| author | Jan Alexander Steffens
<heftig@archlinux.org> 2015-09-10 12:29:40 UTC |
| committer | Jan Alexander Steffens
<heftig@archlinux.org> 2015-09-10 12:29:40 UTC |
| parent | 63b7ed1cddad7a9643b8f72884100eda2f6f6158 |
| PKGBUILD | +20 | -25 |
| gegl-0.2.0-CVE-2012-4433.patch | +0 | -159 |
| gegl-0.2.0-ffmpeg-0.11.patch | +0 | -47 |
| gegl-0.2.0-lua-5.2.patch | +0 | -53 |
| gegl-0.2.0-remove-src-over-op.patch | +0 | -195 |
diff --git a/PKGBUILD b/PKGBUILD index 597396b..9da87f8 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -1,41 +1,34 @@ # Maintainer: Daniel Isenmann <daniel@archlinux.org> pkgname=gegl -pkgver=0.2.0 -pkgrel=15 +pkgver=0.3.0 +pkgrel=1 pkgdesc="Graph based image processing framework" arch=('i686' 'x86_64') url="http://www.gegl.org/" license=('GPL3' 'LGPL3') -depends=('babl' 'libspiro') -makedepends=('intltool' 'ruby' 'lua' 'openexr' 'ffmpeg' 'librsvg' 'jasper' 'exiv2') -optdepends=('openexr: for using the openexr plugin' - 'ffmpeg: for using the ffmpeg plugin' - 'librsvg: for using the svg plugin' - 'jasper: for using the jasper plugin') -source=(http://ftp.gimp.org/pub/${pkgname}/${pkgver%.*}/${pkgname}-${pkgver}.tar.bz2 - gegl-0.2.0-ffmpeg-0.11.patch - gegl-0.2.0-CVE-2012-4433.patch - gegl-0.2.0-lua-5.2.patch - gegl-0.2.0-remove-src-over-op.patch) -options=(!makeflags) -sha1sums=('764cc66cb3c7b261b8fc18a6268a0e264a91d573' - 'f5e4c0edd32e088f768e303081f1ed2d80588d4c' - '44d48bd9ad008703de9f8eb683d557bac39a02c8' - 'c78a092b880874ba7784b652bcd9c532e2b9975d' - 'dc9ae21cc5ba0fb47ef05793f0cb169572dfab74') +depends=('babl' 'libspiro' 'json-glib') +makedepends=('intltool' 'ruby' 'lua' 'libopenraw' 'openexr' 'mesa' 'glu' 'ffmpeg' 'librsvg' 'jasper' 'exiv2' 'vala' 'python2' 'suitesparse') +optdepends=('libopenraw: openraw plugin' + 'openexr: openexr plugin' + 'ffmpeg: ffmpeg plugin' + 'suitessparse: matting-levin plugin' + 'librsvg: svg plugin' + 'jasper: jasper plugin') +source=(http://ftp.gimp.org/pub/${pkgname}/${pkgver%.*}/${pkgname}-${pkgver}.tar.bz2) +sha256sums=('f0fec8f2e7b8835979d3cf4e38b05d41bb79f68dc80cf899a846484da693bbf7') prepare() { + mkdir path + ln -s /usr/bin/python2 path/python + cd ${pkgname}-${pkgver} - patch -Np1 -i ../gegl-0.2.0-ffmpeg-0.11.patch - patch -Np1 -i ../gegl-0.2.0-CVE-2012-4433.patch - patch -Np1 -i ../gegl-0.2.0-lua-5.2.patch - patch -Np1 -i ../gegl-0.2.0-remove-src-over-op.patch } build() { + export PATH="$srcdir/path:$PATH" PYTHON=/usr/bin/python2 cd ${pkgname}-${pkgver} - ./configure --prefix=/usr --with-sdl --with-openexr --with-librsvg \ + ./configure --prefix=/usr --with-sdl --with-librsvg \ --with-libavformat --with-jasper --disable-docs # https://bugzilla.gnome.org/show_bug.cgi?id=655517 @@ -45,11 +38,13 @@ build() { } check() { + export PATH="$srcdir/path:$PATH" PYTHON=/usr/bin/python2 cd ${pkgname}-${pkgver} - make check + make -k check || : } package() { + export PATH="$srcdir/path:$PATH" PYTHON=/usr/bin/python2 cd ${pkgname}-${pkgver} make DESTDIR="${pkgdir}" install } diff --git a/gegl-0.2.0-CVE-2012-4433.patch b/gegl-0.2.0-CVE-2012-4433.patch deleted file mode 100644 index 965c6fc..0000000 --- a/gegl-0.2.0-CVE-2012-4433.patch +++ /dev/null @@ -1,159 +0,0 @@ -From ffa77a246652c7e706d690682fe659f50fbe5656 Mon Sep 17 00:00:00 2001 -From: Nils Philippsen <nils@redhat.com> -Date: Mon, 1 Jul 2013 