diff --git a/README.md b/README.md index 493729f..9026d79 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,15 @@ # netpbm +Netpbm is a toolkit for manipulation of graphic images, including conversion of images between a variety of different formats. +There are over 220 separate tools in the package including converters for about 100 graphics formats. +Examples of the sort of image manipulation we're talking about are: + * Shrinking an image by 10% + * Cutting the top half off of an image + * Making a mirror image + * Creating a sequence of images that fade from one image to another + +The goal of Netpbm is to be a single source for all the primitive graphics utilities, especially converters, one might need. +So if you know of some freely redistributable software in this vein which is not in the package yet, you should bring it to the attention of the Netpbm maintainer so it can be included in the next release. + +Netpbm does not contain interactive tools and doesn't have a graphical interface. + diff --git a/netpbm-10.15-make.patch b/netpbm-10.15-make.patch new file mode 100644 index 0000000..0d0cc7a --- /dev/null +++ b/netpbm-10.15-make.patch @@ -0,0 +1,12 @@ +--- netpbm-10.15/lib/Makefile.orig 2003-01-19 20:49:07.000000000 +0100 ++++ netpbm-10.15/lib/Makefile 2003-05-17 23:06:16.000000000 +0200 +@@ -186,7 +186,8 @@ + libnetpbm.$(NETPBMLIBSUFFIX).$(MAJ).$(MIN) $(PKGDIR)/lib/ + cd $(PKGDIR)/lib/ ; \ + rm -f libnetpbm.$(NETPBMLIBSUFFIX).$(MAJ); \ +- $(SYMLINK) libnetpbm.$(NETPBMLIBSUFFIX).$(MAJ).$(MIN) $(SONAME) ++ $(SYMLINK) libnetpbm.$(NETPBMLIBSUFFIX).$(MAJ).$(MIN) $(SONAME); \ ++ $(SYMLINK) libnetpbm.$(NETPBMLIBSUFFIX).$(MAJ).$(MIN) libnetpbm.$(NETPBMLIBSUFFIX) + endif + ifeq ($(NETPBMLIBTYPE),dll) + #install a Windows DLL shared library diff --git a/netpbm-10.20-CAN-2005-2978.patch b/netpbm-10.20-CAN-2005-2978.patch new file mode 100644 index 0000000..e0edb20 --- /dev/null +++ b/netpbm-10.20-CAN-2005-2978.patch @@ -0,0 +1,20 @@ +--- netpbm-10.20/converter/other/pnmtopng.c.orig 2005-10-19 13:41:17.000000000 +0200 ++++ netpbm-10.20/converter/other/pnmtopng.c 2005-10-19 13:42:13.000000000 +0200 +@@ -152,7 +152,7 @@ closestColorInPalette(pixel con + unsigned int * const bestMatchP) { + + unsigned int paletteIndex; +- unsigned int bestIndex; ++ unsigned int bestIndex = 0; + unsigned int bestMatch; + + bestMatch = UINT_MAX; +@@ -1359,7 +1359,7 @@ convertpnm(FILE * const ifp, + /* The color part of the color/alpha palette passed to the PNG + compressor + */ +- unsigned int palette_size; ++ unsigned int palette_size = MAXCOLORS; + + gray trans_pnm[MAXCOLORS]; + png_byte trans[MAXCOLORS]; diff --git a/netpbm-10.22-security_mktemp.patch b/netpbm-10.22-security_mktemp.patch new file mode 100644 index 0000000..a54ca41 --- /dev/null +++ b/netpbm-10.22-security_mktemp.patch @@ -0,0 +1,419 @@ +--- netpbm-10.28/converter/other/anytopnm.security2 2005-05-27 00:10:39.000000000 +0200 ++++ netpbm-10.28/converter/other/anytopnm 2005-06-10 09:42:48.609492080 +0200 +@@ -522,11 +522,7 @@ else + inputFile="-" + fi + +-tempdir="${TMPDIR-/tmp}/anytopnm.$$" +-mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} +-chmod 700 $tempdir +- +-trap 'rm -rf $tempdir' 0 ++tempdir=$(mktemp -d -t anytopnm.XXXXXXXXXX) || exit 1 + + findAwk; + +@@ -549,9 +545,17 @@ if [ "$filetype" = "unknown" ]; then + echo "$progname: unknown file type. " \ + "'file' says mime type is '$mimeType', " 1>&2 + echo "type description is '$typeDescription'" 1>&2 ++ if [ -d "$tempdir" ] ; then ++ rm -rf "$tempdir" ++ fi ++ + exit 1 + fi + + convertIt $file $filetype + ++if [ -d "$tempdir" ] ; then ++ rm -rf "$tempdir" ++fi ++ + exit 0 +--- netpbm-10.28/editor/ppmfade.security2 2005-03-16 22:10:39.000000000 +0100 ++++ netpbm-10.28/editor/ppmfade 2005-06-10 09:02:04.545046352 +0200 +@@ -14,6 +14,7 @@ + # + #-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- + use strict; ++use File::Temp "tempdir"; + + my $SPREAD = 1; + my $SHIFT = 2; +@@ -116,20 +117,26 @@ if ($first_file ne "undefined") { + + print("Frames are " . $width . "W x " . $height . "H\n"); + ++# ++# We create a tmp-directory right here ++# ++my $tmpdir = tempdir("ppmfade.XXXXXX", CLEANUP => 1); ++ ++ + if ($first_file eq "undefined") { + print "Fading from black to "; +- system("ppmmake \\#000 $width $height >junk1$$.ppm"); ++ system("ppmmake \\#000 $width $height >$tmpdir/junk1$$.ppm"); + } else { + print "Fading from $first_file to "; +- system("cp", $first_file, "junk1$$.ppm"); ++ system("cp", $first_file, "$tmpdir/junk1$$.ppm"); + } + + if ($last_file eq "undefined") { + print "black.\n"; +- system("ppmmake \\#000 $width $height >junk2$$.ppm"); ++ system("ppmmake \\#000 $width $height >$tmpdir/junk2$$.ppm"); + } else { + print "$last_file\n"; +- system("cp", $last_file, "junk2$$.ppm"); ++ system("cp", $last_file, "$tmpdir/junk2$$.ppm"); + } + + # +@@ -137,14 +144,14 @@ if ($last_file eq "undefined") { + # + + # Here's what our temporary files are: +-# junk1$$.ppm: The original (fade-from) image +-# junk2$$.ppm: The target (fade-from) image +-# junk3$$.ppm: The frame of the fade for the current iteration of the +-# the for loop. +-# junk1a$$.ppm: If the fade involves a ppmmix sequence from one intermediate +-# image to another, this is the first frame of that +-# sequence. +-# junk2a$$.ppm: This is the last frame of the above-mentioned ppmmix sequence ++# $tmpdir/junk1$$.ppm: The original (fade-from) image ++# $tmpdir/junk2$$.ppm: The target (fade-from) image ++# $tmpdir/junk3$$.ppm: The frame of the fade for the current iteration of the ++# the for loop. ++# $tmpdir/junk1a$$.ppm: If the fade involves a ppmmix sequence from one intermediate ++# image to another, this is the first frame of that ++# sequence. ++# $tmpdir/junk2a$$.ppm: This is the last frame of the above-mentioned ppmmix sequence + + my $i; # Frame number + for ($i = 1; $i <= $nframes; $i++) { +@@ -152,148 +159,148 @@ for ($i = 1; $i <= $nframes; $i++) { + if ($mode eq $SPREAD) { + if ($i <= 10) { + my $n = $spline20[$i] * 100; +- system("ppmspread $n junk1$$.ppm >junk3$$.ppm"); ++ system("ppmspread $n $tmpdir/junk1$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n; + $n = $spline20[$i] * 100; +- system("ppmspread $n junk1$$.ppm >junk1a$$.ppm"); ++ system("ppmspread $n $tmpdir/junk1$$.ppm >$tmpdir/junk1a$$.ppm"); + $n = (1-$spline20[$i-10]) * 100; +- system("ppmspread $n junk2$$.ppm >junk2a$$.ppm"); ++ system("ppmspread $n $tmpdir/junk2$$.ppm >$tmpdir/junk2a$$.ppm"); + $n = $spline10[$i-10]; +- system("ppmmix $n junk1a$$.ppm junk2a$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1a$$.ppm $tmpdir/junk2a$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = (1-$spline20[$i-10])*100; +- system("ppmspread $n junk2$$.ppm >junk3$$.ppm"); ++ system("ppmspread $n $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + } elsif ($mode eq $SHIFT) { + if ($i <= 10) { + my $n = $spline20[$i] * 100; +- system("ppmshift $n junk1$$.ppm >junk3$$.ppm"); ++ system("ppmshift $n $tmpdir/junk1$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n; + $n = $spline20[$i] * 100; +- system("ppmshift $n junk1$$.ppm >junk1a$$.ppm"); ++ system("ppmshift $n $tmpdir/junk1$$.ppm >$tmpdir/junk1a$$.ppm"); + $n = (1-$spline20[$i-10])*100; +- system("ppmshift $n junk2$$.ppm >junk2a$$.ppm"); ++ system("ppmshift $n $tmpdir/junk2$$.ppm >$tmpdir/junk2a$$.ppm"); + $n = $spline10[$i-10]; +- system("ppmmix $n junk1a$$.ppm junk2a$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1a$$.ppm $tmpdir/junk2a$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = (1-$spline20[$i-10]) * 100; +- system("ppmshift $n junk2$$.ppm >junk3$$.ppm"); ++ system("ppmshift $n $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + } elsif ($mode eq $RELIEF) { + if ($i == 1) { +- system("ppmrelief junk1$$.ppm >junk1r$$.ppm"); ++ system("ppmrelief $tmpdir/junk1$$.ppm >$tmpdir/junk1r$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1r$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1r$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1r$$.ppm junk2r$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1r$$.ppm $tmpdir/junk2r$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2r$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2r$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmrelief junk2$$.ppm >junk2r$$.ppm"); ++ system("ppmrelief $tmpdir/junk2$$.ppm >$tmpdir/junk2r$$.ppm"); + } + } elsif ($mode eq $OIL) { + if ($i == 1) { +- system("ppmtopgm junk1$$.ppm | pgmoil >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk1o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk1$$.ppm | pgmoil >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk1o$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1o$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1o$$.ppm junk2o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1o$$.ppm $tmpdir/junk2o$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2o$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2o$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmtopgm junk2$$.ppm | pgmoil >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk2o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk2$$.ppm | pgmoil >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk2o$$.ppm"); + } + } elsif ($mode eq $EDGE) { + if ($i == 1) { +- system("ppmtopgm junk1$$.ppm | pgmedge >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk1o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk1$$.ppm | pgmedge >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk1o$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1o$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1o$$.ppm junk2o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1o$$.ppm $tmpdir/junk2o$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2o$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2o$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmtopgm junk2$$.ppm | pgmedge >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk2o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk2$$.ppm | pgmedge >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk2o$$.ppm"); + } + } elsif ($mode eq $BENTLEY) { + if ($i == 1) { +- system("ppmtopgm junk1$$.ppm | pgmbentley >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk1o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk1$$.ppm | pgmbentley >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk1o$$.ppm"); + } + if ($i <= 10) { + my $n = $spline10[$i]; +- system("ppmmix $n junk1$$.ppm junk1o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1$$.ppm $tmpdir/junk1o$$.ppm >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1o$$.ppm junk2o$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1o$$.ppm $tmpdir/junk2o$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = $spline10[$i-20]; +- system("ppmmix $n junk2o$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk2o$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("ppmtopgm junk2$$.ppm | pgmbentley >junko$$.ppm"); +- system("rgb3toppm junko$$.ppm junko$$.ppm junko$$.ppm " . +- ">junk2o$$.ppm"); ++ system("ppmtopgm $tmpdir/junk2$$.ppm | pgmbentley >$tmpdir/junko$$.ppm"); ++ system("rgb3toppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm $tmpdir/junko$$.ppm " . ++ ">$tmpdir/junk2o$$.ppm"); + } + } elsif ($mode eq $BLOCK) { + if ($i <= 10) { + my $n = 1 - 1.9*$spline20[$i]; +- system("pamscale $n junk1$$.ppm | " . +- "pamscale -width $width -height $height >junk3$$.ppm"); ++ system("pamscale $n $tmpdir/junk1$$.ppm | " . ++ "pamscale -width $width -height $height >$tmpdir/junk3$$.ppm"); + } elsif ($i <= 20) { + my $n = $spline10[$i-10]; +- system("ppmmix $n junk1a$$.ppm junk2a$$.ppm >junk3$$.ppm"); ++ system("ppmmix $n $tmpdir/junk1a$$.ppm $tmpdir/junk2a$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + my $n = 1 - 1.9*$spline20[31-$i]; +- system("pamscale $n junk2$$.ppm | " . +- "pamscale -width $width -height $height >junk3$$.ppm"); ++ system("pamscale $n $tmpdir/junk2$$.ppm | " . ++ "pamscale -width $width -height $height >$tmpdir/junk3$$.ppm"); + } + if ($i == 10) { +- system("cp", "junk3$$.ppm", "junk1a$$.ppm"); +- system("pamscale $n junk2$$.ppm | " . +- "pamscale -width $width -height $height >junk2a$$.ppm"); ++ system("cp", "$tmpdir/junk3$$.ppm", "$tmpdir/junk1a$$.ppm"); ++ system("pamscale $n $tmpdir/junk2$$.ppm | " . ++ "pamscale -width $width -height $height >$tmpdir/junk2a$$.ppm"); + } + } elsif ($mode eq $MIX) { + my $fade_factor = sqrt(1/($nframes-$i+1)); +- system("ppmmix $fade_factor junk1$$.ppm junk2$$.ppm >junk3$$.ppm"); ++ system("ppmmix $fade_factor $tmpdir/junk1$$.ppm $tmpdir/junk2$$.ppm >$tmpdir/junk3$$.ppm"); + } else { + print("Internal error: impossible mode value '$mode'\n"); + } + + my $outfile = sprintf("%s.%04d.ppm", $base_name, $i); +- system("cp", "junk3$$.ppm", $outfile); ++ system("cp", "$tmpdir/junk3$$.ppm", $outfile); + } + + # + # Clean up shop. + # +-system("rm junk*$$.ppm"); ++system("rm $tmpdir/junk*$$.ppm"); + + exit(0); + +--- netpbm-10.28/editor/ppmquantall.security2 2005-03-17 00:44:03.000000000 +0100 ++++ netpbm-10.28/editor/ppmquantall 2005-06-10 09:02:04.547046048 +0200 +@@ -63,13 +63,8 @@ for i in ${files[@]}; do + heights=(${heights[*]} `grep -v '^#' $i | sed '1d; s/.* //; 2q'`) + done + +-tempdir="${TMPDIR-/tmp}/ppmquantall.$$" +-mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} +-chmod 700 $tempdir +- +-trap 'rm -rf $tempdir' 0 1 3 15 +- +-all=$tempdir/pqa.all.$$ ++all=$(mktemp -t pqa.all.XXXXXXXXXX) || exit 1 ++rm -f $all + + pnmcat -topbottom -jleft -white ${files[@]} | pnmquant $newcolors > $all + if [ $? != 0 ]; then +--- netpbm-10.28/editor/pnmmargin.security2 2003-12-31 05:01:26.000000000 +0100 ++++ netpbm-10.28/editor/pnmmargin 2005-06-10 09:02:04.549045744 +0200 +@@ -11,16 +11,11 @@ + # documentation. This software is provided "as is" without express or + # implied warranty. + +-tempdir="${TMPDIR-/tmp}/pnmmargin.$$" +-mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} +-chmod 700 $tempdir +- +-trap 'rm -rf $tempdir' 0 1 3 15 +- +-tmp1=$tempdir/pnmm1 +-tmp2=$tempdir/pnmm2 +-tmp3=$tempdir/pnmm3 +-tmp4=$tempdir/pnmm4 ++tmpdir=$(mktemp -d -t ppmmargin.XXXXXXX) || exit 1 ++tmp1="$tmpdir/tmp1" ++tmp2="$tmpdir/tmp2" ++tmp3="$tmpdir/tmp3" ++tmp4="$tmpdir/tmp4" + + color="-gofigure" + +@@ -39,6 +34,9 @@ while true ; do + shift + if [ ! ${1-""} ] ; then + echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 ++ if [ -d "$tmpdir" ]; then ++ rm -rf "$tmpdir" ++ fi + exit 1 + fi + color="$1" +@@ -46,6 +44,9 @@ while true ; do + ;; + -* ) + echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 ++ if [ -d "$tmpdir" ]; then ++ rm -rf "$tmpdir" ++ fi + exit 1 + ;; + * ) +@@ -56,6 +57,9 @@ done + + if [ ! ${1-""} ] ; then + echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 ++ if [ -d "$tmpdir" ]; then ++ rm -rf "$tmpdir" ++ fi + exit 1 + fi + size="$1" +@@ -63,6 +67,9 @@ shift + + if [ ${2-""} ] ; then + echo "usage: $0 [-white|-black|-color ] [pnmfile]" 1>&2 ++ if [ -d "$tmpdir" ]; then ++ rm -rf "$tmpdir" ++ fi + exit 1 + fi + +@@ -86,3 +93,7 @@ pamflip -rotate90 $tmp2 > $tmp3 + # Cat things together. + pnmcat -lr $tmp2 $tmp1 $tmp2 > $tmp4 + pnmcat -tb $tmp3 $tmp4 $tmp3 ++ ++if [ -d "$tmpdir" ]; then ++ rm -rf "$tmpdir" ++fi +--- netpbm-10.28/editor/pamstretch-gen.security2 2004-07-25 02:01:24.000000000 +0200 ++++ netpbm-10.28/editor/pamstretch-gen 2005-06-10 09:02:04.550045592 +0200 +@@ -31,10 +31,7 @@ if [ "$1" = "" ]; then + exit 1 + fi + +-tempdir="${TMPDIR-/tmp}/pamstretch-gen.