFLAGS=-ldl
if test "x${LIBLD_LDFLAGS}" != x; then
LIBPSTOEDIT_EXTRA_LIBS="${LIBPSTOEDIT_EXTRA_LIBS} ${LIBLD_LDFLAGS}"
fi
-
-echo '*** Checking pstoedit existence TWICE(if needed) ***'
+
+echo '*** Checking pstoedit existence THRICE(if needed)***'
+echo '*** This is the 0th check ***'
+PKG_CHECK_MODULES(LIBPSTOEDIT,[pstoedit >= 3.32.1],HAVE_LIBPSTOEDIT_321=yes)
+if test ${HAVE_LIBPSTOEDIT_321} != yes; then
+ echo '*** The 0th check failed ***'
echo '*** This is the 1st check ***'
AM_PATH_PSTOEDIT(3.32.1,HAVE_LIBPSTOEDIT_321=yes)
if test ${HAVE_LIBPSTOEDIT_321} != yes; then
@@ -310,6 +332,15 @@ else
LIBPSTOEDIT_LIBS="${PSTOEDIT_LIBS} ${LIBPSTOEDIT_EXTRA_LIBS}"
LIBPSTOEDIT_CFLAGS="${PSTOEDIT_CFLAGS}"
fi
+else
+ echo '*** The 0th check is passed. ***'
+ HAVE_LIBPSTOEDIT=yes
+
+ # Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1415258
+ LIBPSTOEDIT_LIBS="${LIBPSTOEDIT_LIBS/@LIBPNG_LDFLAGS@/-lpng}"
+
+ AC_DEFINE(HAVE_LIBPSTOEDIT)
+fi
if test ${HAVE_LIBPSTOEDIT} = yes; then
AC_CHECK_FUNCS([mkstemp])

29
autotrace-0001-Modify-GetOnePixel-usage-to-build-against-current-Im.patch
View File

@ -1,29 +0,0 @@
From 296538ef2754df0c6e704ac172854816d4ff5cd2 Mon Sep 17 00:00:00 2001
From: Caolan McNamara <caolanm@fedoraproject.org>
Date: Mon, 2 Mar 2009 12:21:34 +0000
Subject: [PATCH 1/3] Modify GetOnePixel usage to build against current
ImageMagick api
---
input-magick.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/input-magick.c b/input-magick.c
index 51c6409..bc36b8f 100644
--- a/input-magick.c
+++ b/input-magick.c
@@ -83,7 +83,11 @@ at_bitmap_type input_magick_reader(at_string filename,
for(j=0,runcount=0,point=0;j<image->rows;j++)
for(i=0;i<image->columns;i++) {
+#if (MagickLibVersion < 0x0645) || (MagickLibVersion >= 0x0649)
p=GetOnePixel(image,i,j);
+#else
+ GetOnePixel(image,i,j,pixel);
+#endif
AT_BITMAP_BITS(bitmap)[point++]=pixel->red; /* if gray: red=green=blue */
if(np==3) {
AT_BITMAP_BITS(bitmap)[point++]=pixel->green;
--
1.7.11.2

31
autotrace-0002-Fixed-underquoted-AM_PATH_AUTOTRACE-definition.patch
View File

@ -1,31 +0,0 @@
From c3410ede752b3b0a092a2a4d196f4a6ccf8c3a10 Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <peter@fedoraproject.org>
Date: Mon, 27 Jul 2009 14:20:46 +0000
Subject: [PATCH 2/3] Fixed underquoted AM_PATH_AUTOTRACE definition
See rhbz #477980 for the details:
* https://bugzilla.redhat.com/477980
Reported-by: Jerry James <loganjerry@gmail.com>
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
---
autotrace.m4 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/autotrace.m4 b/autotrace.m4
index 4b16a77..11d6276 100644
--- a/autotrace.m4
+++ b/autotrace.m4
@@ -4,7 +4,7 @@
dnl AM_PATH_AUTOTRACE([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]])
dnl Test to see if libautotrace is installed, and define AUTOTRACE_CFLAGS, LIBS
dnl
-AC_DEFUN(AM_PATH_AUTOTRACE,
+AC_DEFUN([AM_PATH_AUTOTRACE],
[dnl
dnl Get the cflags and libraries from the autotrace-config script
dnl
--
1.7.11.2