12:03:51 +0200 -Subject: [PATCH] patch: CVE-2012-4433 - -Squashed commit of the following: - -commit 2a9071e2dc4cfe1aaa7a726805985281936f9874 -Author: Nils Philippsen <nils@redhat.com> -Date: Tue Oct 16 16:57:37 2012 +0200 - - ppm-load: bring comment in line with reality - - (cherry picked from commit 6975a9cfeaf0698b42ac81b1c2f00d13c8755453) - -commit 8bb88ebf78e54837322d3be74688f98800e9f33a -Author: Nils Philippsen <nils@redhat.com> -Date: Tue Oct 16 16:56:40 2012 +0200 - - ppm-load: CVE-2012-4433: add plausibility checks for header fields - - Refuse values that are non-decimal, negative or overflow the target - type. - - (cherry picked from commit 4757cdf73d3675478d645a3ec8250ba02168a230) - -commit 2b099886969bf055a8635d06a4d89f20fed1ee42 -Author: Nils Philippsen <nils@redhat.com> -Date: Tue Oct 16 16:58:27 2012 +0200 - - ppm-load: CVE-2012-4433: don't overflow memory allocation - - Carefully selected width/height values could cause the size of a later - allocation to overflow, resulting in a buffer much too small to store - the data which would then written beyond its end. - - (cherry picked from commit 1e92e5235ded0415d555aa86066b8e4041ee5a53) ---- - operations/external/ppm-load.c | 64 +++++++++++++++++++++++++++++++++++------- - 1 file changed, 54 insertions(+), 10 deletions(-) - -diff --git a/operations/external/ppm-load.c b/operations/external/ppm-load.c -index efe6d56..e22521c 100644 ---- a/operations/external/ppm-load.c -+++ b/operations/external/ppm-load.c -@@ -36,6 +36,7 @@ gegl_chant_file_path (path, _("File"), "", _("Path of file to load.")) - #include "gegl-chant.h" - #include <stdio.h> - #include <stdlib.h> -+#include <errno.h> - - typedef enum { - PIXMAP_ASCII = 51, -@@ -44,8 +45,8 @@ typedef enum { - - typedef struct { - map_type type; -- gint width; -- gint height; -+ glong width; -+ glong height; - gsize numsamples; /* width * height * channels */ - gsize bpc; /* bytes per channel */ - guchar *data; -@@ -61,7 +62,7 @@ ppm_load_read_header(FILE *fp, - gchar header[MAX_CHARS_IN_ROW]; - gint maxval; - -- /* Check the PPM file Type P2 or P5 */ -+ /* Check the PPM file Type P3 or P6 */ - fgets (header,MAX_CHARS_IN_ROW,fp); - - if (header[0] != ASCII_P || -@@ -82,12 +83,33 @@ ppm_load_read_header(FILE *fp, - } - - /* Get Width and Height */ -- img->width = strtol (header,&ptr,0); -- img->height = atoi (ptr); -- img->numsamples = img->width * img->height * CHANNEL_COUNT; -+ errno = 0; -+ img->width = strtol (header,&ptr,10); -+ if (errno) -+ { -+ g_warning ("Error reading width: %s", strerror(errno)); -+ return FALSE; -+ } -+ else if (img->width < 0) -+ { -+ g_warning ("Error: width is negative"); -+ return FALSE; -+ } -+ -+ img->height = strtol (ptr,&ptr,10); -+ if (errno) -+ { -+ g_warning ("Error reading height: %s", strerror(errno)); -+ return FALSE; -+ } -+ else if (img->width < 0) -+ { -+ g_warning ("Error: height is negative"); -+ return FALSE; -+ } - - fgets (header,MAX_CHARS_IN_ROW,fp); -- maxval = strtol (header,&ptr,0); -+ maxval = strtol (header,&ptr,10); - - if ((maxval != 255) && (maxval != 65535)) - { -@@ -109,6 +131,16 @@ ppm_load_read_header(FILE *fp, - g_warning ("%s: Programmer stupidity error", G_STRLOC); - } - -+ /* Later on, img->numsamples is multiplied with img->bpc to allocate -+ * memory. Ensure it doesn't overflow. */ -+ if (!img->width || !img->height || -+ G_MAXSIZE / img->width / img->height / CHANNEL_COUNT < img->bpc) -+ { -+ g_warning ("Illegal width/height: %ld/%ld", img->width, img->height); -+ return FALSE; -+ } -+ img->numsamples = img->width * img->height * CHANNEL_COUNT; -+ - return TRUE; - } - -@@ -229,12 +261,24 @@ process (GeglOperation *operation, - if (!ppm_load_read_header (fp, &img)) - goto out; - -- rect.height = img.height; -- rect.width = img.width; -- - /* Allocating Array Size */ -+ -+ /* Should use g_try_malloc(), but this causes crashes elsewhere because the -+ * error signalled by returning FALSE isn't properly acted upon. Therefore -+ * g_malloc() is used here which aborts if the requested memory size can't be -+ * allocated causing a controlled crash. */ - img.data = (guchar*) g_malloc (img.numsamples * img.bpc); - -+ /* No-op without g_try_malloc(), see above. */ -+ if (! img.data) -+ { -+ g_warning ("Couldn't allocate %" G_GSIZE_FORMAT " bytes, giving up.", ((gsize)img.numsamples * img.bpc)); -+ goto out; -+ } -+ -+ rect.height = img.height; -+ rect.width = img.width; -+ - switch (img.bpc) - { - case 1: --- -1.8.3.1 - diff --git a/gegl-0.2.0-ffmpeg-0.11.patch b/gegl-0.2.0-ffmpeg-0.11.patch deleted file mode 100644 index b75770a..0000000 --- a/gegl-0.2.0-ffmpeg-0.11.patch +++ /dev/null @@ -1,47 +0,0 @@ ---- ./operations/external/ff-load.c 2012-04-01 14:17:57.000000000 +0300 -+++ ./operations/external/ff-load.c.new 2014-10-23 01:49:25.090139749 +0300 -@@ -137,7 +137,7 @@ - if (p->enc) - avcodec_close (p->enc); - if (p->ic) -- av_close_input_file (p->ic); -+ avformat_close_input(&p->ic); - if (p->lavc_frame) - av_free (p->lavc_frame); - -@@ -216,9 +216,9 @@ - { - do - { -- if (av_read_packet (p->ic, &p->pkt) < 0) -+ if (av_read_frame (p->ic, &p->pkt) < 0) - { -- fprintf (stderr, "av_read_packet failed for %s\n", -+ fprintf (stderr, "av_read_frame failed for %s\n", - o->path); - return -1; - } -@@ -271,12 +271,12 @@ - gint err; - - ff_cleanup (o); -- err = av_open_input_file (&p->ic, o->path, NULL, 0, NULL); -+ err = avformat_open_input(&p->ic, o->path, NULL, 0); - if (err < 0) - { - print_error (o->path, err); - } -- err = av_find_stream_info (p->ic); -+ err = avformat_find_stream_info (p->ic, NULL); - if (err < 0) - { - g_warning ("ff-load: error finding stream info for %s", o->path); -@@ -312,7 +312,7 @@ - if (p->codec->capabilities & CODEC_CAP_TRUNCATED) - p->enc->flags |= CODEC_FLAG_TRUNCATED; - -- if (avcodec_open (p->enc, p->codec) < 0) -+ if (avcodec_open2 (p->enc, p->codec, NULL) < 0) - { - g_warning ("error opening codec %s", p->enc->codec->name); - return; \ No newline at end of file diff --git a/gegl-0.2.0-lua-5.2.patch b/gegl-0.2.0-lua-5.2.patch deleted file mode 100644 index e5a60bb..0000000 --- a/gegl-0.2.0-lua-5.2.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 1e12a153d9a82a771c3bfd95c0265b810a424b3c Mon Sep 17 00:00:00 2001 -From: Nils Philippsen <nils@redhat.com> -Date: Mon, 1 Jul 2013 14:41:33 +0200 -Subject: [PATCH] patch: lua-5.2 - -Squashed commit of the following: - -commit 96f65d260c6e40940f2818b721c19565c1b40607 -Author: Vincent Untz <vuntz@gnome.org> -Date: Wed Jan 11 09:52:25 2012 +0100 - - Fix build with lua 5.2 by not using API deprecated in 5.1 already - - https://bugzilla.gnome.org/show_bug.cgi?id=667675 - (cherry picked from commit a14a29c39352c60f003a65b721c9af8a1d8d20df) ---- - operations/workshop/external/gluas.