$$" +-mkdir $tempdir || { echo "Could not create temporary file. Exiting."; exit 1;} +-chmod 700 $tempdir +-tempfile=$tempdir/pnmig ++tempfile=$(mktemp /tmp/pnmig.XXXXXXXXXX) || exit 1 + + trap 'rm -rf $tempdir' 0 1 3 15 + +--- netpbm-10.28/editor/ppmshadow.security2 2005-04-23 23:16:16.000000000 +0200 ++++ netpbm-10.28/editor/ppmshadow 2005-06-10 09:37:19.253561792 +0200 +@@ -72,9 +72,10 @@ sub makeConvolutionKernel($$) { + + + my $tmpdir = $ENV{TMPDIR} || "/tmp"; +-my $ourtmp = "$tmpdir/ppmshadow$$"; +-mkdir($ourtmp, 0777) or +- die("Unable to create directory for temporary files '$ourtmp"); ++chomp($ourtmp = `mktemp -d -t PPMshadow.XXXXXX`); ++if ($? >> 8) { ++ die "Can't create directory for temporary files"; ++} + + # Process command line options + diff --git a/netpbm-10.23-security-rh.patch b/netpbm-10.23-security-rh.patch new file mode 100644 index 0000000..3663d1c --- /dev/null +++ b/netpbm-10.23-security-rh.patch @@ -0,0 +1,2453 @@ +--- /dev/null 2005-10-21 08:18:57.827007136 +0200 ++++ netpbm-10.30/OPENLICENSE 2005-10-21 11:08:57.000000000 +0200 +@@ -0,0 +1,163 @@ ++ The Open Software License ++ v. 1.1 ++ ++This Open Software License (the "License") applies to any original work of ++authorship (the "Original Work") whose owner (the "Licensor") has placed the ++following notice immediately following the copyright notice for the Original ++Work: ++ ++Licensed under the Open Software License version 1.1 ++ ++1) Grant of Copyright License. Licensor hereby grants You a world-wide, ++royalty-free, non-exclusive, perpetual, non-sublicenseable license to do the ++following: ++ ++a) to reproduce the Original Work in copies; ++ ++b) to prepare derivative works ("Derivative Works") based upon the Original ++Work; ++ ++c) to distribute copies of the Original Work and Derivative Works to the ++public, with the proviso that copies of Original Work or Derivative Works that ++You distribute shall be licensed under the Open Software License; ++ ++d) to perform the Original Work publicly; and ++ ++e) to display the Original Work publicly. ++ ++2) Grant of Patent License. Licensor hereby grants You a world-wide, ++royalty-free, non-exclusive, perpetual, non-sublicenseable license, under ++patent claims owned or controlled by the Licensor that are embodied in the ++Original Work as furnished by the Licensor ("Licensed Claims") to make, use, ++sell and offer for sale the Original Work. Licensor hereby grants You a ++world-wide, royalty-free, non-exclusive, perpetual, non-sublicenseable license ++under the Licensed Claims to make, use, sell and offer for sale Derivative Works. ++ ++3) Grant of Source Code License. The term "Source Code" means the preferred ++form of the Original Work for making modifications to it and all available ++documentation describing how to modify the Original Work. Licensor hereby ++agrees to provide a machine-readable copy of the Source Code of the Original ++Work along with each copy of the Original Work that Licensor distributes. ++Licensor reserves the right to satisfy this obligation by placing a ++machine-readable copy of the Source Code in an information repository reasonably ++calculated to permit inexpensive and convenient access by You for as long as ++ Licensor continues to distribute the Original Work, and by publishing the ++address of that information repository in a notice immediately following the ++copyright notice that applies to the Original Work. ++ ++ ++4) Exclusions From License Grant. Nothing in this License shall be deemed to ++grant any rights to trademarks, copyrights, patents, trade secrets or any ++other intellectual property of Licensor except as expressly stated herein. No ++patent license is granted to make, use, sell or offer to sell embodiments of ++any patent claims other than the Licensed Claims defined in Section 2. No ++right is granted to the trademarks of Licensor even if such marks are included ++in the Original Work. Nothing in this License shall be interpreted to prohibit ++Licensor from licensing under different terms from this License any Original ++Work that Licensor otherwise would have a right to license. ++ ++5) External Deployment. The term "External Deployment" means the use or ++distribution of the Original Work or Derivative Works in any way such that the ++Original Work or Derivative Works may be used by anyone other than You, ++whether the Original Work or Derivative Works are distributed to those persons ++or made available as an application intended for use over a computer network. ++As an express condition for the grants of license hereunder, You agree that ++any External Deployment by You of a Derivative Work shall be deemed a ++distribution and shall be licensed to all under the terms of this License, as ++prescribed in section 1(c) herein. ++ ++6) Attribution Rights. You must retain, in the Source Code of any Derivative ++Works that You create, all copyright, patent or trademark notices from the ++Source Code of the Original Work, as well as any notices of licensing and any ++descriptive text identified therein as an "Attribution Notice." You must cause ++the Source Code for any Derivative Works that You create to carry a prominent ++Attribution Notice reasonably calculated to inform recipients that You have ++modified the Original Work. ++ ++7) Warranty and Disclaimer of Warranty. Licensor warrants that the copyright ++in and to the Original Work is owned by the Licensor or that the Original Work ++is distributed by Licensor under a valid current license from the copyright ++owner. Except as expressly stated in the immediately proceeding sentence, the ++Original Work is provided under this License on an "AS IS" BASIS and WITHOUT ++WARRANTY, either express or implied, including, without limitation, the ++warranties of NON-INFRINGEMENT, MERCHANTABILITY or FITNESS FOR A PARTICULAR ++PURPOSE. THE ENTIRE RISK AS TO THE QUALITY OF THE ORIGINAL WORK IS WITH YOU. ++This DISCLAIMER OF WARRANTY constitutes an essential part of this License. No ++license to Original Work is granted hereunder except under this disclaimer. ++ ++8) Limitation of Liability. Under no circumstances and under no legal theory, ++whether in tort (including negligence), contract, or otherwise, shall the ++Licensor be liable to any person for any direct, indirect, special, incidental, ++or consequential damages of any character arising as a result of this License ++or the use of the Original Work including, without limitation, damages for ++loss of goodwill, work stoppage, computer failure or malfunction, or any and ++all other commercial damages or losses. This limitation of liability shall not ++apply to liability for death or personal injury resulting from Licensor's ++negligence to the extent applicable law prohibits such limitation. Some ++jurisdictions do not allow the exclusion or limitation of incidental or ++consequential damages, so this exclusion and limitation may not apply to You. ++ ++ ++9) Acceptance and Termination. If You distribute copies of the Original Work ++or a Derivative Work, You must make a reasonable effort under the circumstances ++to obtain the express and volitional assent of recipients to the terms of this ++License. Nothing else but this License (or another written agreement between ++Licensor and You) grants You permission to create Derivative Works based upon ++the Original Work or to exercise any of the rights granted in Sections 1 herein, ++and any attempt to do so except under the terms of this License (or another ++written agreement between Licensor and You) is expressly prohibited by U.S. ++copyright law, the equivalent laws of other countries, and by international ++treaty. Therefore, by exercising any of the rights granted to You in Sections ++1 herein, You indicate Your acceptance of this License and all of its terms and ++conditions. This License shall terminate immediately and you may no longer ++exercise any of the rights granted to You by this License upon Your failure to ++honor the proviso in Section 1(c) herein. ++ ++10) Mutual Termination for Patent Action. This License shall terminate ++automatically and You may no longer exercise any of the rights granted to You ++by this License if You file a lawsuit in any court alleging that any OSI ++Certified open source software that is licensed under any license containing ++this "Mutual Termination for Patent Action" clause infringes any patent claims ++that are essential to use that software. ++ ++11) Jurisdiction, Venue and Governing Law. Any action or suit relating to this ++License may be brought only in the courts of a jurisdiction wherein the Licensor ++resides or in which Licensor conducts its primary business, and under the laws ++of that jurisdiction excluding its conflict-of-law provisions. The application ++of the United Nations Convention on Contracts for the International Sale of ++Goods is expressly excluded. Any use of the Original Work outside the scope of ++this License or after its termination shall be subject to the requirements and ++penalties of the U.S. Copyright Act, 17 U.S.C. å¤ 101 et seq., the equivalent ++laws of other countries, and international treaty. This section shall survive ++the termination of this License. ++ ++12) Attorneys Fees. In any action to enforce the terms of this License or ++seeking damages relating thereto, the prevailing party shall be entitled to ++recover its costs and expenses, including, without limitation, reasonable ++attorneys' fees and costs incurred in connection with such action, including ++any appeal of such action. This section shall survive the termination of this ++License. ++ ++13) Miscellaneous. This License represents the complete agreement concerning ++the subject matter hereof. If any provision of this License is held to be ++unenforceable, such provision shall be reformed only to the extent necessary ++to make it enforceable. ++ ++14) Definition of "You" in This License. "You" throughout this License, ++whether in upper or lower case, means an individual or a legal entity exercising ++rights under, and complying with all of the terms of, this License. For legal ++entities, "You" includes any entity that controls, is controlled by, or is under ++common control with you. For purposes of this definition, "control" means (i) ++the power, direct or indirect, to cause the direction or management of such ++entity, whether by contract or otherwise, or (ii) ownership of fifty percent ++(50%) or more of the outstanding shares, or (iii) beneficial ownership of such ++entity. ++ ++15) Right to Use. You may use the Original Work in all ways not otherwise ++restricted or conditioned by this License or by law, and Licensor promises not ++to interfere with or be responsible for such uses by You. ++ ++This license is Copyright (C) 2002 Lawrence E. Rosen. All rights reserved. ++Permission is hereby granted to copy and distribute this license without ++modification. This license may not be modified without the express written ++permission of its copyright owner. +--- netpbm-10.30/generator/pbmtext.c.security 2005-07-18 03:14:10.000000000 +0200 ++++ netpbm-10.30/generator/pbmtext.c 2005-10-21 11:08:57.000000000 +0200 +@@ -89,12 +89,14 @@ parse_command_line(int argc, char ** arg + + for (i = 1; i < argc; i++) { + if (i > 1) { ++ overflow_add(totaltextsize, 1); + totaltextsize += 1; + text = realloc(text, totaltextsize); + if (text == NULL) + pm_error("out of memory allocating space for input text"); + strcat(text, " "); + } ++ overflow_add(totaltextsize, strlen(argv[i])); + totaltextsize += strlen(argv[i]); + text = realloc(text, totaltextsize); + if (text == NULL) +@@ -581,6 +583,7 @@ getText(const char cmdline_text + struct text input_text; + + if (cmdline_text) { ++ overflow_add(strlen(cmdline_text), 1); + allocTextArray(&input_text, 1, strlen(cmdline_text)); + strcpy(input_text.textArray[0], cmdline_text); + fix_control_chars(input_text.textArray[0], fn); +@@ -603,7 +606,9 @@ getText(const char cmdline_text + while (fgets(buf, sizeof(buf), stdin) != NULL) { + fix_control_chars(buf, fn); + if (lineCount >= maxlines) { ++ overflow2(maxlines, 2); + maxlines *= 2; ++ overflow2(maxlines, sizeof(char *)); + text_array = (char**) realloc((char*) text_array, + maxlines * sizeof(char*)); + if (text_array == NULL) +@@ -689,6 +694,7 @@ main(int argc, char *argv[]) { + hmargin = fontP->maxwidth; + } else { + vmargin = fontP->maxheight; ++ overflow2(2, fontP->maxwidth); + hmargin = 2 * fontP->maxwidth; + } + } +@@ -705,6 +711,12 @@ main(int argc, char *argv[]) { + } else + formattedText = inputText; + ++ overflow2(2, vmargin); ++ overflow2(formattedText.lineCount, fontP->maxheight); ++ overflow2(formattedText.lineCount-1, cmdline.lspace); ++ overflow_add(vmargin * 2, formattedText.lineCount * fontP->maxheight); ++ overflow_add(vmargin * 2 + formattedText.lineCount * fontP->maxheight, (formattedText.lineCount-1) * cmdline.lspace); ++ + rows = 2 * vmargin + + formattedText.lineCount * fontP->maxheight + + (formattedText.lineCount-1) * cmdline.lspace; +@@ -712,6 +724,9 @@ main(int argc, char *argv[]) { + compute_image_width(formattedText, fontP, cmdline.space, + &maxwidth, &maxleftb); + ++ overflow2(2, hmargin); ++ overflow_add(2*hmargin, maxwidth); ++ + cols = 2 * hmargin + maxwidth; + bits = pbm_allocarray(cols, rows); + +--- netpbm-10.30/generator/pgmkernel.c.security 2003-07-06 22:03:29.000000000 +0200 ++++ netpbm-10.30/generator/pgmkernel.c 2005-10-21 11:08:57.000000000 +0200 +@@ -68,7 +68,7 @@ main ( argc, argv ) + kycenter = (fysize - 1) / 2.0; + ixsize = fxsize + 0.999; + iysize = fysize + 0.999; +- MALLOCARRAY(fkernel, ixsize * iysize); ++ fkernel = (double *) malloc3 (ixsize, iysize, sizeof(double)); + for (i = 0; i < iysize; i++) + for (j = 0; j < ixsize; j++) { + fkernel[i*ixsize+j] = 1.0 / (1.0 + w * sqrt((double) +--- netpbm-10.30/generator/pgmcrater.c.security 2005-09-10 22:51:24.000000000 +0200 ++++ netpbm-10.30/generator/pgmcrater.c 2005-10-21 11:08:57.000000000 +0200 +@@ -129,7 +129,7 @@ static void gencraters() + /* Acquire the elevation array and initialize it to mean + surface elevation. */ + +- MALLOCARRAY(aux, SCRX * SCRY); ++ aux = (unsigned short *) malloc3(SCRX, SCRY, sizeof(short)); + if (aux == NULL) + pm_error("out of memory allocating elevation array"); + +--- netpbm-10.30/generator/pbmpage.c.security 2005-08-27 19:27:19.000000000 +0200 ++++ netpbm-10.30/generator/pbmpage.c 2005-10-21 11:08:57.000000000 +0200 +@@ -170,6 +170,9 @@ outputPbm(FILE * const file, + /* We round the allocated row space up to a multiple of 8 so the ugly + fast code below can work. + */ ++ ++ overflow_add(bitmap.Width, 7); ++ + pbmrow = pbm_allocrow(((bitmap.Width+7)/8)*8); + + bitmap_cursor = 0; +--- netpbm-10.30/generator/ppmrainbow.security 2003-01-04 01:40:56.000000000 +0100 ++++ netpbm-10.30/generator/ppmrainbow 2005-10-21 11:08:57.000000000 +0200 +@@ -11,7 +11,7 @@ my ($Twid, $Thgt, $tmpdir, $norepeat, $v + # set defaults + $Twid = 600; + $Thgt = 8; +-$tmpdir = $ENV{"TMPDIR"} || "/tmp"; ++$tmpdir = $ENV{"TMPDIR"} || ".tmp"; + $norepeat = $FALSE; + $verbose = $FALSE; + +--- netpbm-10.30/other/pnmcolormap.c.security 2005-09-23 18:28:19.000000000 +0200 ++++ netpbm-10.30/other/pnmcolormap.c 2005-10-21 11:08:57.000000000 +0200 +@@ -774,6 +774,7 @@ colormapToSquare(struct pam * const pamP + pamP->width = intsqrt; + else + pamP->width = intsqrt + 1; ++ overflow_add(intsqrt, 1); + } + { + unsigned int const intQuotient = colormapSize / pamP->width; +--- netpbm-10.30/doc/COPYRIGHT.PATENT.security 2004-05-01 01:54:22.000000000 +0200 ++++ netpbm-10.30/doc/COPYRIGHT.PATENT 2005-10-21 11:08:57.000000000 +0200 +@@ -33,6 +33,11 @@ no warranties regarding any of the code + all the above to be modified by "to the best of the Netpbm + maintainer's knowledge." + ++These security fixes for netpbm are (c) Copyright 2002 Red Hat Inc. ++Red Hat has not fixed those items with patent claims or commercial ++use restrictions. These changes include NO WARRANTY and are provided ++under the Open Software License v.1 (see file OPENLICENSE). ++ + + + PATENTS +--- netpbm-10.30/converter/pgm/psidtopgm.c.security 2005-08-27 20:38:40.000000000 +0200 ++++ netpbm-10.30/converter/pgm/psidtopgm.c 2005-10-21 12:13:31.000000000 +0200 +@@ -78,6 +78,7 @@ main(int argc, + pm_error("bits/sample (%d) is too large.", bitspersample); + + pgm_writepgminit(stdout, cols, rows, maxval, 0); ++ overflow_add(cols, 7); + grayrow = pgm_allocrow((cols + 7) / 8 * 8); + for (row = 0; row < rows; ++row) { + unsigned int col; +--- netpbm-10.30/converter/pgm/lispmtopgm.c.security 2005-10-07 09:03:29.000000000 +0200 ++++ netpbm-10.30/converter/pgm/lispmtopgm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -58,6 +58,7 @@ main( argc, argv ) + pm_error( "depth (%d bits) is too large", depth); + + pgm_writepgminit( stdout, cols, rows, (gray) maxval, 0 ); ++ overflow_add(cols, 7); + grayrow = pgm_allocrow( ( cols + 7 ) / 8 * 8 ); + + for ( row = 0; row < rows; ++row ) +@@ -102,7 +103,9 @@ getinit( file, colsP, rowsP, depthP, pad + + if ( *depthP == 0 ) + *depthP = 1; /* very old file */ +- ++ ++ overflow_add((int)colsP, 31); ++ + *padrightP = ( ( *colsP + 31 ) / 32 ) * 32 - *colsP; + + if ( *colsP != (cols_32 - *padrightP) ) { +--- netpbm-10.30/converter/ppm/pjtoppm.c.security 2003-07-06 23:45:36.000000000 +0200 ++++ netpbm-10.30/converter/ppm/pjtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -127,19 +127,21 @@ main(argc, argv) + case 'V': /* send plane */ + case 'W': /* send last plane */ + if (rows == -1 || r >= rows || image == NULL) { +- if (rows == -1 || r >= rows) ++ if (rows == -1 || r >= rows) { ++ overflow_add(rows, 100); + rows += 100; ++ } + if (image == NULL) { +- MALLOCARRAY(image, rows * planes); +- MALLOCARRAY(imlen, rows * planes); ++ image = (unsigned char **) ++ malloc3(rows , planes , sizeof(unsigned char *)); ++ imlen = (int *) malloc3(rows , planes, sizeof(int)); + } + else { ++ overflow2(rows,planes); + image = (unsigned char **) +- realloc(image, +- rows * planes * ++ realloc2(image, rows * planes, + sizeof(unsigned char *)); +- imlen = (int *) +- realloc(imlen, rows * planes * sizeof(int)); ++ imlen = (int *) realloc2(imlen, rows * planes, sizeof(int)); + } + } + if (image == NULL || imlen == NULL) +@@ -212,8 +214,10 @@ main(argc, argv) + for (i = 0, c = 0; c < imlen[p + r * planes]; c += 2) + for (cmd = image[p + r * planes][c], + val = image[p + r * planes][c+1]; +- cmd >= 0 && i < newcols; cmd--, i++) ++ cmd >= 0 && i < newcols; cmd--, i++) { + buf[i] = val; ++ overflow_add(i, 1); ++ } + cols = cols > i ? cols : i; + free(image[p + r * planes]); + /* +@@ -224,6 +228,7 @@ main(argc, argv) + image[p + r * planes] = (unsigned char *) realloc(buf, i); + } + } ++ overflow2(cols, 8); + cols *= 8; + } + +--- netpbm-10.30/converter/ppm/ppmtoicr.c.security 2003-02-22 23:05:03.000000000 +0100 ++++ netpbm-10.30/converter/ppm/ppmtoicr.c 2005-10-21 11:08:57.000000000 +0200 +@@ -169,7 +169,7 @@ char* argv[]; + + if (rleflag) { + pm_message("sending run-length encoded picture data ..." ); +- testimage = (char*) malloc(rows*cols); ++ testimage = (char*) malloc2(rows, cols); + p = testimage; + for (i=0; iorig_y = (uint8 **) malloc(sizeof(uint8 *) * Fsize_y); ++ omfrw->orig_y = (uint8 **) malloc2(sizeof(uint8 *), Fsize_y); + ERRCHK(omfrw->orig_y, "malloc"); + for (y = 0; y < Fsize_y; ++y) { +- omfrw->orig_y[y] = (uint8 *) malloc(sizeof(uint8) * out_x); ++ omfrw->orig_y[y] = (uint8 *) malloc2(sizeof(uint8), out_x); + ERRCHK(omfrw->orig_y[y], "malloc"); + } + +- omfrw->orig_cr = (uint8 **) malloc(sizeof(int8 *) * Fsize_y / 2); ++ omfrw->orig_cr = (uint8 **) malloc2(sizeof(int8 *), Fsize_y / 2); + ERRCHK(omfrw->orig_cr, "malloc"); + for (y = 0; y < Fsize_y / 2; ++y) { +- omfrw->orig_cr[y] = (uint8 *) malloc(sizeof(int8) * out_x / 2); ++ omfrw->orig_cr[y] = (uint8 *) malloc2(sizeof(int8), out_x / 2); + ERRCHK(omfrw->orig_cr[y], "malloc"); + } + +- omfrw->orig_cb = (uint8 **) malloc(sizeof(int8 *) * Fsize_y / 2); ++ omfrw->orig_cb = (uint8 **) malloc2(sizeof(int8 *), Fsize_y / 2); + ERRCHK(omfrw->orig_cb, "malloc"); + for (y = 0; y < Fsize_y / 2; ++y) { +- omfrw->orig_cb[y] = (uint8 *) malloc(sizeof(int8) * out_x / 2); ++ omfrw->orig_cb[y] = (uint8 *) malloc2(sizeof(int8), out_x / 2); + ERRCHK(omfrw->orig_cb[y], "malloc"); + } + +@@ -217,24 +217,24 @@ Resize_Height(MpegFrame * const omfrh, + Fsize_y = out_y; + + /* Allocate new frame memory */ +- omfrh->orig_y = (uint8 **) malloc(sizeof(uint8 *) * out_y); ++ omfrh->orig_y = (uint8 **) malloc2(sizeof(uint8 *), out_y); + ERRCHK(omfrh->orig_y, "malloc"); + for (y = 0; y < out_y; ++y) { +- omfrh->orig_y[y] = (uint8 *) malloc(sizeof(uint8) * Fsize_x); ++ omfrh->orig_y[y] = (uint8 *) malloc2(sizeof(uint8), Fsize_x); + ERRCHK(omfrh->orig_y[y], "malloc"); + } + +- omfrh->orig_cr = (uint8 **) malloc(sizeof(int8 *) * out_y / 2); ++ omfrh->orig_cr = (uint8 **) malloc2(sizeof(int8 *), out_y / 2); + ERRCHK(omfrh->orig_cr, "malloc"); + for (y = 0; y < out_y / 2; ++y) { +- omfrh->orig_cr[y] = (uint8 *) malloc(sizeof(int8) * Fsize_x / 2); ++ omfrh->orig_cr[y] = (uint8 *) malloc2(sizeof(int8), Fsize_x / 2); + ERRCHK(omfrh->orig_cr[y], "malloc"); + } + +- omfrh->orig_cb = (uint8 **) malloc(sizeof(int8 *) * out_y / 2); ++ omfrh->orig_cb = (uint8 **) malloc2(sizeof(int8 *), out_y / 2); + ERRCHK(omfrh->orig_cb, "malloc"); + for (y = 0; y < out_y / 2; ++y) { +- omfrh->orig_cb[y] = (uint8 *) malloc(sizeof(int8) * Fsize_x / 2); ++ omfrh->orig_cb[y] = (uint8 *) malloc2(sizeof(int8), Fsize_x / 2); + ERRCHK(omfrh->orig_cb[y], "malloc"); + } + +@@ -441,6 +441,7 @@ Frame_Init(unsigned int numOfFramesReque + + for (idx = 0; idx < numOfFrames; ++idx) { + frameMemory[idx] = (MpegFrame *) malloc(sizeof(MpegFrame)); ++ ERRCHK(frameMemory[idx], "malloc"); + frameMemory[idx]->inUse = FALSE; + frameMemory[idx]->orig_y = NULL; + frameMemory[idx]->y_blocks = NULL; +@@ -615,22 +616,22 @@ Frame_AllocBlocks(MpegFrame * const fram + + unsigned int i; + +- frame->y_blocks = (Block **) malloc(sizeof(Block *) * dcty); ++ frame->y_blocks = (Block **) malloc2(sizeof(Block *), dcty); + ERRCHK(frame->y_blocks, "malloc"); + for (i = 0; i < dcty; ++i) { +- frame->y_blocks[i] = (Block *) malloc(sizeof(Block) * dctx); ++ frame->y_blocks[i] = (Block *) malloc2(sizeof(Block), dctx); + ERRCHK(frame->y_blocks[i], "malloc"); + } + +- frame->cr_blocks = (Block **) malloc(sizeof(Block *) * (dcty >> 1)); +- frame->cb_blocks = (Block **) malloc(sizeof(Block *) * (dcty >> 1)); ++ frame->cr_blocks = (Block **) malloc2(sizeof(Block *), (dcty >> 1)); ++ frame->cb_blocks = (Block **) malloc2(sizeof(Block *), (dcty >> 1)); + ERRCHK(frame->cr_blocks, "malloc"); + ERRCHK(frame->cb_blocks, "malloc"); + for (i = 0; i < (dcty >> 1); ++i) { + frame->cr_blocks[i] = (Block *) +- malloc(sizeof(Block) * (dctx >> 1)); ++ malloc2(sizeof(Block), (dctx >> 1)); + frame->cb_blocks[i] = (Block *) +- malloc(sizeof(Block) * (dctx >> 1)); ++ malloc2(sizeof(Block), (dctx >> 1)); + ERRCHK(frame->cr_blocks[i], "malloc"); + ERRCHK(frame->cb_blocks[i], "malloc"); + } +@@ -662,26 +663,26 @@ Frame_AllocYCC(MpegFrame * const frame) + /* + * first, allocate tons of memory + */ +- frame->orig_y = (uint8 **) malloc(sizeof(uint8 *) * Fsize_y); ++ frame->orig_y = (uint8 **) malloc2(sizeof(uint8 *), Fsize_y); + ERRCHK(frame->orig_y, "malloc"); + for (y = 0; y < Fsize_y; ++y) { +- frame->orig_y[y] = (uint8 *) malloc(sizeof(uint8) * Fsize_x); ++ frame->orig_y[y] = (uint8 *) malloc2(sizeof(uint8), Fsize_x); + ERRCHK(frame->orig_y[y], "malloc"); + } + +- frame->orig_cr = (uint8 **) malloc(sizeof(int8 *) * (Fsize_y >> 1)); ++ frame->orig_cr = (uint8 **) malloc2(sizeof(int8 *), (Fsize_y >> 1)); + ERRCHK(frame->orig_cr, "malloc"); + for (y = 0; y < (Fsize_y >> 1); ++y) { + frame->orig_cr[y] = (uint8 *) +- malloc(sizeof(int8) * (Fsize_x >> 1)); ++ malloc2(sizeof(int8), (Fsize_x >> 1)); + ERRCHK(frame->orig_cr[y], "malloc"); + } + +- frame->orig_cb = (uint8 **) malloc(sizeof(int8 *) * (Fsize_y >> 1)); ++ frame->orig_cb = (uint8 **) malloc2(sizeof(int8 *), (Fsize_y >> 1)); + ERRCHK(frame->orig_cb, "malloc"); + for (y = 0; y < (Fsize_y >> 1); ++y) { + frame->orig_cb[y] = (uint8 *) +- malloc(sizeof(int8) * (Fsize_x >> 1)); ++ malloc2(sizeof(int8), (Fsize_x >> 1)); + ERRCHK(frame->orig_cb[y], "malloc"); + } + +@@ -713,22 +714,22 @@ Frame_AllocHalf(MpegFrame * const frame) + } else { + unsigned int y; + +- frame->halfX = (uint8 **) malloc(Fsize_y*sizeof(uint8 *)); ++ frame->halfX = (uint8 **) malloc2(Fsize_y, sizeof(uint8 *)); + ERRCHK(frame->halfX, "malloc"); +- frame->halfY = (uint8 **) malloc((Fsize_y-1)*sizeof(uint8 *)); ++ frame->halfY = (uint8 **) malloc2((Fsize_y-1), sizeof(uint8 *)); + ERRCHK(frame->halfY, "malloc"); +- frame->halfBoth = (uint8 **) malloc((Fsize_y-1)*sizeof(uint8 *)); ++ frame->halfBoth = (uint8 **) malloc2((Fsize_y-1), sizeof(uint8 *)); + ERRCHK(frame->halfBoth, "malloc"); + for (y = 0; y < Fsize_y; ++y) { +- frame->halfX[y] = (uint8 *) malloc((Fsize_x-1)*sizeof(uint8)); ++ frame->halfX[y] = (uint8 *) malloc2((Fsize_x-1), sizeof(uint8)); + ERRCHK(frame->halfX[y], "malloc"); + } + for (y = 0; y < Fsize_y-1; ++y) { +- frame->halfY[y] = (uint8 *) malloc(Fsize_x*sizeof(uint8)); ++ frame->halfY[y] = (uint8 *) malloc2(Fsize_x, sizeof(uint8)); + ERRCHK(frame->halfY[y], "malloc"); + } + for (y = 0; y < Fsize_y-1; ++y) { +- frame->halfBoth[y] = (uint8 *) malloc((Fsize_x-1)*sizeof(uint8)); ++ frame->halfBoth[y] = (uint8 *) malloc2((Fsize_x-1), sizeof(uint8)); + ERRCHK(frame->halfBoth[y], "malloc"); + } + } +@@ -762,26 +763,26 @@ Frame_AllocDecoded(MpegFrame * const fra + it for some reason, so do it this way at least for now -- more + flexible + */ +- frame->decoded_y = (uint8 **) malloc(sizeof(uint8 *) * Fsize_y); ++ frame->decoded_y = (uint8 **) malloc2(sizeof(uint8 *), Fsize_y); + ERRCHK(frame->decoded_y, "malloc"); + for (y = 0; y < Fsize_y; ++y) { +- frame->decoded_y[y] = (uint8 *) malloc(sizeof(uint8) * Fsize_x); ++ frame->decoded_y[y] = (uint8 *) malloc2(sizeof(uint8), Fsize_x); + ERRCHK(frame->decoded_y[y], "malloc"); + } + +- frame->decoded_cr = (uint8 **) malloc(sizeof(int8 *) * (Fsize_y >> 1)); ++ frame->decoded_cr = (uint8 **) malloc2(sizeof(int8 *), (Fsize_y >> 1)); + ERRCHK(frame->decoded_cr, "malloc"); + for (y = 0; y < (Fsize_y >> 1); ++y) { + frame->decoded_cr[y] = (uint8 *) +- malloc(sizeof(uint8) * (Fsize_x >> 1)); ++ malloc2(sizeof(uint8), (Fsize_x >> 1)); + ERRCHK(frame->decoded_cr[y], "malloc"); + } + +- frame->decoded_cb = (uint8 **) malloc(sizeof(int8 *) * (Fsize_y >> 1)); ++ frame->decoded_cb = (uint8 **) malloc2(sizeof(int8 *), (Fsize_y >> 1)); + ERRCHK(frame->decoded_cb, "malloc"); + for (y = 0; y < (Fsize_y >> 1); ++y) { + frame->decoded_cb[y] = (uint8 *) +- malloc(sizeof(uint8) * (Fsize_x >> 1)); ++ malloc2(sizeof(uint8), (Fsize_x >> 1)); + ERRCHK(frame->decoded_cb[y], "malloc"); + } + +--- netpbm-10.30/converter/ppm/ppmtompeg/jpeg.c.security 2005-08-27 20:21:18.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtompeg/jpeg.c 2005-10-21 11:08:57.000000000 +0200 +@@ -228,7 +228,7 @@ int end; /* last frame to + exit(1); + } + +- inoffsets = (int *)malloc(no_frames*sizeof(int)); ++ inoffsets = (int *)malloc2(no_frames, sizeof(int)); + + if (fread (&(width),sizeof(int),1,inFile) != 1) + { +--- netpbm-10.30/converter/ppm/ppmtompeg/iframe.c.security 2005-08-27 20:14:17.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtompeg/iframe.c 2005-10-21 11:08:57.000000000 +0200 +@@ -859,6 +859,7 @@ BlockComputeSNR(current, snr, psnr) + int ysz = (Fsize_y>>3) * sizeof(int32 *); + int xsz = (Fsize_x>>3); + ++ overflow2(Fsize_y>>3, sizeof(int32 *)); + needs_init = FALSE; + for (y=0; y<3; y++) { + varDiff[y] = ratio[y] = total[y] = 0.0; +@@ -877,6 +878,7 @@ BlockComputeSNR(current, snr, psnr) + fprintf(stderr, "Out of memory in BlockComputeSNR\n"); + exit(-1); + } ++ overflow2(xsz, 4); + for (y = 0; y < ySize[0]>>3; y++) { + SignalY[y] = (int32 *) calloc(xsz,4); + SignalCr[y] = (int32 *) calloc(xsz,4); +@@ -1032,27 +1034,27 @@ AllocDctBlocks() + dctx = Fsize_x / DCTSIZE; + dcty = Fsize_y / DCTSIZE; + +- dct = (Block **) malloc(sizeof(Block *) * dcty); ++ dct = (Block **) malloc2(sizeof(Block *), dcty); + ERRCHK(dct, "malloc"); + for (i = 0; i < dcty; i++) { +- dct[i] = (Block *) malloc(sizeof(Block) * dctx); ++ dct[i] = (Block *) malloc2(sizeof(Block), dctx); + ERRCHK(dct[i], "malloc"); + } + +- dct_data = (dct_data_type **) malloc(sizeof(dct_data_type *) * dcty); ++ dct_data = (dct_data_type **) malloc2(sizeof(dct_data_type *), dcty); + ERRCHK(dct_data, "malloc"); + for (i = 0; i < dcty; i++) { +- dct_data[i] = (dct_data_type *) malloc(sizeof(dct_data_type) * dctx); ++ dct_data[i] = (dct_data_type *) malloc2(sizeof(dct_data_type), dctx); + ERRCHK(dct[i], "malloc"); + } + +- dctr = (Block **) malloc(sizeof(Block *) * (dcty >> 1)); +- dctb = (Block **) malloc(sizeof(Block *) * (dcty >> 1)); ++ dctr = (Block **) malloc2(sizeof(Block *), (dcty >> 1)); ++ dctb = (Block **) malloc2(sizeof(Block *), (dcty >> 1)); + ERRCHK(dctr, "malloc"); + ERRCHK(dctb, "malloc"); + for (i = 0; i < (dcty >> 1); i++) { +- dctr[i] = (Block *) malloc(sizeof(Block) * (dctx >> 1)); +- dctb[i] = (Block *) malloc(sizeof(Block) * (dctx >> 1)); ++ dctr[i] = (Block *) malloc2(sizeof(Block), (dctx >> 1)); ++ dctb[i] = (Block *) malloc2(sizeof(Block), (dctx >> 1)); + ERRCHK(dctr[i], "malloc"); + ERRCHK(dctb[i], "malloc"); + } +--- netpbm-10.30/converter/ppm/ppmtopj.c.security 2005-10-07 09:01:27.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtopj.c 2005-10-21 11:08:57.000000000 +0200 +@@ -179,6 +179,7 @@ char *argv[]; + pixels = ppm_readppm( ifp, &cols, &rows, &maxval ); + + pm_close( ifp ); ++ overflow2(cols,2); + obuf = (unsigned char *) pm_allocrow(cols, sizeof(unsigned char)); + cbuf = (unsigned char *) pm_allocrow(cols * 2, sizeof(unsigned char)); + +--- netpbm-10.30/converter/ppm/imgtoppm.c.security 2002-09-06 18:30:03.000000000 +0200 ++++ netpbm-10.30/converter/ppm/imgtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -84,6 +84,7 @@ main(int argc, char ** argv) { + len = atoi((char*) buf ); + if ( fread( buf, len, 1, ifp ) != 1 ) + pm_error( "bad colormap buf" ); ++ overflow2(cmaplen, 3); + if ( cmaplen * 3 != len ) + { + pm_message( +@@ -105,6 +106,7 @@ main(int argc, char ** argv) { + pm_error( "bad pixel data header" ); + buf[8] = '\0'; + len = atoi((char*) buf ); ++ overflow2(cols, rows); + if ( len != cols * rows ) + pm_message( + "pixel data length (%d) does not match image size (%d)", +--- netpbm-10.30/converter/ppm/ximtoppm.c.security 2005-10-07 08:59:40.