68
autotrace-0003-libpng-fix.patch
View File

@ -1,68 +0,0 @@
From 56103b05af8a9d67ce158eceab9f7c984b38eabb Mon Sep 17 00:00:00 2001
From: Jon Ciesla <limburgher@gmail.com>
Date: Fri, 2 Mar 2012 09:39:36 -0600
Subject: [PATCH 3/3] libpng fix.
---
input-png.c | 22 ++++++----------------
1 file changed, 6 insertions(+), 16 deletions(-)
diff --git a/input-png.c b/input-png.c
index 77b96f1..b631f07 100644
--- a/input-png.c
+++ b/input-png.c
@@ -42,7 +42,7 @@ static png_bytep * read_png(png_structp png_ptr, png_infop info_ptr, at_input_op
static void handle_warning(png_structp png, const at_string message) {
LOG1("PNG warning: %s", message);
- at_exception_warning((at_exception_type *)png->error_ptr,
+ at_exception_warning((at_exception_type *)png_get_error_ptr(png),
message);
/* at_exception_fatal((at_exception_type *)at_png->error_ptr,
"PNG warning"); */
@@ -50,7 +50,7 @@ static void handle_warning(png_structp png, const at_string message) {
static void handle_error(png_structp png, const at_string message) {
LOG1("PNG error: %s", message);
- at_exception_fatal((at_exception_type *)png->error_ptr,
+ at_exception_fatal((at_exception_type *)png_get_error_ptr(png),
message);
/* at_exception_fatal((at_exception_type *)at_png->error_ptr,
"PNG error"); */
@@ -157,8 +157,8 @@ read_png(png_structp png_ptr, png_infop info_ptr, at_input_opts_type * opts)
png_set_strip_16(png_ptr);
png_set_packing(png_ptr);
- if ((png_ptr->bit_depth < 8) ||
- (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ||
+ if ((png_get_bit_depth(png_ptr, info_ptr) < 8) ||
+ (png_get_color_type(png_ptr, info_ptr) == PNG_COLOR_TYPE_PALETTE) ||
(png_get_valid(png_ptr, info_ptr, PNG_INFO_tRNS)))
png_set_expand(png_ptr);
@@ -181,20 +181,10 @@ read_png(png_structp png_ptr, png_infop info_ptr, at_input_opts_type * opts)
PNG_BACKGROUND_GAMMA_FILE, 1, 1.0);
} else
png_set_strip_alpha(png_ptr);
+ png_set_interlace_handling(png_ptr);
png_read_update_info(png_ptr, info_ptr);
-
- info_ptr->row_pointers = (png_bytepp)png_malloc(png_ptr,
- info_ptr->height * sizeof(png_bytep));
-#ifdef PNG_FREE_ME_SUPPORTED
- info_ptr->free_me |= PNG_FREE_ROWS;
-#endif
- for (row = 0; row < (int)info_ptr->height; row++)
- info_ptr->row_pointers[row] = (png_bytep)png_malloc(png_ptr,
- png_get_rowbytes(png_ptr, info_ptr));
-
- png_read_image(png_ptr, info_ptr->row_pointers);
- info_ptr->valid |= PNG_INFO_IDAT;
+ png_read_png(png_ptr, info_ptr, PNG_TRANSFORM_IDENTITY, NULL);
png_read_end(png_ptr, info_ptr);
return png_get_rows(png_ptr, info_ptr);
}
--
1.7.11.2