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/operations/workshop/external/gluas.c b/operations/workshop/external/gluas.c -index 8ba1101..63e82a2 100644 ---- a/operations/workshop/external/gluas.c -+++ b/operations/workshop/external/gluas.c -@@ -97,7 +97,7 @@ static int l_progress (lua_State * lua); - static int l_flush (lua_State * lua); - static int l_print (lua_State * lua); - --static const luaL_reg gluas_functions[] = -+static const luaL_Reg gluas_functions[] = - { - {"set_rgba", l_set_rgba}, - {"get_rgba", l_get_rgba}, -@@ -122,7 +122,7 @@ static const luaL_reg gluas_functions[] = - }; - static void - register_functions (lua_State *L, -- const luaL_reg *l) -+ const luaL_Reg *l) - { - for (;l->name; l++) - lua_register (L, l->name, l->func); -@@ -146,7 +146,7 @@ drawable_lua_process (GeglOperation *op, - lua_State *L; - Priv p; - -- L = lua_open (); -+ L = luaL_newstate (); - luaL_openlibs (L); - - register_functions (L, gluas_functions); --- -1.8.3.1 - diff --git a/gegl-0.2.0-remove-src-over-op.patch b/gegl-0.2.0-remove-src-over-op.patch deleted file mode 100644 index a823580..0000000 --- a/gegl-0.2.0-remove-src-over-op.patch +++ /dev/null @@ -1,195 +0,0 @@ -From 72168aba34445e4cd99aaed32d8e6a80e89ce729 Mon Sep 17 00:00:00 2001 -From: Nils Philippsen <nils@redhat.com> -Date: Mon, 1 Jul 2013 13:53:18 +0200 -Subject: [PATCH] patch: remove-src-over-op - -Squashed commit of the following: - -commit b766094d951bf1515a75408ee85d4e1af432e6bd -Author: Daniel Sabo <DanielSabo@gmail.com> -Date: Tue Jun 4 20:57:03 2013 -0700 - - Remove auto-generated svg:src-over - - It was already shadowed by gegl:over, which declares - svg:src-over as a compat-name. - - (cherry picked from commit c1caf2401271e8a17fd1937bf84279c250bd8e2a) - - Conflicts: - po/POTFILES.in ---- - operations/generated/src-over.c | 122 ----------------------------- - operations/generated/svg-12-porter-duff.rb | 5 +- - po/POTFILES.in | 3 +- - 3 files changed, 4 insertions(+), 126 deletions(-) - delete mode 100644 operations/generated/src-over.c - -diff --git a/operations/generated/src-over.c b/operations/generated/src-over.c -deleted file mode 100644 -index e586087..0000000 ---- a/operations/generated/src-over.c -+++ /dev/null -@@ -1,122 +0,0 @@ -- --/* !!!! AUTOGENERATED FILE generated by svg-12-porter-duff.rb !!!!! -- * -- * This file is an image processing operation for GEGL -- * -- * GEGL is free software; you can redistribute it and/or -- * modify it under the terms of the GNU Lesser General Public -- * License as published by the Free Software Foundation; either -- * version 3 of the License, or (at your option) any later version. -- * -- * GEGL is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- * Lesser General Public License for more details. -- * -- * You should have received a copy of the GNU Lesser General Public -- * License along with GEGL; if not, see <http://www.gnu.org/licenses/>. -- * -- * Copyright 2006, 2007 Øyvind Kolås <pippin@gimp.org> -- * 2007 John Marshall -- * -- * SVG rendering modes; see: -- * http://www.w3.org/TR/SVG12/rendering.html -- * http://www.w3.org/TR/2004/WD-SVG12-20041027/rendering.html#comp-op-prop -- * -- * aA = aux(src) alpha aB = in(dst) alpha aD = out alpha -- * cA = aux(src) colour cB = in(dst) colour cD = out colour -- * -- * !!!! AUTOGENERATED FILE !!!!! -- */ --#include "config.h" --#include <glib/gi18n-lib.h> -- -- --#ifdef GEGL_CHANT_PROPERTIES -- --/* no properties */ -- --#else -- --#define GEGL_CHANT_TYPE_POINT_COMPOSER --#define GEGL_CHANT_C_FILE "src-over.c" -- --#include "gegl-chant.h" -- --static void prepare (GeglOperation *operation) --{ -- const Babl *format = babl_format ("RaGaBaA float"); -- -- gegl_operation_set_format (operation, "input", format); -- gegl_operation_set_format (operation, "aux", format); -- gegl_operation_set_format (operation, "output", format); --} -- --static gboolean --process (GeglOperation *op, -- void *in_buf, -- void *aux_buf, -- void *out_buf, -- glong n_pixels, -- const GeglRectangle *roi, -- gint level) --{ -- gint i; -- gfloat * GEGL_ALIGNED in = in_buf; -- gfloat * GEGL_ALIGNED aux = aux_buf; -- gfloat * GEGL_ALIGNED out = out_buf; -- -- if (aux==NULL) -- return TRUE; -- -- for (i = 0; i < n_pixels; i++) -- { -- gint j; -- gfloat aA G_GNUC_UNUSED, aB G_GNUC_UNUSED, aD G_GNUC_UNUSED; -- -- aB = in[3]; -- aA = aux[3]; -- aD = aA + aB - aA * aB; -- -- for (j = 0; j < 3; j++) -- { -- gfloat cA G_GNUC_UNUSED, cB G_GNUC_UNUSED; -- -- cB = in[j]; -- cA = aux[j]; -- out[j] = cA + cB * (1.0f - aA); -- } -- out[3] = aD; -- in += 4; -- aux += 4; -- out += 4; -- } -- return TRUE; --} -- -- --static void --gegl_chant_class_init (GeglChantClass *klass) --{ -- GeglOperationClass *operation_class; -- GeglOperationPointComposerClass *point_composer_class; -- -- operation_class = GEGL_OPERATION_CLASS (klass); -- point_composer_class = GEGL_OPERATION_POINT_COMPOSER_CLASS (klass); -- -- point_composer_class->process = process; -- operation_class->prepare = prepare; -- -- -- operation_class->compat_name = "gegl:src-over"; -- gegl_operation_class_set_keys (operation_class, -- "name" , "svg:src-over", -- "categories", "compositors:porter-duff", -- "description", -- _("Porter Duff operation src-over (d = cA + cB * (1.0f - aA))"), -- NULL); -- -- --} -- --#endif -diff --git a/operations/generated/svg-12-porter-duff.rb b/operations/generated/svg-12-porter-duff.rb -index 5516802..dab5d2f 100755 ---- a/operations/generated/svg-12-porter-duff.rb -+++ b/operations/generated/svg-12-porter-duff.rb -@@ -1,4 +1,5 @@ - #!/usr/bin/env ruby -+# encoding: utf-8 - - copyright = ' - /* !!!! AUTOGENERATED FILE generated by svg-12-porter-duff.rb !!!!! -@@ -38,8 +39,8 @@ a = [ - 'aA'], - ['dst', 'cB', - 'aB'], -- ['src_over', 'cA + cB * (1.0f - aA)', -- 'aA + aB - aA * aB'], -+# ['src_over', 'cA + cB * (1.0f - aA)', -+# 'aA + aB - aA * aB'], - ['dst_over', 'cB + cA * (1.0f - aB)', - 'aA + aB - aA * aB'], - ['dst_in', 'cB * aA', # <- XXX: typo? -diff --git a/po/POTFILES.in b/po/POTFILES.in -index e309594..d36cbc2 100644 ---- a/po/POTFILES.in -+++ b/po/POTFILES.in -@@ -115,10 +115,9 @@ operations/generated/plus.c - operations/generated/screen.c - operations/generated/soft-light.c - operations/generated/src-atop.c -+operations/generated/src.c - operations/generated/src-in.c - operations/generated/src-out.c --operations/generated/src-over.c --operations/generated/src.c - operations/generated/subtract.c - operations/generated/svg-multiply.c - operations/generated/xor.c --- -1.8.3.1 -