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ximtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -111,6 +111,7 @@ ReadXimHeader(FILE * const in_fp, + header->bits_channel = atoi(a_head.bits_per_channel); + header->alpha_flag = atoi(a_head.alpha_channel); + if (strlen(a_head.author)) { ++ overflow_add(strlen(a_head.author),1); + if (!(header->author = calloc((unsigned int)strlen(a_head.author)+1, + 1))) { + pm_message("ReadXimHeader: can't calloc author string" ); +@@ -120,6 +121,7 @@ ReadXimHeader(FILE * const in_fp, + strncpy(header->author, a_head.author, strlen(a_head.author)); + } + if (strlen(a_head.date)) { ++ overflow_add(strlen(a_head.date),1); + if (!(header->date =calloc((unsigned int)strlen(a_head.date)+1,1))){ + pm_message("ReadXimHeader: can't calloc date string" ); + return(0); +@@ -128,6 +130,7 @@ ReadXimHeader(FILE * const in_fp, + strncpy(header->date, a_head.date, strlen(a_head.date)); + } + if (strlen(a_head.program)) { ++ overflow_add(strlen(a_head.program),1); + if (!(header->program = calloc( + (unsigned int)strlen(a_head.program) + 1, 1))) { + pm_message("ReadXimHeader: can't calloc program string" ); +@@ -154,6 +157,7 @@ ReadXimHeader(FILE * const in_fp, + if (header->nchannels == 3 && header->bits_channel == 8) + header->ncolors = 0; + else if (header->nchannels == 1 && header->bits_channel == 8) { ++ overflow2(header->ncolors, sizeof(Color)); + header->colors = (Color *)calloc((unsigned int)header->ncolors, + sizeof(Color)); + if (header->colors == NULL) { +--- netpbm-10.30/converter/ppm/pcxtoppm.c.security 2005-09-17 23:47:04.000000000 +0200 ++++ netpbm-10.30/converter/ppm/pcxtoppm.c 2005-10-21 11:58:45.000000000 +0200 +@@ -407,6 +407,7 @@ pcx_planes_to_pixels(pixels, bitplanes, + /* + * clear the pixel buffer + */ ++ overflow2(bytesperline, 8); + npixels = (bytesperline * 8) / bitsperpixel; + p = pixels; + while (--npixels >= 0) +@@ -465,6 +466,7 @@ pcx_16col_to_ppm(ifp, cols, rows, BytesP + } + + /* BytesPerLine should be >= BitsPerPixel * cols / 8 */ ++ overflow2(BytesPerLine, 8); + rawcols = BytesPerLine * 8 / BitsPerPixel; + if( cols > rawcols ) { + pm_message("warning - BytesPerLine = %d, " +@@ -472,6 +474,7 @@ pcx_16col_to_ppm(ifp, cols, rows, BytesP + BytesPerLine, rawcols); + cols = rawcols; + } ++ overflow2(Planes, BytesPerLine); + pcxrow = (unsigned char *) + pm_allocrow(Planes * BytesPerLine, sizeof(unsigned char)); + rawrow = (unsigned char *)pm_allocrow(rawcols, sizeof(unsigned char)); +--- netpbm-10.30/converter/ppm/ppmtopict.c.security 2003-02-22 23:04:40.000000000 +0100 ++++ netpbm-10.30/converter/ppm/ppmtopict.c 2005-10-21 11:08:57.000000000 +0200 +@@ -245,6 +245,8 @@ char *argv[]; + putShort(stdout, 0); /* mode */ + + /* Finally, write out the data. */ ++ overflow_add(cols/MAX_COUNT, 1); ++ overflow_add(cols, cols/MAX_COUNT+1); + packed = (char*) malloc((unsigned)(cols+cols/MAX_COUNT+1)); + oc = 0; + for (row = 0; row < rows; row++) +--- netpbm-10.30/converter/ppm/ppmtomitsu.c.security 2003-07-06 23:04:25.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtomitsu.c 2005-10-21 11:08:57.000000000 +0200 +@@ -164,6 +164,8 @@ int main( argc, argv ) + medias = MSize_User; + + if (dpi300) { ++ overflow2(medias.maxcols, 2); ++ overflow2(medias.maxrows, 2); + medias.maxcols *= 2; + medias.maxrows *= 2; + } +--- netpbm-10.30/converter/ppm/ppmtoilbm.c.security 2005-08-27 19:44:48.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtoilbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -811,11 +811,15 @@ main(argc, argv) + + if( mode != MODE_CMAP ) { + register int i; ++ overflow_add(cols, 15); + MALLOCARRAY_NOFAIL(coded_rowbuf, RowBytes(cols)); + for( i = 0; i < RowBytes(cols); i++ ) + coded_rowbuf[i] = 0; +- if( DO_COMPRESS ) ++ if( DO_COMPRESS ) { ++ overflow2(cols,2); ++ overflow_add(cols *2, 2); + MALLOCARRAY_NOFAIL(compr_rowbuf, WORSTCOMPR(RowBytes(cols))); ++ } + } + + switch( mode ) { +@@ -1906,6 +1910,7 @@ ppm_to_rgb8(ifp, cols, rows, maxval) + + maskmethod = 0; /* no masking - RGB8 uses genlock bits */ + compmethod = 4; /* RGB8 files are always compressed */ ++ overflow2(cols, 4); + MALLOCARRAY_NOFAIL(compr_row, cols * 4); + + if( maxval != 255 ) { +@@ -1994,6 +1999,7 @@ ppm_to_rgbn(ifp, cols, rows, maxval) + + maskmethod = 0; /* no masking - RGBN uses genlock bits */ + compmethod = 4; /* RGBN files are always compressed */ ++ overflow2(cols, 2); + MALLOCARRAY_NOFAIL(compr_row, cols * 2); + + if( maxval != 15 ) { +@@ -2476,6 +2482,7 @@ make_val_table(oldmaxval, newmaxval) + int i; + int *table; + ++ overflow_add(oldmaxval, 1); + MALLOCARRAY_NOFAIL(table, oldmaxval + 1); + for(i = 0; i <= oldmaxval; i++ ) + table[i] = (i * newmaxval + oldmaxval/2) / oldmaxval; +--- netpbm-10.30/converter/ppm/ilbmtoppm.c.security 2005-09-30 00:15:52.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ilbmtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -594,6 +594,7 @@ decode_row(FILE * const ifP, + rawtype *chp; + + cols = bmhdP->w; ++ overflow_add(cols, 15); + bytes = RowBytes(cols); + for( plane = 0; plane < nPlanes; plane++ ) { + int mask; +@@ -681,6 +682,23 @@ decode_mask(FILE * const ifP, + Multipalette handling + ****************************************************************************/ + ++static void * ++xmalloc2(x, y) ++ int x; ++ int y; ++{ ++ void *mem; ++ ++ overflow2(x,y); ++ if( x * y == 0 ) ++ return NULL; ++ ++ mem = malloc2(x,y); ++ if( mem == NULL ) ++ pm_error("out of memory allocating %d bytes", x * y); ++ return mem; ++} ++ + + static void + multi_adjust(cmap, row, palchange) +@@ -1293,6 +1311,9 @@ dcol_to_ppm(FILE * const ifP, + if( redmaxval != maxval || greenmaxval != maxval || bluemaxval != maxval ) + pm_message("scaling colors to %d bits", pm_maxvaltobits(maxval)); + ++ overflow_add(redmaxval, 1); ++ overflow_add(greenmaxval, 1); ++ overflow_add(bluemaxval, 1); + MALLOCARRAY_NOFAIL(redtable, redmaxval +1); + MALLOCARRAY_NOFAIL(greentable, greenmaxval +1); + MALLOCARRAY_NOFAIL(bluetable, bluemaxval +1); +@@ -1724,7 +1745,9 @@ PCHG_ConvertSmall(PCHG, cmap, mask, data + ChangeCount32 = *data++; + datasize -= 2; + ++ overflow_add(ChangeCount16, ChangeCount32); + changes = ChangeCount16 + ChangeCount32; ++ overflow_add(changes, 1); + for( i = 0; i < changes; i++ ) { + if( totalchanges >= PCHG->TotalChanges ) goto fail; + if( datasize < 2 ) goto fail; +@@ -1851,6 +1874,7 @@ PCHG_ConvertBig(PCHG, cmap, mask, datasi + if( datasize < 2 ) goto fail; + changes = BIG_WORD(data); data += 2; datasize -= 2; + ++ overflow_add(changes, 1); + MALLOCARRAY_NOFAIL(cmap->mp_change[row], changes + 1); + for( i = 0; i < changes; i++ ) { + if( totalchanges >= PCHG->TotalChanges ) goto fail; +@@ -1964,6 +1988,9 @@ read_pchg(FILE * const ifp, + cmap->mp_change[i] = NULL; + if( PCHG.StartLine < 0 ) { + int nch; ++ if(PCHG.MaxReg < PCHG.MinReg) ++ pm_error("assert: MinReg > MaxReg"); ++ overflow_add(PCHG.MaxReg-PCHG.MinReg, 2); + nch = PCHG.MaxReg - PCHG.MinReg +1; + MALLOCARRAY_NOFAIL(cmap->mp_init, nch + 1); + for( i = 0; i < nch; i++ ) +@@ -2040,6 +2067,7 @@ process_body( FILE * const ifp, + if( typeid == ID_ILBM ) { + int isdeep; + ++ overflow_add(bmhdP->w, 15); + MALLOCARRAY_NOFAIL(ilbmrow, RowBytes(bmhdP->w)); + *viewportmodesP |= fakeviewport; /* -isham/-isehb */ + +--- netpbm-10.30/converter/ppm/sldtoppm.c.security 2005-10-07 09:00:51.000000000 +0200 ++++ netpbm-10.30/converter/ppm/sldtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -306,7 +306,9 @@ static void slider(slvec, slflood) + } + + /* Allocate image buffer and clear it to black. */ +- ++ ++ overflow_add(ixdots,1); ++ overflow_add(iydots,1); + pixels = ppm_allocarray(pixcols = ixdots + 1, pixrows = iydots + 1); + PPM_ASSIGN(rgbcolor, 0, 0, 0); + ppmd_filledrectangle(pixels, pixcols, pixrows, pixmaxval, 0, 0, +--- netpbm-10.30/converter/ppm/ppmtolj.c.security 2005-08-15 01:37:50.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtolj.c 2005-10-21 11:08:57.000000000 +0200 +@@ -181,6 +181,7 @@ int main(int argc, char *argv[]) { + pixels = ppm_readppm( ifp, &cols, &rows, &maxval ); + + pm_close( ifp ); ++ overflow2(cols,6); + obuf = (unsigned char *) pm_allocrow(cols * 3, sizeof(unsigned char)); + cbuf = (unsigned char *) pm_allocrow(cols * 6, sizeof(unsigned char)); + if (mode == C_TRANS_MODE_DELTA) +--- netpbm-10.30/converter/ppm/ppmtopcx.c.security 2005-08-27 20:25:49.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtopcx.c 2005-10-21 11:08:57.000000000 +0200 +@@ -418,6 +418,8 @@ ppmTo16ColorPcx(pixel ** cons + else Planes = 1; + } + } ++ overflow2(BitsPerPixel, cols); ++ overflow_add(BitsPerPixel * cols, 7); + BytesPerLine = ((cols * BitsPerPixel) + 7) / 8; + MALLOCARRAY_NOFAIL(indexRow, cols); + MALLOCARRAY_NOFAIL(planesrow, BytesPerLine); +--- netpbm-10.30/converter/ppm/Makefile.security 2005-10-21 11:08:57.000000000 +0200 ++++ netpbm-10.30/converter/ppm/Makefile 2005-10-21 11:08:57.000000000 +0200 +@@ -11,7 +11,7 @@ SUBDIRS = ppmtompeg + + PORTBINARIES = 411toppm eyuvtoppm gouldtoppm ilbmtoppm imgtoppm \ + leaftoppm mtvtoppm neotoppm \ +- pcxtoppm pc1toppm pi1toppm picttoppm pjtoppm \ ++ pcxtoppm pc1toppm pi1toppm pjtoppm \ + ppmtoacad ppmtoarbtxt \ + ppmtobmp ppmtoeyuv ppmtogif ppmtoicr ppmtoilbm \ + ppmtoleaf ppmtolj ppmtomitsu ppmtoneo \ +--- netpbm-10.30/converter/ppm/ppmtoxpm.c.security 2005-10-07 09:01:00.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtoxpm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -195,6 +195,7 @@ genNumstr(unsigned int const input, int + unsigned int i; + + /* Allocate memory for printed number. Abort if error. */ ++ overflow_add(digits, 1); + if (!(str = (char *) malloc(digits + 1))) + pm_error("out of memory"); + +@@ -307,6 +308,7 @@ genCmap(colorhist_vector const chv, + unsigned int charsPerPixel; + unsigned int xppMaxval; + ++ if (includeTransparent) overflow_add(ncolors, 1); + MALLOCARRAY(cmap, cmapSize); + if (cmapP == NULL) + pm_error("Out of memory allocating %u bytes for a color map.", +--- netpbm-10.30/converter/ppm/ppmtopjxl.c.security 2003-02-22 23:04:36.000000000 +0100 ++++ netpbm-10.30/converter/ppm/ppmtopjxl.c 2005-10-21 11:08:57.000000000 +0200 +@@ -273,6 +273,8 @@ main(argc, argv) + pm_error("image too large; reduce with ppmscale"); + if (maxval > PCL_MAXVAL) + pm_error("color range too large; reduce with ppmcscale"); ++ if (cols < 0 || rows < 0) ++ pm_error("negative size is not possible"); + + /* Figure out the colormap. */ + fprintf( stderr, "(Computing colormap..." ); fflush( stderr ); +@@ -293,6 +295,8 @@ main(argc, argv) + case 0: /* direct mode (no palette) */ + bpp = bitsperpixel(maxval); /* bits per pixel */ + bpg = bpp; bpb = bpp; ++ overflow2(bpp, 3); ++ overflow_add(bpp*3, 7); + bpp = (bpp*3+7)>>3; /* bytes per pixel now */ + bpr = (bpp<<3)-bpg-bpb; + bpp *= cols; /* bytes per row now */ +@@ -302,9 +306,13 @@ main(argc, argv) + case 3: case 7: pclindex++; + default: + bpp = 8/pclindex; ++ overflow_add(cols, bpp); ++ if(bpp == 0) ++ pm_error("assert: no bpp"); + bpp = (cols+bpp-1)/bpp; /* bytes per row */ + } + ++ overflow2(bpp,2); + if ((inrow = (char *)malloc((unsigned)bpp)) == NULL || + (outrow = (char *)malloc((unsigned)bpp*2)) == NULL || + (runcnt = (signed char *)malloc((unsigned)bpp)) == NULL) +--- netpbm-10.30/converter/ppm/yuvtoppm.c.security 2003-07-06 22:32:09.000000000 +0200 ++++ netpbm-10.30/converter/ppm/yuvtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -72,6 +72,7 @@ main(argc, argv) + + ppm_writeppminit(stdout, cols, rows, (pixval) 255, 0); + pixrow = ppm_allocrow(cols); ++ overflow_add(cols, 1); + MALLOCARRAY(yuvbuf, (cols+1)/2); + if (yuvbuf == NULL) + pm_error("Unable to allocate YUV buffer for %d columns.", cols); +--- netpbm-10.30/converter/ppm/picttoppm.c.security 2005-10-07 09:02:34.000000000 +0200 ++++ netpbm-10.30/converter/ppm/picttoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -1,3 +1,5 @@ ++#error "Unfixable. Don't ship me" ++ + /* + * picttoppm.c -- convert a MacIntosh PICT file to PPM format. + * +--- netpbm-10.30/converter/ppm/ppmtowinicon.c.security 2005-10-07 08:14:24.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtowinicon.c 2005-10-21 11:08:57.000000000 +0200 +@@ -12,6 +12,7 @@ + + #include + #include ++#include + + #include "winico.h" + #include "ppm.h" +@@ -218,6 +219,7 @@ createAndBitmap (gray ** const ba, int c + MALLOCARRAY_NOFAIL(rowData, rows); + icBitmap->xBytes = xBytes; + icBitmap->data = rowData; ++ overflow2(xBytes, rows); + icBitmap->size = xBytes * rows; + for (y=0;yxBytes = xBytes; + icBitmap->data = rowData; ++ overflow2(xBytes, rows); + icBitmap->size = xBytes * rows; + + for (y=0;yxBytes = xBytes; + icBitmap->data = rowData; ++ overflow2(xBytes, rows); + icBitmap->size = xBytes * rows; + + for (y=0;ybitcount = bpp; + entry->ih = createInfoHeader(entry, xorBitmap, andBitmap); + entry->colors = palette->colors; ++ overflow2(4, entry->color_count); ++ overflow_add(xorBitmap->size, andBitmap->size); ++ overflow_add(xorBitmap->size + andBitmap->size, 40); ++ overflow_add(xorBitmap->size + andBitmap->size + 40, 4 * entry->color_count); + entry->size_in_bytes = + xorBitmap->size + andBitmap->size + 40 + (4 * entry->color_count); + if (verbose) +--- netpbm-10.30/converter/ppm/xpmtoppm.c.security 2005-10-07 08:59:22.000000000 +0200 ++++ netpbm-10.30/converter/ppm/xpmtoppm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -700,6 +700,7 @@ ReadXPMFile(FILE * const stream, int * c + &ncolors, colorsP, &ptab); + *transparentP = -1; /* No transparency in version 1 */ + } ++ overflow2(*widthP, *heightP); + totalpixels = *widthP * *heightP; + MALLOCARRAY(*dataP, totalpixels); + if (*dataP == NULL) +--- netpbm-10.30/converter/ppm/ppmtoeyuv.c.security 2005-06-06 23:10:13.000000000 +0200 ++++ netpbm-10.30/converter/ppm/ppmtoeyuv.c 2005-10-21 11:08:57.000000000 +0200 +@@ -113,6 +113,7 @@ create_multiplication_tables(const pixva + + int index; + ++ overflow_add(maxval, 1); + MALLOCARRAY_NOFAIL(mult299 , maxval+1); + MALLOCARRAY_NOFAIL(mult587 , maxval+1); + MALLOCARRAY_NOFAIL(mult114 , maxval+1); +--- netpbm-10.30/converter/pbm/mgrtopbm.c.security 2005-02-20 20:58:25.000000000 +0100 ++++ netpbm-10.30/converter/pbm/mgrtopbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -68,6 +68,8 @@ getinit(FILE * const file, + if (head.h_high < ' ' || head.l_high < ' ') + pm_error("Invalid width field in MGR header"); + ++ overflow_add(*colsP, pad); ++ + *colsP = (((int)head.h_wide - ' ') << 6) + ((int)head.l_wide - ' '); + *rowsP = (((int)head.h_high - ' ') << 6) + ((int) head.l_high - ' '); + *padrightP = ( ( *colsP + pad - 1 ) / pad ) * pad - *colsP; +--- netpbm-10.30/converter/pbm/pbmtoascii.c.security 2002-07-30 17:42:53.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtoascii.c 2005-10-21 11:08:57.000000000 +0200 +@@ -115,9 +115,11 @@ char* argv[]; + pm_usage( usage ); + + pbm_readpbminit( ifp, &cols, &rows, &format ); ++ overflow_add(cols, gridx); + ccols = ( cols + gridx - 1 ) / gridx; + bitrow = pbm_allocrow( cols ); + sig = (int*) pm_allocrow( ccols, sizeof(int) ); ++ overflow_add(ccols, 1); + line = (char*) pm_allocrow( ccols + 1, sizeof(char) ); + + for ( row = 0; row < rows; row += gridy ) +--- netpbm-10.30/converter/pbm/pbmtox10bm.c.security 2005-10-07 09:10:10.