70
autotrace.spec
View File

@ -1,38 +1,31 @@
Name: autotrace
Version: 0.31.1
Release: 64%{?dist}
Version: 0.31.9
Release: 1%{?dist}
Summary: Utility for converting bitmaps to vector graphics
License: GPLv2+ and LGPLv2+
URL: http://autotrace.sourceforge.net/
Source0: http://download.sf.net/autotrace/%{name}-%{version}.tar.gz
Patch1: autotrace-0001-Modify-GetOnePixel-usage-to-build-against-current-Im.patch
Patch2: autotrace-0002-Fixed-underquoted-AM_PATH_AUTOTRACE-definition.patch
Patch3: autotrace-0003-libpng-fix.patch
# Sent upstream
Patch4: autotrace-0.31.1-CVE-2013-1953.patch
Patch5: autotrace-0.31.1-multilib-fix.patch
Patch6: autotrace-0.31.1-pstoedit-detection-fix.patch
Patch7: autotrace-0.31.1-CVE-2016-7392.patch
Patch8: autotrace-0.31.1-CVE-2019-19004.patch
Patch9: autotrace-0.31.1-CVE-2019-19005.patch
Source0: https://github.com/%{name}/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
BuildRequires: gcc-c++
%if ! 0%{?rhel}
BuildRequires: ImageMagick-devel
%endif
BuildRequires: libpng-devel > 2:1.2
BuildRequires: libexif-devel
BuildRequires: libtiff-devel
BuildRequires: libjpeg-devel
BuildRequires: libxml2-devel
BuildRequires: pstoedit-devel
BuildRequires: bzip2-devel
BuildRequires: freetype-devel
BuildRequires: libexif-devel
BuildRequires: libjpeg-devel
BuildRequires: libpng-devel > 2:1.2
BuildRequires: libtiff-devel
BuildRequires: libxml2-devel
BuildRequires: pstoedit-devel
# For autoreconf
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gettext-devel
BuildRequires: intltool
BuildRequires: libtool
BuildRequires: pstoedit-devel
BuildRequires: make
BuildRequires: make
BuildRequires: procps-ng
%description
@ -57,26 +50,18 @@ This package contains header files and development libraries for autotrace.
%prep
%setup -q
%patch1 -p1 -b .GetOnePixel
%patch2 -p1 -b .aclocal18
%patch3 -p1 -b .libpng15
%patch4 -p1 -b .CVE-2013-1953
%patch5 -p1 -b .multilib-fix
%patch6 -p1 -b .pstoedit-detection-fix
%patch7 -p1 -b .CVE-2016-7392
%patch8 -p1 -b .CVE-2019-19004
%patch9 -p1 -b .CVE-2019-19005
autoreconf -ivf
%autosetup -p1
%build
autoreconf -ivf
%if ! 0%{?rhel}
%configure
%configure --enable-magick-readers --disable-static
%else
%configure --without-magick
%configure --without-magick --disable-static
%endif
# remove rpaths
# FIXME is it still reqired?
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
@ -84,30 +69,33 @@ make %{?_smp_mflags}
%install
make install DESTDIR=$RPM_BUILD_ROOT
find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';'
find $RPM_BUILD_ROOT -type f -name "*.a" -exec rm -f {} ';'
%make_install
%find_lang %{name}
%check
make check
%ldconfig_scriptlets
%files
%doc AUTHORS COPYING COPYING.LIB ChangeLog FAQ NEWS README THANKS TODO
%files -f %{name}.lang
%license COPYING COPYING.LIB
%doc AUTHORS ChangeLog FAQ NEWS README.md THANKS TODO
%{_bindir}/autotrace
%{_libdir}/*.so.*
%{_mandir}/man[^3]/*
%files devel
%doc HACKING
%{_bindir}/autotrace-config
%{_libdir}/*.so
%{_libdir}/pkgconfig/autotrace.pc
%{_includedir}/autotrace/
%{_datadir}/aclocal/autotrace.m4
%changelog
* Tue Aug 30 2022 Peter Lemenkov <lemenkov@gmail.com> - 0.31.9-1
- Ver. 0.31.9 (API/ABI compatible)
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-64
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
54eabbb38d2076ded6d271e1ee4d0783 autotrace-0.31.1.tar.gz
SHA512 (autotrace-0.31.9.tar.gz) = 1ca97e8650529d26a104a86882c4c109ba8f17275b92e564cfbde37593cf867e55d1cbaa0f9421ba7b44ddbba2ceb5a65352cc697abc290ba335f5739361a304