Fix the integer signedness error in freetype2 that is described in

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754 . PR: 112769 Submitted by: Nick Barkas <snb@threerings.net> Obtained from: Freetype CVS Security: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754 Approved by: portmgr (implicit)
svn path=/head/; revision=191593
2007-05-21 22:24:16 +00:00 · 2007-05-21 22:24:16 +00:00 · 47db4faf86 · 2021-03-31 03:12:20 +00:00
commit 47db4faf86
parent ae69c742c3
2 changed files with 33 additions and 1 deletions
--- a/print/freetype2/Makefile
+++ b/print/freetype2/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	freetype2
 PORTVERSION=	2.2.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	print
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:S,%SUBDIR%,freetype,} \
 		http://sunsite.cnlab-switch.ch/ftp/mirror/freetype/%SUBDIR%/ \
--- a/print/freetype2/files/patch-src_truetype_ttgload.c
+++ b/print/freetype2/files/patch-src_truetype_ttgload.c
@ -0,0 +1,32 @@
+--- src/truetype/ttgload.c.orig	Tue Feb 14 12:44:56 2006
+++ src/truetype/ttgload.c	Fri May 18 13:05:34 2007
+@@ -269,7 +269,11 @@
+ 
+     n_points = 0;
+     if ( n_contours > 0 )
+    {
+       n_points = cont[-1] + 1;
+      if ( n_points < 0 )
+        goto Invalid_Outline;
+    }
+ 
+     /* note that we will add four phantom points later */
+     error = FT_GLYPHLOADER_CHECK_POINTS( gloader, n_points + 4, 0 );
+@@ -677,7 +681,7 @@
+     FT_GlyphLoader  gloader = loader->gloader;
+     FT_Error        error   = TT_Err_Ok;
+     FT_Outline*     outline;
+-    FT_UInt         n_points;
+    FT_Int          n_points;
+ 
+ 
+     outline  = &gloader->current.outline;
+@@ -704,7 +708,7 @@
+       /* Deltas apply to the unscaled data. */
+       FT_Vector*  deltas;
+       FT_Memory   memory = loader->face->memory;
+-      FT_UInt     i;
+      FT_Int      i;
+ 
+ 
+       error = TT_Vary_Get_Glyph_Deltas( (TT_Face)(loader->face),