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtox10bm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -57,6 +57,7 @@ main(int argc, char * argv[]) { + bitrow = pbm_allocrow( cols ); + + /* Compute padding to round cols up to the nearest multiple of 16. */ ++ overflow_add(cols, 15); + padright = ( ( cols + 15 ) / 16 ) * 16 - cols; + + printf( "#define %s_width %d\n", name, cols ); +--- netpbm-10.30/converter/pbm/pbmtoppa/pbmtoppa.c.security 2005-04-30 18:45:07.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtoppa/pbmtoppa.c 2005-10-21 11:08:57.000000000 +0200 +@@ -441,6 +441,7 @@ main(int argc, char *argv[]) { + pm_error("main(): unrecognized parameter '%s'", argv[argn]); + } + ++ overflow_add(Width, 7); + Pwidth=(Width+7)/8; + printer.fptr=out; + +--- netpbm-10.30/converter/pbm/pbmtoppa/pbm.c.security 2000-06-01 19:20:30.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtoppa/pbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -105,6 +105,7 @@ int pbm_readline(pbm_stat* pbm,unsigned + return 0; + + case P4: ++ overflow_add(pbm->width, 7); + tmp=(pbm->width+7)/8; + tmp2=fread(data,1,tmp,pbm->fptr); + if(tmp2 == tmp) +@@ -129,7 +130,8 @@ void pbm_unreadline (pbm_stat *pbm, void + return; + + pbm->unread = 1; +- pbm->revdata = malloc ((pbm->width+7)/8); ++ overflow_add(pbm->width, 7); ++ pbm->revdata = malloc((pbm->width+7)/8); + memcpy (pbm->revdata, data, (pbm->width+7)/8); + pbm->current_line--; + } +--- netpbm-10.30/converter/pbm/ybmtopbm.c.security 1993-10-04 10:10:35.000000000 +0100 ++++ netpbm-10.30/converter/pbm/ybmtopbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -88,6 +88,7 @@ getinit( file, colsP, rowsP, depthP, pad + pm_error( "EOF / read error" ); + + *depthP = 1; ++ overflow_add(*colsP, 15); + *padrightP = ( ( *colsP + 15 ) / 16 ) * 16 - *colsP; + bitsperitem = 0; + } +--- netpbm-10.30/converter/pbm/pbmtolj.c.security 2005-07-21 18:04:48.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtolj.c 2005-10-21 11:08:57.000000000 +0200 +@@ -119,7 +119,11 @@ parseCommandLine(int argc, char ** argv, + static void + allocateBuffers(unsigned int const cols) { + ++ overflow_add(cols, 8); + rowBufferSize = (cols + 7) / 8; ++ overflow_add(rowBufferSize, 128); ++ overflow_add(rowBufferSize, rowBufferSize+128); ++ overflow_add(rowBufferSize+10, rowBufferSize/8); + packBufferSize = rowBufferSize + (rowBufferSize + 127) / 128 + 1; + deltaBufferSize = rowBufferSize + rowBufferSize / 8 + 10; + +--- netpbm-10.30/converter/pbm/pbmto4425.c.security 2005-10-07 09:13:08.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmto4425.c 2005-10-21 11:57:16.000000000 +0200 +@@ -2,6 +2,7 @@ + + #include "nstring.h" + #include "pbm.h" ++#include + + static char bit_table[2][3] = { + {1, 4, 0x10}, +@@ -160,7 +161,7 @@ main(int argc, char * argv[]) { + xres = vmap_width * 2; + yres = vmap_height * 3; + +- vmap = malloc(vmap_width * vmap_height * sizeof(char)); ++ vmap = malloc3(vmap_width, vmap_height, sizeof(char)); + if(vmap == NULL) + { + pm_error( "Cannot allocate memory" ); +--- netpbm-10.30/converter/pbm/icontopbm.c.security 2005-10-07 09:14:45.000000000 +0200 ++++ netpbm-10.30/converter/pbm/icontopbm.c 2005-10-21 11:55:50.000000000 +0200 +@@ -11,6 +11,7 @@ + */ + + #include ++#include + + #include "nstring.h" + #include "pbm.h" +@@ -87,6 +88,11 @@ ReadIconFile(FILE * const + if ( *heightP <= 0 ) + pm_error( "invalid height (must be positive): %d", *heightP ); + ++ if ( *widthP > INT_MAX - 16 || *widthP < 0) ++ pm_error( "invalid width: %d", *widthP); ++ ++ overflow2(*widthP + 16, *heightP); ++ + data_length = BitmapSize( *widthP, *heightP ); + *dataP = (short unsigned int *) malloc( data_length ); + if ( *dataP == NULL ) +--- netpbm-10.30/converter/pbm/pbmtogem.c.security 2000-06-09 09:07:05.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtogem.c 2005-10-21 11:08:57.000000000 +0200 +@@ -123,6 +123,7 @@ putinit (rows, cols) + bitsperitem = 0; + bitshift = 7; + outcol = 0; ++ overflow_add(cols, 7); + outmax = (cols + 7) / 8; + outrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char)); + lastrow = (unsigned char *) pm_allocrow (outmax, sizeof (unsigned char)); +--- netpbm-10.30/converter/pbm/pbmtogo.c.security 2005-08-27 20:26:12.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtogo.c 2005-10-21 11:08:57.000000000 +0200 +@@ -90,6 +90,7 @@ main( argc, argv ) + bitrow = pbm_allocrow(cols); + + /* Round cols up to the nearest multiple of 8. */ ++ overflow_add(cols, 7); + rucols = ( cols + 7 ) / 8; + bytesperrow = rucols; /* GraphOn uses bytes */ + rucols = rucols * 8; +--- netpbm-10.30/converter/pbm/thinkjettopbm.l.security 2005-01-02 23:39:18.000000000 +0100 ++++ netpbm-10.30/converter/pbm/thinkjettopbm.l 2005-10-21 11:08:57.000000000 +0200 +@@ -94,7 +94,9 @@ DIG [0-9] + \033\*b{DIG}+W { + int l; + if (rowCount >= rowCapacity) { ++ overflow_add(rowCapacity, 100); + rowCapacity += 100; ++ overflow2(rowCapacity, sizeof *rows); + rows = realloc (rows, rowCapacity * sizeof *rows); + if (rows == NULL) + pm_error ("Out of memory."); +@@ -204,6 +206,8 @@ yywrap (void) + /* + * Quite simple since ThinkJet bit arrangement matches PBM + */ ++ ++ overflow2(maxRowLength, 8); + pbm_writepbminit(stdout, maxRowLength*8, rowCount, 0); + + packed_bitrow = malloc(maxRowLength); +--- netpbm-10.30/converter/pbm/pbmtoxbm.c.security 2005-10-07 09:08:17.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtoxbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -100,6 +100,7 @@ main(int argc, char * argv[]) { + bitrow = pbm_allocrow(cols); + + /* Compute padding to round cols up to the nearest multiple of 8. */ ++ overflow_add(cols, 8); + padright = ((cols + 7)/8) * 8 - cols; + + printf("#define %s_width %d\n", name, cols); +--- netpbm-10.30/converter/pbm/mdatopbm.c.security 2005-08-15 09:01:25.000000000 +0200 ++++ netpbm-10.30/converter/pbm/mdatopbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -245,10 +245,13 @@ main(int argc, char **argv) { + pm_readlittleshort(infile, &yy); nInCols = yy; + } + ++ overflow2(nOutCols, 8); + nOutCols = 8 * nInCols; + nOutRows = nInRows; +- if (bScale) ++ if (bScale) { ++ overflow2(nOutRows, 2); + nOutRows *= 2; ++ } + + data = pbm_allocarray(nOutCols, nOutRows); + +--- netpbm-10.30/converter/pbm/pbmtocmuwm.c.security 1993-10-04 10:10:46.000000000 +0100 ++++ netpbm-10.30/converter/pbm/pbmtocmuwm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -43,6 +43,7 @@ main( argc, argv ) + bitrow = pbm_allocrow( cols ); + + /* Round cols up to the nearest multiple of 8. */ ++ overflow_add(cols, 7); + padright = ( ( cols + 7 ) / 8 ) * 8 - cols; + + putinit( rows, cols ); +--- netpbm-10.30/converter/pbm/pbmtomda.c.security 2005-08-15 09:01:50.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtomda.c 2005-10-21 11:08:57.000000000 +0200 +@@ -179,6 +179,7 @@ int main(int argc, char **argv) + + nOutRowsUnrounded = bScale ? nInRows/2 : nInRows; + ++ overflow_add(nOutRowsUnrounded, 3); + nOutRows = ((nOutRowsUnrounded + 3) / 4) * 4; + /* MDA wants rows a multiple of 4 */ + nOutCols = nInCols / 8; +--- netpbm-10.30/converter/pbm/pbmtozinc.c.security 2005-10-07 09:08:07.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtozinc.c 2005-10-21 11:08:57.000000000 +0200 +@@ -65,6 +65,7 @@ main(int argc, char * argv[]) { + bitrow = pbm_allocrow( cols ); + + /* Compute padding to round cols up to the nearest multiple of 16. */ ++ overflow_add(cols, 16); + padright = ( ( cols + 15 ) / 16 ) * 16 - cols; + + printf( "USHORT %s[] = {\n",name); +--- netpbm-10.30/converter/pbm/pbmtoicon.c.security 2002-07-30 17:47:48.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtoicon.c 2005-10-21 11:08:57.000000000 +0200 +@@ -42,6 +42,7 @@ main( argc, argv ) + bitrow = pbm_allocrow( cols ); + + /* Round cols up to the nearest multiple of 16. */ ++ overflow_add(cols, 15); + pad = ( ( cols + 15 ) / 16 ) * 16 - cols; + padleft = pad / 2; + padright = pad - padleft; +--- netpbm-10.30/converter/pbm/pbmtomacp.c.security 2002-09-06 18:04:22.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pbmtomacp.c 2005-10-21 11:08:57.000000000 +0200 +@@ -104,6 +104,7 @@ char *argv[]; + if( !lflg ) + left = 0; + ++ overflow_add(left, MAX_COLS - 1); + if( rflg ) + { if( right - left >= MAX_COLS ) + right = left + MAX_COLS - 1; +@@ -114,6 +115,8 @@ char *argv[]; + if( !tflg ) + top = 0; + ++ overflow_add(top, MAX_LINES - 1); ++ + if( bflg ) + { if( bottom - top >= MAX_LINES ) + bottom = top + MAX_LINES - 1; +--- netpbm-10.30/converter/pbm/pbmtomgr.c.security 1993-10-04 10:10:50.000000000 +0100 ++++ netpbm-10.30/converter/pbm/pbmtomgr.c 2005-10-21 11:08:57.000000000 +0200 +@@ -43,6 +43,7 @@ main( argc, argv ) + bitrow = pbm_allocrow( cols ); + + /* Round cols up to the nearest multiple of 8. */ ++ overflow_add(cols, 7); + padright = ( ( cols + 7 ) / 8 ) * 8 - cols; + + putinit( rows, cols ); +--- netpbm-10.30/converter/pbm/pbmto10x.c.security 2004-03-20 05:23:36.000000000 +0100 ++++ netpbm-10.30/converter/pbm/pbmto10x.c 2005-10-21 11:08:57.000000000 +0200 +@@ -162,7 +162,7 @@ main(int argc, char * argv[]) { + res_60x72(); + + pm_close(ifp); +- exit(0); ++ return 0; + } + + +--- netpbm-10.30/converter/pbm/pbmtoybm.c.security 1993-10-04 10:10:43.000000000 +0100 ++++ netpbm-10.30/converter/pbm/pbmtoybm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -45,6 +45,7 @@ main( argc, argv ) + bitrow = pbm_allocrow( cols ); + + /* Compute padding to round cols up to the nearest multiple of 16. */ ++ overflow_add(cols, 16); + padright = ( ( cols + 15 ) / 16 ) * 16 - cols; + + putinit( cols, rows ); +--- netpbm-10.30/converter/pbm/pktopbm.c.security 2005-10-07 09:07:14.000000000 +0200 ++++ netpbm-10.30/converter/pbm/pktopbm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -276,6 +276,7 @@ main(int argc, char *argv[]) { + if (flagbyte == 7) { /* long form preamble */ + integer packetlength = get32() ; /* character packet length */ + car = get32() ; /* character number */ ++ overflow_add(packetlength, pktopbm_pkloc); + endofpacket = packetlength + pktopbm_pkloc; + /* calculate end of packet */ + if ((car >= MAXPKCHAR) || !filename[car]) { +--- netpbm-10.30/converter/other/pngtopnm.c.security 2005-09-17 23:52:51.000000000 +0200 ++++ netpbm-10.30/converter/other/pngtopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -985,19 +985,24 @@ convertpng(FILE * const ifp, + pm_error ("couldn't allocate space for image"); + } + +- if (info_ptr->bit_depth == 16) ++ if (info_ptr->bit_depth == 16) { ++ overflow2(2, info_ptr->width); + linesize = 2 * info_ptr->width; +- else ++ } else + linesize = info_ptr->width; + +- if (info_ptr->color_type == PNG_COLOR_TYPE_GRAY_ALPHA) ++ if (info_ptr->color_type == PNG_COLOR_TYPE_GRAY_ALPHA) { ++ overflow2(2, linesize); + linesize *= 2; +- else +- if (info_ptr->color_type == PNG_COLOR_TYPE_RGB) ++ } else ++ if (info_ptr->color_type == PNG_COLOR_TYPE_RGB) { ++ overflow2(3, linesize); + linesize *= 3; +- else +- if (info_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA) ++ } else ++ if (info_ptr->color_type == PNG_COLOR_TYPE_RGB_ALPHA) { ++ overflow2(4, linesize); + linesize *= 4; ++ } + + for (y = 0 ; y < info_ptr->height ; y++) { + png_image[y] = malloc (linesize); +--- netpbm-10.30/converter/other/tifftopnm.c.security 2005-10-07 08:32:30.000000000 +0200 ++++ netpbm-10.30/converter/other/tifftopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -742,7 +742,8 @@ convertRasterByRows(FILE * const + if (scanbuf == NULL) + pm_error("can't allocate memory for scanline buffer"); + +- MALLOCARRAY(samplebuf, cols * spp); ++ /* samplebuf is unsigned int * !!! */ ++ samplebuf = (unsigned int *) malloc3(cols , sizeof(unsigned int) , spp); + if (samplebuf == NULL) + pm_error ("can't allocate memory for row buffer"); + +--- netpbm-10.30/converter/other/pnmtoddif.c.security 2002-07-30 19:09:13.000000000 +0200 ++++ netpbm-10.30/converter/other/pnmtoddif.c 2005-10-21 11:08:57.000000000 +0200 +@@ -484,6 +484,7 @@ int main(int argc, char *argv[]) + switch (PNM_FORMAT_TYPE(format)) { + case PBM_TYPE: + ip.bits_per_pixel = 1; ++ overflow_add(cols, 7); + ip.bytes_per_line = (cols + 7) / 8; + ip.spectral = 2; + ip.components = 1; +@@ -499,6 +500,7 @@ int main(int argc, char *argv[]) + ip.polarity = 2; + break; + case PPM_TYPE: ++ overflow2(cols, 3); + ip.bytes_per_line = 3 * cols; + ip.bits_per_pixel = 24; + ip.spectral = 5; +--- netpbm-10.30/converter/other/xwdtopnm.c.security 2005-10-07 08:32:02.000000000 +0200 ++++ netpbm-10.30/converter/other/xwdtopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -285,6 +285,9 @@ processX10Header(X10WDFileHeader * cons + *colorsP = pnm_allocrow( 2 ); + PNM_ASSIGN1( (*colorsP)[0], 0 ); + PNM_ASSIGN1( (*colorsP)[1], *maxvalP ); ++ overflow_add(h10P->pixmap_width, 15); ++ if(h10P->pixmap_width < 0) ++ pm_error("assert: negative width"); + *padrightP = + ( ( h10P->pixmap_width + 15 ) / 16 ) * 16 - h10P->pixmap_width; + *bits_per_itemP = 16; +@@ -294,9 +297,13 @@ processX10Header(X10WDFileHeader * cons + *formatP = PGM_TYPE; + *visualclassP = StaticGray; + *maxvalP = ( 1 << h10P->display_planes ) - 1; ++ overflow_add(*maxvalP, 1); + *colorsP = pnm_allocrow( *maxvalP + 1 ); + for ( i = 0; i <= *maxvalP; ++i ) + PNM_ASSIGN1( (*colorsP)[i], i ); ++ overflow_add(h10P->pixmap_width, 15); ++ if(h10P->pixmap_width < 0) ++ pm_error("assert: negative width"); + *padrightP = + ( ( h10P->pixmap_width + 15 ) / 16 ) * 16 - h10P->pixmap_width; + *bits_per_itemP = 16; +@@ -615,6 +622,7 @@ processX11Header(X11WDFileHeader * cons + + *colsP = h11FixedP->pixmap_width; + *rowsP = h11FixedP->pixmap_height; ++ overflow2(h11FixedP->bytes_per_line, 8); + *padrightP = + h11FixedP->bytes_per_line * 8 / h11FixedP->bits_per_pixel - + h11FixedP->pixmap_width; +--- netpbm-10.30/converter/other/pnmtorle.c.security 2005-05-22 19:01:43.000000000 +0200 ++++ netpbm-10.30/converter/other/pnmtorle.c 2005-10-21 11:08:57.000000000 +0200 +@@ -19,6 +19,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * pnmtorle - A program which will convert pbmplus (ppm or pgm) images +--- netpbm-10.30/converter/other/pnmtops.c.security 2005-10-07 08:45:02.000000000 +0200 ++++ netpbm-10.30/converter/other/pnmtops.c 2005-10-21 11:08:57.000000000 +0200 +@@ -184,16 +184,21 @@ parseCommandLine(int argc, char ** argv, + cmdlineP->canturn = !noturn; + cmdlineP->showpage = !noshowpage; + ++ overflow2(width, 72); + cmdlineP->width = width * 72; ++ overflow2(width, 72); + cmdlineP->height = height * 72; + +- if (imagewidth_spec) ++ if (imagewidth_spec) { ++ overflow2(imagewidth, 72); + cmdlineP->imagewidth = imagewidth * 72; ++ } + else + cmdlineP->imagewidth = 0; +- if (imageheight_spec) ++ if (imageheight_spec) { ++ overflow2(imagewidth, 72); + cmdlineP->imageheight = imageheight * 72; +- else ++ } else + cmdlineP->imageheight = 0; + + if (!cmdlineP->psfilter && +--- netpbm-10.30/converter/other/pnmtojpeg.c.security 2005-10-07 08:46:56.000000000 +0200 ++++ netpbm-10.30/converter/other/pnmtojpeg.c 2005-10-21 11:08:57.000000000 +0200 +@@ -587,6 +587,8 @@ compute_rescaling_array(JSAMPLE ** const + const long half_maxval = maxval / 2; + long val; + ++ overflow_add(maxval, 1); ++ overflow2(maxval+1, sizeof(JSAMPLE)); + *rescale_p = (JSAMPLE *) + (cinfo.mem->alloc_small) ((j_common_ptr) &cinfo, JPOOL_IMAGE, + (size_t) (((long) maxval + 1L) * +@@ -663,6 +665,7 @@ convert_scanlines(struct jpeg_compress_s + */ + + /* Allocate the libpnm output and compressor input buffers */ ++ overflow2(cinfo_p->image_width, cinfo_p->input_components); + buffer = (*cinfo_p->mem->alloc_sarray) + ((j_common_ptr) cinfo_p, JPOOL_IMAGE, + (unsigned int) cinfo_p->image_width * cinfo_p->input_components, +@@ -930,7 +933,11 @@ read_scan_script (j_compress_ptr cinfo, + * want JPOOL_PERMANENT. + */ + const unsigned int scan_info_size = nscans * sizeof(jpeg_scan_info); +- jpeg_scan_info * const scan_info = ++ const jpeg_scan_info * scan_info; ++ ++ overflow2(nscans, sizeof(jpeg_scan_info)); ++ ++ scan_info = + (jpeg_scan_info *) + (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE, + scan_info_size); +--- netpbm-10.30/converter/other/jpegtopnm.c.security 2005-10-07 08:57:11.000000000 +0200 ++++ netpbm-10.30/converter/other/jpegtopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -828,6 +828,7 @@ convertImage(FILE * + /* Calculate output image dimensions so we can allocate space */ + jpeg_calc_output_dimensions(cinfoP); + ++ overflow2(cinfoP->output_width, cinfoP->output_components); + jpegbuffer = ((*cinfoP->mem->alloc_sarray) + ((j_common_ptr) cinfoP, JPOOL_IMAGE, + cinfoP->output_width * cinfoP->output_components, +--- netpbm-10.30/converter/other/pbmtopgm.c.security 2004-09-18 05:15:02.000000000 +0200 ++++ netpbm-10.30/converter/other/pbmtopgm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -45,6 +45,7 @@ main(int argc, char *argv[]) { + "than the image height (%u rows)", height, rows); + + outrow = pgm_allocrow(cols) ; ++ overflow2(width, height); + maxval = MIN(PGM_OVERALLMAXVAL, width*height); + pgm_writepgminit(stdout, cols, rows, maxval, 0) ; + +--- netpbm-10.30/converter/other/pnmtosgi.c.security 2003-07-10 06:04:07.000000000 +0200 ++++ netpbm-10.30/converter/other/pnmtosgi.c 2005-10-21 11:08:57.000000000 +0200 +@@ -213,6 +213,22 @@ write_channels(cols, rows, channels, put + } + } + ++static void * ++xmalloc2(int x, int y) ++{ ++ void *mem; ++ ++ overflow2(x,y); ++ if( x * y == 0 ) ++ return NULL; ++ ++ mem = malloc2(x, y); ++ if( mem == NULL ) ++ pm_error("out of memory allocating %d bytes", x * y); ++ return mem; ++} ++ ++ + static void + put_big_short(short s) + { +@@ -250,6 +266,7 @@ build_channels(FILE *ifp, int cols, int + #endif + + if( storage != STORAGE_VERBATIM ) { ++ overflow2(channels, rows); + MALLOCARRAY_NOFAIL(table, channels * rows); + MALLOCARRAY_NOFAIL(rletemp, WORSTCOMPR(cols)); + } +@@ -303,6 +320,8 @@ compress(temp, row, rows, cols, chan_no, + break; + case STORAGE_RLE: + tabrow = chan_no * rows + row; ++ overflow2(chan_no, rows); ++ overflow_add(chan_no* rows, row); + len = rle_compress(temp, cols); /* writes result into rletemp */ + channel[chan_no][row].length = len; + MALLOCARRAY(p, len); +--- netpbm-10.30/converter/other/rletopnm.c.security 2005-10-16 21:47:36.000000000 +0200 ++++ netpbm-10.30/converter/other/rletopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -19,6 +19,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rletopnm - A conversion program to convert from Utah's "rle" image format +--- netpbm-10.30/converter/other/sirtopnm.c.security 2002-01-04 18:22:45.000000000 +0100 ++++ netpbm-10.30/converter/other/sirtopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -69,6 +69,7 @@ char* argv[]; + } + break; + case PPM_TYPE: ++ overflow3(cols, rows, 3); + picsize = cols * rows * 3; + planesize = cols * rows; + if ( !( sirarray = (unsigned char*) malloc( picsize ) ) ) +--- netpbm-10.30/converter/other/gemtopnm.c.security 2005-08-27 19:30:45.000000000 +0200 ++++ netpbm-10.30/converter/other/gemtopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -106,6 +106,7 @@ main(argc, argv) + + pnm_writepnminit( stdout, cols, rows, MAXVAL, type, 0 ); + ++ overflow_add(cols, padright); + { + /* allocate input row data structure */ + int plane; +--- netpbm-10.30/converter/other/sgitopnm.c.security 2005-08-27 19:33:09.000000000 +0200 ++++ netpbm-10.30/converter/other/sgitopnm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -252,13 +252,17 @@ read_channels(ifp, head, table, func, oc + + if (ochan < 0) { + maxchannel = (head->zsize < 3) ? head->zsize : 3; ++ overflow2(head->ysize, maxchannel); + MALLOCARRAY_NOFAIL(image, head->ysize * maxchannel); + } else { + maxchannel = ochan + 1; + MALLOCARRAY_NOFAIL(image, head->ysize); + } +- if ( table ) ++ if ( table ) { ++ overflow2(head->xsize, 2); ++ overflow_add(head->xsize*2, 2); + MALLOCARRAY_NOFAIL(temp, WORSTCOMPR(head->xsize)); ++ } + + for( channel = 0; channel < maxchannel; channel++ ) { + #ifdef DEBUG +--- netpbm-10.30/analyzer/pgmhist.c.security 2003-07-06 21:23:19.000000000 +0200 ++++ netpbm-10.30/analyzer/pgmhist.c 2005-10-21 11:08:57.000000000 +0200 +@@ -45,6 +45,7 @@ main( argc, argv ) + grayrow = pgm_allocrow( cols ); + + /* Build histogram. */ ++ overflow_add(maxval, 1); + MALLOCARRAY(hist, maxval + 1); + MALLOCARRAY(rcount, maxval + 1); + if ( hist == NULL || rcount == NULL ) +--- netpbm-10.30/analyzer/pgmtexture.c.security 2005-10-05 18:37:49.000000000 +0200 ++++ netpbm-10.30/analyzer/pgmtexture.c 2005-10-21 11:54:17.000000000 +0200 +@@ -78,6 +78,9 @@ vector (int nl, int nh) + { + float *v; + ++ if(nh < nl) ++ pm_error("assert: h < l"); ++ overflow_add(nh - nl, 1); + MALLOCARRAY(v, (unsigned) (nh - nl + 1)); + if (v == NULL) + pm_error("Unable to allocate memory for a vector."); +@@ -94,6 +97,9 @@ matrix (int nrl, int nrh, int ncl, int n + float **m; + + /* allocate pointers to rows */ ++ if(nrh < nrl) ++ pm_error("assert: h < l"); ++ overflow_add(nrh - nrl, 1); + MALLOCARRAY(m, (unsigned) (nrh - nrl + 1)); + if (m == NULL) + pm_error("Unable to allocate memory for a matrix."); +@@ -101,6 +107,9 @@ matrix (int nrl, int nrh, int ncl, int n + m -= ncl; + + /* allocate rows and set pointers to them */ ++ if(nch < ncl) ++ pm_error("assert: h < l"); ++ overflow_add(nch - ncl, 1); + for (i = nrl; i <= nrh; i++) + { + MALLOCARRAY(m[i], (unsigned) (nch - ncl + 1)); +--- netpbm-10.30/lib/libpbm1.c.security 2005-02-05 19:41:54.000000000 +0100 ++++ netpbm-10.30/lib/libpbm1.c 2005-10-21 11:08:57.000000000 +0200 +@@ -56,6 +56,7 @@ pbm_check(FILE * file, const enum pm_che + pm_message("pm_filepos passed to pm_check() is %u bytes", + sizeof(pm_filepos)); + #endif ++ overflow2(bytes_per_row, rows); + pm_check(file, check_type, need_raster_size, retval_p); + } + } +--- netpbm-10.30/lib/pm.h.security 2005-10-07 08:18:07.000000000 +0200 ++++ netpbm-10.30/lib/pm.h 2005-10-21 11:08:57.000000000 +0200 +@@ -342,4 +342,10 @@ pm_arg0toprogname(const char arg0[]); + #endif + + ++void *malloc2(int, int); ++void *malloc3(int, int, int); ++void overflow2(int, int); ++void overflow3(int, int, int); ++void overflow_add(int, int); ++ + #endif +--- netpbm-10.30/lib/libpammap.c.security 2005-09-23 18:08:17.000000000 +0200 ++++ netpbm-10.30/lib/libpammap.c 2005-10-21 11:08:57.000000000 +0200 +@@ -101,6 +101,8 @@ allocTupleIntListItem(struct pam * const + */ + struct tupleint_list_item * retval; + ++ overflow2(pamP->depth, sizeof(sample)); ++ overflow_add(sizeof(*retval)-sizeof(retval->tupleint.tuple), pamP->depth*sizeof(sample)); + unsigned int const size = + sizeof(*retval) - sizeof(retval->tupleint.tuple) + + pamP->depth * sizeof(sample); +--- netpbm-10.30/lib/libpam.c.security 2005-10-10 17:42:51.000000000 +0200 ++++ netpbm-10.30/lib/libpam.c 2005-10-21 11:08:57.000000000 +0200 +@@ -272,7 +272,8 @@ allocPamRow(const struct pam * const pam + int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample); + tuple * tuplerow; + +- tuplerow = malloc(pamP->width * (sizeof(tuple *) + bytesPerTuple)); ++ overflow_add(sizeof(tuple *), bytesPerTuple); ++ tuplerow = malloc2(pamP->width, sizeof(tuple *) + bytesPerTuple); + + if (tuplerow != NULL) { + /* Now we initialize the pointers to the individual tuples +--- netpbm-10.30/lib/libpm.c.security 2005-10-09 03:16:17.000000000 +0200 ++++ netpbm-10.30/lib/libpm.c 2005-10-21 11:08:57.000000000 +0200 +@@ -36,6 +36,7 @@ + /* This makes the the x64() functions available on AIX */ + + #include ++#include + #include + #include + #include +@@ -155,7 +156,7 @@ char* + pm_allocrow(int const cols, int const size) { + char * itrow; + +- itrow = malloc( cols * size ); ++ itrow = (char*) malloc2( cols , size ); + if ( itrow == NULL ) + pm_error( "out of memory allocating a row" ); + return itrow; +@@ -195,7 +196,7 @@ pm_allocarray(int const cols, int const + if (rowIndex == NULL) + pm_error("out of memory allocating row index (%u rows) for an array", + rows); +- rowheap = malloc(rows * cols * size); ++ rowheap = malloc3(rows, cols, size); + if (rowheap == NULL) { + /* We couldn't get the whole heap in one block, so try fragmented + format. +@@ -1341,4 +1342,53 @@ pm_check(FILE * const file + } + + ++/* ++ * Maths wrapping ++ */ ++ ++void overflow2(int a, int b) ++{ ++ if(a < 0 || b < 0) ++ pm_error("object too large"); ++ if(b == 0) ++ return; ++ if(a > INT_MAX / b) ++ pm_error("object too large"); ++} ++ ++void overflow3(int a, int b, int c) ++{ ++ overflow2(a,b); ++ overflow2(a*b, c); ++} ++ ++void overflow_add(int a, int b) ++{ ++ if( a > INT_MAX - b) ++ pm_error("object too large"); ++} ++ ++void *malloc2(int a, int b) ++{ ++ overflow2(a, b); ++ if(a*b == 0) ++ pm_error("Zero byte allocation"); ++ return malloc(a*b); ++} ++ ++void *malloc3(int a, int b, int c) ++{ ++ overflow3(a, b, c); ++ if(a*b*c == 0) ++ pm_error("Zero byte allocation"); ++ return malloc(a*b*c); ++} ++ ++void *realloc2(void * a, int b, int c) ++{ ++ overflow2(b, c); ++ if(b*c == 0) ++ pm_error("Zero byte allocation"); ++ return realloc(a, b*c); ++} + +--- netpbm-10.30/lib/libpbmvms.c.security 2005-08-27 19:24:54.000000000 +0200 ++++ netpbm-10.30/lib/libpbmvms.c 2005-10-21 11:08:57.000000000 +0200 +@@ -1,3 +1,5 @@ ++#warning "NOT AUDITED" ++ + /*************************************************************************** + This file contains library routines needed to build Netpbm for VMS. + However, as of 2000.05.26, when these were split out of libpbm1.c +--- netpbm-10.30/editor/pbmreduce.c.security 2003-07-06 21:41:49.000000000 +0200 ++++ netpbm-10.30/editor/pbmreduce.c 2005-10-21 11:08:57.000000000 +0200 +@@ -93,6 +93,7 @@ main( argc, argv ) + + if ( halftone == QT_FS ) { + /* Initialize Floyd-Steinberg. */ ++ overflow_add(newcols, 2); + MALLOCARRAY(thiserr, newcols + 2); + MALLOCARRAY(nexterr, newcols + 2); + if ( thiserr == NULL || nexterr == NULL ) +--- netpbm-10.30/editor/pnmindex.csh.security 2000-09-14 07:37:35.000000000 +0200 ++++ netpbm-10.30/editor/pnmindex.csh 2005-10-21 11:08:57.000000000 +0200 +@@ -1,5 +1,8 @@ + #!/bin/csh -f + # ++echo "Unsafe code, needs debugging, do not ship" ++exit 1 ++# + # pnmindex - build a visual index of a bunch of anymaps + # + # Copyright (C) 1991 by Jef Poskanzer. +--- netpbm-10.30/editor/pnmscalefixed.c.security 2002-07-30 19:52:49.000000000 +0200 ++++ netpbm-10.30/editor/pnmscalefixed.c 2005-10-21 11:08:57.000000000 +0200 +@@ -209,6 +209,8 @@ compute_output_dimensions(const struct c + const int rows, const int cols, + int * newrowsP, int * newcolsP) { + ++ overflow2(rows, cols); ++ + if (cmdline.pixels) { + if (rows * cols <= cmdline.pixels) { + *newrowsP = rows; +@@ -260,6 +262,8 @@ compute_output_dimensions(const struct c + + if (*newcolsP < 1) *newcolsP = 1; + if (*newrowsP < 1) *newrowsP = 1; ++ ++ overflow2(*newcolsP, *newrowsP); + } + + +@@ -441,6 +445,9 @@ main(int argc, char **argv ) { + unfilled. We can address that by stretching, whereas the other + case would require throwing away some of the input. + */ ++ ++ overflow2(newcols, SCALE); ++ overflow2(newrows, SCALE); + sxscale = SCALE * newcols / cols; + syscale = SCALE * newrows / rows; + +--- netpbm-10.30/editor/pnmcut.c.security 2002-07-30 19:47:37.000000000 +0200 ++++ netpbm-10.30/editor/pnmcut.c 2005-10-21 11:08:57.000000000 +0200 +@@ -373,6 +373,7 @@ main(int argc, char *argv[]) { + toprow, leftcol, bottomrow, rightcol); + } + ++ overflow_add(rightcol, 1); + output_cols = rightcol-leftcol+1; + output_row = pnm_allocrow(output_cols); + +--- netpbm-10.30/editor/pamoil.c.security 2005-08-15 09:05:44.000000000 +0200 ++++ netpbm-10.30/editor/pamoil.c 2005-10-21 11:08:57.000000000 +0200 +@@ -112,6 +112,7 @@ main(int argc, char *argv[] ) { + tuples = pnm_readpam(ifp, &inpam, PAM_STRUCT_SIZE(tuple_type)); + pm_close(ifp); + ++ overflow_add(inpam.maxval, 1); + MALLOCARRAY(hist, inpam.maxval + 1); + if (hist == NULL) + pm_error("Unable to allocate memory for histogram."); +--- netpbm-10.30/editor/pnmremap.c.security 2005-10-17 01:27:13.000000000 +0200 ++++ netpbm-10.30/editor/pnmremap.c 2005-10-21 11:08:57.000000000 +0200 +@@ -281,6 +281,7 @@ initFserr(struct pam * const pamP, + + unsigned int const fserrSize = pamP->width + 2; + ++ overflow_add(pamP->width, 2); + MALLOCARRAY(fserrP->thiserr, pamP->depth); + if (fserrP->thiserr == NULL) + pm_error("Out of memory allocating Floyd-Steinberg structures " +@@ -324,6 +325,7 @@ floydInitRow(struct pam * const pamP, st + + int col; + ++ overflow_add(pamP->width, 2); + for (col = 0; col < pamP->width + 2; ++col) { + unsigned int plane; + for (plane = 0; plane < pamP->depth; ++plane) +--- netpbm-10.30/editor/pnmpad.c.security 2005-05-22 20:30:30.000000000 +0200 ++++ netpbm-10.30/editor/pnmpad.c 2005-10-21 11:08:57.000000000 +0200 +@@ -358,6 +358,8 @@ main(int argc, char ** argv) { + + computePadSizes(cmdline, cols, rows, &lpad, &rpad, &tpad, &bpad); + ++ overflow_add(cols, lpad); ++ overflow_add(cols + lpad, rpad); + newcols = cols + lpad + rpad; + xelrow = pnm_allocrow(newcols); + bgrow = pnm_allocrow(newcols); +--- netpbm-10.30/editor/pamcut.c.security 2005-08-15 00:35:26.000000000 +0200 ++++ netpbm-10.30/editor/pamcut.c 2005-10-21 11:08:57.000000000 +0200 +@@ -510,6 +510,8 @@ main(int argc, char *argv[]) { + outpam.width = rightcol-leftcol+1; + outpam.height = bottomrow-toprow+1; + ++ overflow_add(rightcol, 1); ++ overflow_add(toprow, 1); + pnm_writepaminit(&outpam); + + /* Write out top padding */ +--- netpbm-10.30/editor/pbmlife.c.security 1993-10-04 10:10:37.000000000 +0100 ++++ netpbm-10.30/editor/pbmlife.c 2005-10-21 11:08:57.000000000 +0200 +@@ -54,7 +54,7 @@ char* argv[]; + prevrow = thisrow; + thisrow = nextrow; + nextrow = temprow; +- if ( row < rows - 1 ) ++ if ( row <= rows ) + pbm_readpbmrow( ifp, nextrow, cols, format ); + + for ( col = 0; col < cols; ++col ) +--- netpbm-10.30/editor/pnmrotate.c.security 2005-08-15 08:17:25.000000000 +0200 ++++ netpbm-10.30/editor/pnmrotate.c 2005-10-21 11:08:57.000000000 +0200 +@@ -13,6 +13,7 @@ + #define _XOPEN_SOURCE /* get M_PI in math.h */ + + #include ++#include + + #include "pnm.h" + #include "shhopt.h" +@@ -570,11 +571,18 @@ main(int argc, char *argv[]) { + yshearfac = sin(cmdline.angle); + if (yshearfac < 0.0) + yshearfac = -yshearfac; ++ overflow2(rows, xshearfac); ++ overflow_add(cols, 1); ++ overflow_add(rows * xshearfac, cols); + tempcols = rows * xshearfac + cols + 0.999999; + yshearjunk = (tempcols - cols) * yshearfac; + newrows = tempcols * yshearfac + rows + 0.999999; + x2shearjunk = (newrows - rows - yshearjunk) * xshearfac; + newrows -= 2 * yshearjunk; ++ ++ if(newrows * xshearfac + tempcols + 0.999999 - 2 * x2shearjunk > INT_MAX) ++ pm_error("image too large"); ++ + newcols = newrows * xshearfac + tempcols + 0.999999 - 2 * x2shearjunk; + direction = cmdline.angle > 0 ? COUNTERCLOCKWISE : CLOCKWISE; + +--- netpbm-10.30/editor/pnmpaste.c.security 2002-07-30 19:47:35.000000000 +0200 ++++ netpbm-10.30/editor/pnmpaste.c 2005-10-21 11:08:57.000000000 +0200 +@@ -100,11 +100,16 @@ main( argc, argv ) + "y is too large -- the second anymap has only %d rows", + rows2 ); + ++ overflow_add(x, cols2); ++ overflow_add(y, rows2); + if ( x < 0 ) + x += cols2; + if ( y < 0 ) + y += rows2; + ++ overflow_add(x, cols1); ++ overflow_add(y, rows1); ++ + if ( x + cols1 > cols2 ) + pm_error( "x + width is too large by %d pixels", x + cols1 - cols2 ); + if ( y + rows1 > rows2 ) +--- netpbm-10.30/editor/pbmclean.c.security 2005-02-27 17:33:57.000000000 +0100 ++++ netpbm-10.30/editor/pbmclean.c 2005-10-21 11:08:57.000000000 +0200 +@@ -147,7 +147,7 @@ nextrow(FILE * const ifd, int const row, + inrow[0] = inrow[1]; + inrow[1] = inrow[2]; + inrow[2] = shuffle ; +- if (row+1 < rows) { ++ if (row <= rows) { + /* Read the "next" row in from the file. Allocate buffer if neeeded */ + if (inrow[2] == NULL) + inrow[2] = pbm_allocrow(cols); +--- netpbm-10.30/editor/ppmdither.c.security 2003-07-06 21:54:02.000000000 +0200 ++++ netpbm-10.30/editor/ppmdither.c 2005-10-21 11:08:57.000000000 +0200 +@@ -111,6 +111,9 @@ dith_matrix(unsigned int const dith_dim) + (dith_dim * sizeof(int *)) + /* pointers */ + (dith_dim * dith_dim * sizeof(int)); /* data */ + ++ overflow2(dith_dim, sizeof(int *)); ++ overflow3(dith_dim, dith_dim, sizeof(int)); ++ overflow_add(dith_dim * sizeof(int *), dith_dim * dith_dim * sizeof(int)); + dith_mat = (unsigned int **) malloc(dith_mat_sz); + + if (dith_mat == NULL) +@@ -165,7 +168,8 @@ dith_setup(const unsigned int dith_power + if (dith_nb < 2) + pm_error("too few shades for blue, minimum of 2"); + +- MALLOCARRAY(*colormapP, dith_nr * dith_ng * dith_nb); ++ overflow2(dith_nr, dith_ng); ++ *colormapP = malloc3(dith_nr * dith_ng, dith_nb, sizeof(pixel)); + if (*colormapP == NULL) + pm_error("Unable to allocate space for the color lookup table " + "(%d by %d by %d pixels).", dith_nr, dith_ng, dith_nb); +--- netpbm-10.30/editor/pnmgamma.c.security 2005-04-25 01:05:48.000000000 +0200 ++++ netpbm-10.30/editor/pnmgamma.c 2005-10-21 11:08:57.000000000 +0200 +@@ -282,6 +282,7 @@ createGammaTables(bool const ungamma, + xelval **rtableP, xelval **gtableP, xelval **btableP) { + + /* Allocate space for the tables. */ ++ overflow_add(maxval, 1); + MALLOCARRAY(*rtableP, maxval+1); + MALLOCARRAY(*gtableP, maxval+1); + MALLOCARRAY(*btableP, maxval+1); +--- netpbm-10.30/editor/pnmhisteq.c.security 2005-09-11 00:59:13.000000000 +0200 ++++ netpbm-10.30/editor/pnmhisteq.c 2005-10-21 11:38:13.000000000 +0200 +@@ -102,6 +102,7 @@ computeLuminosityHistogram(xel * const * + unsigned int pixelCount; + unsigned int * lumahist; + ++ overflow_add(maxval, 1); + MALLOCARRAY(lumahist, maxval + 1); + if (lumahist == NULL) + pm_error("Out of storage allocating array for %u histogram elements", +--- netpbm-10.30/editor/pnmshear.c.security 2005-08-15 08:17:16.000000000 +0200 ++++ netpbm-10.30/editor/pnmshear.c 2005-10-21 11:08:57.000000000 +0200 +@@ -14,6 +14,7 @@ + + #include + #include ++#include + + #include "pnm.h" + #include "shhopt.h" +@@ -196,6 +197,11 @@ main(int argc, char * argv[]) { + if ( shearfac < 0.0 ) + shearfac = -shearfac; + ++ if(rows * shearfac >= INT_MAX-1) ++ pm_error("image too large"); ++ ++ overflow_add(rows * shearfac, cols+1); ++ + newcols = rows * shearfac + cols + 0.999999; + + pnm_writepnminit( stdout, newcols, rows, newmaxval, newformat, 0 ); +--- netpbm-10.30/editor/pbmpscale.c.security 2005-08-15 09:06:55.000000000 +0200 ++++ netpbm-10.30/editor/pbmpscale.c 2005-10-21 11:08:57.000000000 +0200 +@@ -109,6 +109,7 @@ main(argc, argv) + inrow[0] = inrow[1] = inrow[2] = NULL; + pbm_readpbminit(ifd, &columns, &rows, &format) ; + ++ overflow2(columns, scale); + outrow = pbm_allocrow(columns*scale) ; + MALLOCARRAY(flags, columns); + if (flags == NULL) +--- netpbm-10.30/urt/scanargs.c.security 2003-01-08 20:38:25.000000000 +0100 ++++ netpbm-10.30/urt/scanargs.c 2005-10-21 11:08:57.000000000 +0200 +@@ -38,6 +38,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + + #include "rle.h" +@@ -65,8 +67,8 @@ typedef int *ptr; + /* + * Storage allocation macros + */ +-#define NEW( type, cnt ) (type *) malloc( (cnt) * sizeof( type ) ) +-#define RENEW( type, ptr, cnt ) (type *) realloc( ptr, (cnt) * sizeof( type ) ) ++#define NEW( type, cnt ) (type *) malloc2( (cnt) , sizeof( type ) ) ++#define RENEW( type, ptr, cnt ) (type *) realloc2( ptr, (cnt), sizeof( type ) ) + + #if defined(c_plusplus) && !defined(USE_PROTOTYPES) + #define USE_PROTOTYPES +--- netpbm-10.30/urt/rle.h.security 2005-10-16 23:44:55.000000000 +0200 ++++ netpbm-10.30/urt/rle.h 2005-10-21 11:08:57.000000000 +0200 +@@ -14,6 +14,9 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox ++ * Header declarations needed + */ + /* + * rle.h - Global declarations for Utah Raster Toolkit RLE programs. +@@ -166,6 +169,16 @@ rle_hdr /* End of typedef. * + */ + extern rle_hdr rle_dflt_hdr; + ++/* ++ * Provided by pm library ++ */ ++ ++extern void overflow_add(int, int); ++extern void overflow2(int, int); ++extern void overflow3(int, int, int); ++extern void *malloc2(int, int); ++extern void *malloc3(int, int, int); ++extern void *realloc2(void *, int, int); + + /* Declare RLE library routines. */ + +--- netpbm-10.30/urt/rle_open_f.c.security 2005-10-17 00:16:48.000000000 +0200 ++++ netpbm-10.30/urt/rle_open_f.c 2005-10-21 11:08:57.000000000 +0200 +@@ -6,6 +6,9 @@ + * University of Michigan + * Date: 11/14/89 + * Copyright (c) 1990, University of Michigan ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox ++ * Killed of crazy unsafe pipe/compress stuff + */ + + #define _XOPEN_SOURCE /* Make sure fdopen() is in stdio.h */ +@@ -188,7 +191,7 @@ rle_open_f_noexit(const char * const pro + + cp = file_name + strlen( (char*) file_name ) - 2; + /* Pipe case. */ +- if ( *file_name == '|' ) ++ if ( *file_name == '|' && 0 /* BOLLOCKS ARE WE DOING THIS ANY MORE */) + { + int thepid; /* PID from my_popen */ + if ( (fp = my_popen( file_name + 1, mode, &thepid )) == NULL ) +@@ -203,9 +206,10 @@ rle_open_f_noexit(const char * const pro + } + + /* Compress case. */ +- else if ( cp > file_name && *cp == '.' && *(cp + 1) == 'Z' ) ++ else if ( /* SMOKING SOMETHING */ 0 && cp > file_name && *cp == '.' && *(cp + 1) == 'Z' ) + { + int thepid; /* PID from my_popen. */ ++ overflow_add(20, strlen(file_name)); + combuf = (char *)malloc( 20 + strlen( file_name ) ); + if ( combuf == NULL ) + { +--- netpbm-10.30/urt/rle_addhist.c.security 2005-10-17 00:15:58.000000000 +0200 ++++ netpbm-10.30/urt/rle_addhist.c 2005-10-21 11:23:38.000000000 +0200 +@@ -14,6 +14,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_addhist.c - Add to the HISTORY comment in header +@@ -76,13 +78,19 @@ rle_addhist(char * argv[], + return; + + length = 0; +- for (i = 0; argv[i]; ++i) ++ for (i = 0; argv[i]; ++i) { ++ overflow_add(length, strlen(argv[i])); ++ overflow_add(length+1, strlen(argv[i])); + length += strlen(argv[i]) +1; /* length of each arg plus space. */ ++ } + + time(&temp); + timedate = ctime(&temp); + length += strlen(timedate); /* length of date and time in ASCII. */ + ++ overflow_add(strlen(padding), 4); ++ overflow_add(strlen(histoire), strlen(padding) + 4); ++ overflow_add(length, strlen(histoire) + strlen(padding) + 4); + length += strlen(padding) + 3 + strlen(histoire) + 1; + /* length of padding, "on " and length of history name plus "="*/ + if (in_hdr) /* if we are interested in the old comments... */ +@@ -90,9 +98,12 @@ rle_addhist(char * argv[], + else + old = NULL; + +- if (old && *old) ++ if (old && *old) { ++ overflow_add(length, strlen(old)); + length += strlen(old); /* add length if there. */ ++ } + ++ overflow_add(length, 1); + ++length; /*Cater for the null. */ + + MALLOCARRAY(newc, length); +--- netpbm-10.30/urt/rle_hdr.c.security 2005-10-17 00:16:33.000000000 +0200 ++++ netpbm-10.30/urt/rle_hdr.c 2005-10-21 11:08:57.000000000 +0200 +@@ -14,6 +14,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_hdr.c - Functions to manipulate rle_hdr structures. +@@ -79,7 +81,10 @@ int img_num; + /* Fill in with copies of the strings. */ + if ( the_hdr->cmd != pgmname ) + { +- char *tmp = (char *)malloc( strlen( pgmname ) + 1 ); ++ char *tmp ; ++ ++ overflow_add(strlen(pgmname), 1); ++ tmp = malloc( strlen( pgmname ) + 1 ); + RLE_CHECK_ALLOC( pgmname, tmp, 0 ); + strcpy( tmp, pgmname ); + the_hdr->cmd = tmp; +@@ -87,7 +92,9 @@ int img_num; + + if ( the_hdr->file_name != fname ) + { +- char *tmp = (char *)malloc( strlen( fname ) + 1 ); ++ char *tmp; ++ overflow_add(strlen(fname), 1); ++ tmp = malloc( strlen( fname ) + 1 ); + RLE_CHECK_ALLOC( pgmname, tmp, 0 ); + strcpy( tmp, fname ); + the_hdr->file_name = tmp; +@@ -152,6 +159,7 @@ rle_hdr *from_hdr, *to_hdr; + if ( to_hdr->bg_color ) + { + int size = to_hdr->ncolors * sizeof(int); ++ overflow2(to_hdr->ncolors, sizeof(int)); + to_hdr->bg_color = (int *)malloc( size ); + RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->bg_color, "background color" ); + memcpy( to_hdr->bg_color, from_hdr->bg_color, size ); +@@ -160,7 +168,7 @@ rle_hdr *from_hdr, *to_hdr; + if ( to_hdr->cmap ) + { + int size = to_hdr->ncmap * (1 << to_hdr->cmaplen) * sizeof(rle_map); +- to_hdr->cmap = (rle_map *)malloc( size ); ++ to_hdr->cmap = (rle_map *)malloc3( to_hdr->ncmap, 1<cmaplen, sizeof(rle_map)); + RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->cmap, "color map" ); + memcpy( to_hdr->cmap, from_hdr->cmap, size ); + } +@@ -173,11 +181,16 @@ rle_hdr *from_hdr, *to_hdr; + int size = 0; + CONST_DECL char **cp; + for ( cp=to_hdr->comments; *cp; cp++ ) ++ { ++ overflow_add(size, 1); + size++; /* Count the comments. */ ++ } + /* Check if there are really any comments. */ + if ( size ) + { ++ overflow_add(size, 1); + size++; /* Copy the NULL pointer, too. */ ++ overflow2(size, sizeof(char *)); + size *= sizeof(char *); + to_hdr->comments = (CONST_DECL char **)malloc( size ); + RLE_CHECK_ALLOC( to_hdr->cmd, to_hdr->comments, "comments" ); +--- netpbm-10.30/urt/README.security 2000-06-02 22:53:04.000000000 +0200 ++++ netpbm-10.30/urt/README 2005-10-21 11:08:57.000000000 +0200 +@@ -18,3 +18,8 @@ in its initializer in the original. But + defines stdout as a variable, so that wouldn't compile. So I changed + it to NULL and added a line to rle_hdr_init to set that field to + 'stdout' dynamically. 2000.06.02 BJH. ++ ++Redid the code to check for maths overflows and other crawly horrors. ++Removed pipe through and compress support (unsafe) ++ ++Alan Cox +--- netpbm-10.30/urt/Runput.c.security 2005-10-16 23:36:29.000000000 +0200 ++++ netpbm-10.30/urt/Runput.c 2005-10-21 11:08:57.000000000 +0200 +@@ -17,6 +17,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * Runput.c - General purpose Run Length Encoding. +@@ -202,9 +204,11 @@ RunSetup(rle_hdr * the_hdr) + if ( the_hdr->background != 0 ) + { + register int i; +- register rle_pixel *background = +- (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); ++ register rle_pixel *background; + register int *bg_color; ++ ++ overflow_add(the_hdr->ncolors,1); ++ background = (rle_pixel *)malloc( (unsigned)(the_hdr->ncolors + 1) ); + /* + * If even number of bg color bytes, put out one more to get to + * 16 bit boundary. +@@ -224,7 +228,7 @@ RunSetup(rle_hdr * the_hdr) + /* Big-endian machines are harder */ + register int i, nmap = (1 << the_hdr->cmaplen) * + the_hdr->ncmap; +- register char *h_cmap = (char *)malloc( nmap * 2 ); ++ register char *h_cmap = (char *)malloc2( nmap, 2 ); + if ( h_cmap == NULL ) + { + fprintf( stderr, +--- netpbm-10.30/urt/rle_getrow.c.security 2005-10-16 23:47:53.000000000 +0200 ++++ netpbm-10.30/urt/rle_getrow.c 2005-10-21 11:32:32.000000000 +0200 +@@ -17,6 +17,8 @@ + * + * Modified at BRL 16-May-88 by Mike Muuss to avoid Alliant STDC desire + * to have all "void" functions so declared. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_getrow.c - Read an RLE file in. +@@ -168,6 +170,7 @@ rle_get_setup(rle_hdr * const the_hdr) { + register char * cp; + + VAXSHORT( comlen, infile ); /* get comment length */ ++ overflow_add(comlen, 1); + evenlen = (comlen + 1) & ~1; /* make it even */ + if ( evenlen ) + { +--- netpbm-10.30/urt/rle_putcom.c.security 2005-10-07 18:01:42.000000000 +0200 ++++ netpbm-10.30/urt/rle_putcom.c 2005-10-21 11:34:46.000000000 +0200 +@@ -14,6 +14,8 @@ + * If you modify this software, you should include a notice giving the + * name of the person performing the modification, the date of modification, + * and the reason for such modification. ++ * ++ * 2002-12-19: Fix maths wrapping bugs. Alan Cox + */ + /* + * rle_putcom.c - Add a picture comment to the header struct. +@@ -98,12 +100,14 @@ rle_putcom(const char * const value, + const char * v; + const char ** old_comments; + int i; +- for (i = 2, cp = the_hdr->comments; *cp != NULL; ++i, ++cp) ++ for (i = 2, cp = the_hdr->comments; *cp != NULL; ++i, ++cp) { ++ overflow_add(i, 1); + if (match(value, *cp) != NULL) { + v = *cp; + *cp = value; + return v; + } ++ } + /* Not found */ + /* Can't realloc because somebody else might be pointing to this + * comments block. Of course, if this were true, then the diff --git a/netpbm-10.27-bmptopnm.patch b/netpbm-10.27-bmptopnm.patch new file mode 100644 index 0000000..0b51b9b --- /dev/null +++ b/netpbm-10.27-bmptopnm.patch @@ -0,0 +1,20 @@ +--- netpbm-10.27/converter/other/bmptopnm.c.bmptopnm 2005-05-09 10:06:05.707795976 +0200 ++++ netpbm-10.27/converter/other/bmptopnm.c 2005-05-09 10:29:30.498235368 +0200 +@@ -932,7 +932,7 @@ readBmp(FILE * const ifP, + xel ** const colormapP, + bool const verbose) { + +- xel * colormap; /* malloc'ed */ ++ xel * colormap = NULL; /* malloc'ed */ + unsigned int pos; + + /* The following are all information from the BMP headers */ +@@ -1106,7 +1106,7 @@ main(int argc, char ** argv) { + writeRaster(BMPraster, cols, rows, outputType, cBitCount, pixelformat, + colormap); + +- free(colormap); ++ if (colormap) free(colormap); + free(BMPraster); + + exit(0); diff --git a/netpbm-10.28-CAN-2005-2471.patch b/netpbm-10.28-CAN-2005-2471.patch new file mode 100644 index 0000000..8cbbd6d --- /dev/null +++ b/netpbm-10.28-CAN-2005-2471.patch @@ -0,0 +1,16 @@ +--- netpbm-10.29/converter/other/pstopnm.c.CAN-2005-2471 2005-08-15 02:39:46.000000000 +0200 ++++ netpbm-10.29/converter/other/pstopnm.c 2005-08-16 15:38:15.000000000 +0200 +@@ -711,11 +711,11 @@ + "'%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s'", + ghostscriptProg, arg0, + deviceopt, outfileopt, gopt, ropt, "-q", "-dNOPAUSE", +- "-dSAFER", "-"); ++ "-dPARANOIDSAFER", "-"); + } + + execl(ghostscriptProg, arg0, deviceopt, outfileopt, gopt, ropt, "-q", +- "-dNOPAUSE", "-dSAFER", "-", NULL); ++ "-dNOPAUSE", "-dPARANOIDSAFER", "-", NULL); + + pm_error("execl() of Ghostscript ('%s') failed, errno=%d (%s)", + ghostscriptProg, errno, strerror(errno)); diff --git a/netpbm-10.28-gcc4.patch b/netpbm-10.28-gcc4.patch new file mode 100644 index 0000000..9ecd296 --- /dev/null +++ b/netpbm-10.28-gcc4.patch @@ -0,0 +1,20 @@ +--- netpbm-10.30/lib/pm.h.gcc4 2005-10-21 12:19:56.000000000 +0200 ++++ netpbm-10.30/lib/pm.h 2005-10-21 12:20:03.000000000 +0200 +@@ -18,6 +18,7 @@ + #include + #include + #include ++#include + #include + #include + #include +--- netpbm-10.30/urt/rle.h.gcc4 2005-10-21 12:19:56.000000000 +0200 ++++ netpbm-10.30/urt/rle.h 2005-10-21 12:21:31.000000000 +0200 +@@ -36,6 +36,7 @@ + #include "rle_config.h" /* Configuration parameters. */ + + #include /* Declare FILE. */ ++#include + + #ifdef c_plusplus + #define USE_PROTOTYPES diff --git a/netpbm-10.30-manpath.patch b/netpbm-10.30-manpath.patch new file mode 100644 index 0000000..e02bd0f --- /dev/null +++ b/netpbm-10.30-manpath.patch @@ -0,0 +1,11 @@ +--- netpbm-10.30/Makefile.common 2005-10-08 04:36:12.000000000 +0200 ++++ netpbm-10.30-fix/Makefile.common 2005-10-19 14:41:41.000000000 +0200 +@@ -383,7 +383,7 @@ + + MANUALS1 = $(BINARIES) $(SCRIPTS) + +-PKGMANDIR = man ++PKGMANDIR = share/man + + install.man1: $(PKGDIR)/$(PKGMANDIR)/man1 $(MANUALS1:%=%_installman1) + diff --git a/netpbm-10.30-pamtofits.patch b/netpbm-10.30-pamtofits.patch new file mode 100644 index 0000000..40001d6 --- /dev/null +++ b/netpbm-10.30-pamtofits.patch @@ -0,0 +1,21 @@ +--- netpbm-10.33/converter/other/pamtofits.c.21444 2006-05-26 15:51:05.000000000 +0200 ++++ netpbm-10.33/converter/other/pamtofits.c 2006-05-26 15:51:34.000000000 +0200 +@@ -58,13 +58,13 @@ writeFitsHeader(int const bitpix, + sprintf(card, "%-20.20s%10d%-50.50s", "NAXIS3 =", 3, ""); + writeCard(card); ++cardsWritten; + } +- sprintf(card, "%-18.18s%E%-51.51s", "BSCALE =", bscale, ""); ++ sprintf(card, "%-18.18s%E%-50.50s", "BSCALE =", bscale, ""); + writeCard(card); ++cardsWritten; +- sprintf(card, "%-18.18s%E%-51.51s", "BZERO =", fitsBzero, ""); ++ sprintf(card, "%-18.18s%E%-50.50s", "BZERO =", fitsBzero, ""); + writeCard(card); ++cardsWritten; +- sprintf(card, "%-18.18s%E%-51.51s", "DATAMAX =", datamax, ""); ++ sprintf(card, "%-18.18s%E%-50.50s", "DATAMAX =", datamax, ""); + writeCard(card); ++cardsWritten; +- sprintf(card, "%-18.18s%E%-51.51s", "DATAMIN =", datamin, ""); ++ sprintf(card, "%-18.18s%E%-50.50s", "DATAMIN =", datamin, ""); + writeCard(card); ++cardsWritten; + sprintf(card, "%-80.80s", "HISTORY Created by pnmtofits."); + writeCard(card); ++cardsWritten; + diff --git a/netpbm-10.51.00-config.mk b/netpbm-10.51.00-config.mk new file mode 100644 index 0000000..cf655a8 --- /dev/null +++ b/netpbm-10.51.00-config.mk @@ -0,0 +1,657 @@ +####This file was automatically created by 'configure.' +####Many variables are set twice -- a generic setting, then +####a system-specific override at the bottom of the file. +#### +# This is a make file inclusion, to be included in all the Netpbm make +# files. + +# This file is meant to contain variable settings that customize the +# build for a particular target system configuration. + +# The distribution contains the file config.mk.in. You edit +# config.mk.in in ways relevant to your particular environment +# to create config.mk. The "configure" program will do this +# for you in simple cases. + +# Some of the variables that the including make file must set for this +# file to work: +# +# SRCDIR: The directory at the top of the Netpbm source tree. Note that +# this is typically a relative directory, and it must be relative to the +# make file that includes this file. + +DEFAULT_TARGET = nonmerge +#DEFAULT_TARGET = merge + +# Fiasco has some special requirements that make it fail to compile on +# some systems, and since it isn't very important, just set this to "N" +# and skip it on those systems unless you want to debug it and fix it. +# OpenBSD: +#BUILD_FIASCO = N +BUILD_FIASCO = Y + +# The following are commands for the build process to use. These values +# do not get built into anything. + +# The C compiler (including macro preprocessor) +#CC = gcc +# Note that 'cc' is usually an alias for whatever is the main compiler +# on a system, e.g. the GNU Compiler on Linux. +CC = cc + +# The linker. +LD = $(CC) +#LD = ld +#Tru64: +#LD = cc +#LD = gcc + +#If the linker identified above is a compiler that invokes a linker +#(as in 'cc foo.o -o foo'), set LINKERISCOMPILER. The main difference is +#that we expect a compiler to take linker options in the '-Wl,-opt1,val1' +#syntax whereas the actual linker would take '-opt1 val1'. +LINKERISCOMPILER=Y +#If $(LD) is 'ld': +#LINKERISCOMPILER=N + +#LINKER_CAN_DO_EXPLICIT_LIBRARY means the linker specified above can +#take a library as just another link object argument, as in 'ld +#pnmtojpeg.o /usr/local/lib/libjpeg.so ...' as opposed to requiring a +#-l option as in 'ld pnmtojpeg.o -L/usr/local/lib -l jpeg'. +#This variable controls how 'libopt' gets built. Note that with some +#linkers, you can specify a shared library explicitly, but then it has +#to live in that exact place at run time. That's not good enough for us. + +LINKER_CAN_DO_EXPLICIT_LIBRARY=N +#GNU: +#LINKER_CAN_DO_EXPLICIT_LIBRARY=Y + +# This is the name of the header file that declares the types +# uint32_t, etc. This name is used as #include $(INTTYPES_H) . +# Set to null if the types come automatically without including anything. + +# We have a report (2005.09.17) that on IRIX 5.3 with the native IDO +# cc, inttypes.h and sys/types.h conflict (and Netpbm programs include +# sys/types for other things), so for that environment, +# won't work, but "inttypes_netpbm.h" might. + +INTTYPES_H = +# Linux libc5: +#INTTYPES_H = +# Solaris: +# Solaris has , but it doesn't define int_fast2_t, etc. +#INTTYPES_H = "inttypes_netpbm.h" +# Others: +#INTTYPES_H = +#INTTYPES_H = +# The automatically generated Netpbm version: +#INTTYPES_H = "inttypes_netpbm.h" + +# HAVE_INT64 tells whether, assuming you include the header indicated by +# INTTYPES_H, you have the int64_t type and related stuff. (If you don't +# the build will omit certain code that does 64 bit computations). +HAVE_INT64 = Y +#HAVE_INT64 = N + +# CC and LD are for building the Netpbm programs, which are not necessarily +# intended to run on the same system on which Make is running. But when we +# build a build tool such as Libopt, it is meant to run only on the same +# system on which the Make is running. The variables below define programs +# to use to compile and link build tools. +CC_FOR_BUILD = $(CC) +LD_FOR_BUILD = $(LD) +CFLAGS_FOR_BUILD = $(CFLAGS) +LDFLAGS_FOR_BUILD = $(LDFLAGS) + +# MAKE is set automatically by Make to what was used to invoke Make. + +INSTALL = $(SRCDIR)/buildtools/install.sh +#Solaris: +#INSTALL = /usr/ucb/install +#Tru64: +#INSTALL = installbsd +#OSF1: +#INSTALL = $(SRCDIR)/buildtools/installosf +#Red Hat Linux: +#INSTALL = install + +# STRIPFLAG is the option you pass to the above install program to make it +# strip unnecessary information out of binaries. +STRIPFLAG = -s +# If you don't want to strip the binaries, just leave it null: +#STRIPFLAG = + +SYMLINK = ln -s +# At least some Windows environments don't have any concept of symbolic +# links, but direct copies are usually a passable alternative. +#SYMLINK = cp + +#MANPAGE_FORMAT is "nroff" or "cat". It determines in what format the +#pointer man pages are installed (ready to nroff, or ready to cat). +#A pointer man pages is just a single-paragraph pages that tells you there is +#no man page for the program, to look at the HTML documentation instead. +MANPAGE_FORMAT = nroff +#MANPAGE_FORMAT = cat + +AR = ar +RANLIB = ranlib +# IRIX, SCO don't have Ranlib: +#RANLIB = true + +# LEX is the beginning of a shell command that runs a Lex-like +# pattern matcher generator. Null string means there isn't any such +# command. That means the build will skip parts that need one. + +LEX = flex +# Solaris: +# LEX = flex -e +# Windows Mingw: +# LEX = +# +# LEX = lex + +# C compiler options + +# gcc: +# -ansi and -Werror should work too, but are not included +# by default because there's no point in daring the build to fail. +# -pedantic isn't a problem because it causes at worst a warning. +#CFLAGS = -O3 -ffast-math -pedantic -fno-common \ +# -Wall -Wno-uninitialized -Wmissing-declarations -Wimplicit \ +# -Wwrite-strings -Wmissing-prototypes -Wundef -Wno-unknown-pragmas +# The merged programs have a main_XXX subroutine instead of main(), +# which would cause a warning with -Wmissing-declarations or +# -Wmissing-prototypes. +#CFLAGS_MERGE = -Wno-missing-declarations -Wno-missing-prototypes +# A user of DEC Tru64 4.0F in May 2000 needed -DLONG_32 for ppmtompeg, +# but word size-sensitive code was removed from parallel.c in September 2004. +# A user of Tru64 5.1A in July 2003 needed NOT to have -DLONG_32. In +# theory, you need this if on your system, long is 32 bits and int is not. +# But it may be completely irrelevant today. +#Tru64: +#CFLAGS = -O2 -std1 -DLONG_32 +#CFLAGS = -O2 -std1 +#AIX: +#CFLAGS= -O3 +#HP-UX: +#CFLAGS= -O3 -fPIC +#IRIX: +#CFLAGS= -n32 -O3 +#Amiga with GNU compiler: +#CFLAGS= -m68020-60 -ffast-math -mstackextend +# You can add -noixemul for Amiga and successfully compile most of the +# programs. (Of the remaining ones, if you can supply your own strtod() +# function, most of them will build with -noixemul). So try building +# with 'make --keep-going CADD=-noixemul' first, then just 'make' to build +# everything that failed for lack of the ixemul library in the first step. +# That way, the parts that don't required the ixemul library won't indicate +# a dependency on it. +#OpenBSD: +#CFLAGS = -I/usr/local/include + +# EXE is a suffix that the linker puts on any executable it generates. +# In cygwin, this is .exe and most programs deal with its existence without +# us having to know about it. Some don't though, so set this: + +EXE = +#Cygwin, DJGPP/Windows: +#EXE = .exe + +# linker options. + +# LDFLAGS is often set as an environment variable; A setting here overrides +# it. So either make sure you want to override it, or do a "LDFLAGS +=" here. + +# LDFLAGS is usually not the right place for a -L option, because we put +# LDFLAGS _before_ our own -L options, so it would cancel out our +# specific selection of libraries. For example, if you say +# LDFLAGS=/usr/local/lib and an old copy of the libnetpbm is in +# /usr/local/lib, then you'd be linking against that old copy instead of +# the copy you just built, which is located by a -L option later on the +# link command. LIBS is the right variable for adding -L options. LIBS +# goes after any of our make files' own -L options. + +# Eunice users may want to use -noshare so that the executables can +# run standalone: +#LDFLAGS += -noshare +#Tru64: +# Russ Allberry says on 2001.06.09 that -oldstyle_liblookup may be necessary +# to keep from finding an ancient system libjpeg.so that isn't compatible with +# NetPBM. Michael Long found that /usr/local/lib is not in the default +# search path, or not soon enough, and he was getting an old libjpeg that +# caused all the jpeg symbol references to be unresolved. He had installed +# a new libjpeg in /usr/local/lib. +#LDFLAGS += -call_shared -oldstyle_liblookup -L/usr/local/lib +#AIX: +#LDFLAGS += -L /usr/pubsw/lib +#HP-UX: +#LDFLAGS += -Wl,+b,/usr/pubsw/lib +#IRIX: +#LDFLAGS += -n32 + +# Linker options for created Netpbm shared libraries. + +# Here, $(SONAME) resolves to the soname for the shared library being created. +# The following are gcc options. This works on GNU libc systems. +LDSHLIB = -shared -Wl,-soname,$(SONAME) +# You need -nostart instead of -shared on BeOS. Though the BeOS compiler is +# ostensibly gcc, it has the -nostart option, which is not mentioned in gcc +# documentation and doesn't exist in at least one non-BeOS installation. +# BeOS doesn't have sonames built in. +#LDSHLIB = -nostart +#LDSHLIB = -G +# Solaris, SunOS with GNU Ld, SCO: +# These systems have no soname option. +#LDSHLIB = -shared +# Solaris with Sun Ld: +#LDSHLIB = -Wl,-Bdynamic,-G,-h,$(SONAME) +#Tru64: +#LDSHLIB = -shared -expect_unresolved "*" +#IRIX: +#LDSHLIB = -shared -n32 +#AIX GNU compiler/linker: +#LDSHLIB = -shared +#AIX Visual Age C: +#LDSHLIB = -qmkshrobj +#Mac OSX: +# According to experiments done by Peter A Crowley in May 2007, if +# libnetpbm goes in a standard place such as /usr/local/lib, +# programs need not be built with libnetpbm's location included. +# But if it goes elsewhere, the link-editor must include the +# location in the executable. It finds the runtime location by +# looking inside the library. The information in the library +# comes from the install_name option with which the library was +# built. It's an alternative to the -rpath option on other systems. +#LDSHLIB=-dynamiclib +#LDSHLIB=-dynamiclib -install_name $(NETPBMLIB_RUNTIME_PATH)/libnetpbm.$(MAJ).dylib + +# LDRELOC is the command to combine two .o files (relocateable object files) +# into a single .o file that can later be linked into something else. NONE +# means no such command is available. + +LDRELOC = NONE +# GNU Ld: +# Older GNU Ld misspells the option as --relocateable. Newer GNU Ld +# correctly spells it --relocatable. The abbreviation --reloc works on +# both. +#LDRELOC = ld --reloc +#LDRELOC = ld -r + + +# On older systems, you have to make shared libraries out of position +# independent code, so you need -fpic or fPIC here. (The rule is: if +# -fpic works, use it. If it bombs, go to fPIC). On newer systems, +# it isn't necessary, but can save real memory at the expense of +# execution speed. Without position independent code, the library +# loader may have to patch addresses into the executable text. On an +# older system, this would cause a program crash because the loader +# would be writing into read-only shared memory. But on newer +# systems, the system silently creates a private mapping of the page +# or segment being modified (the "copy on write" phenomenon). So it +# needs its own private real page frame. In one experiment, A second +# copy of Pbmtext used 16K less real memory when built with -fpic than +# when built without. 2001.06.02. + +# We have seen -fPIC required on IA64 and AMD64 machines (GNU +# compiler/linker). Build-time linking fails without it. I don't +# know why -- history seems to be repeating itself. 2005.02.23. + +CFLAGS_SHLIB = +# Gcc: +#CFLAGS_SHLIB = -fpic +#CFLAGS_SHLIB = -fPIC +# Sun compiler: +#CFLAGS_SHLIB = -Kpic +#CFLAGS_SHLIB = -KPIC + +# SHLIB_CLIB is the link option to include the C library in a shared library, +# normally "-lc". On typical systems, this serves no purpose. On some, +# though, it causes information about which C library to use to be recorded +# in the shared library and thus choose the correct library among several or +# avoid using an incompatible one. But on some systems, the link fails. +# On 2002.09.30, "John H. DuBois III" reports that on +# SCO OpenServer, he gets the following error message with -lc: +# +# -lc; relocations referenced ; from file(s) /usr/ccs/lib/libc.so(random.o); +# fatal error: relocations remain against allocatable but non-writable +# section: ; .text + +SHLIB_CLIB = -lc +# SCO: +#SHLIB_CLIB = + +# On some systems you have to build into an executable the list of +# directories where its dynamically linked libraries can be found at +# run time. This is typically done with a -R or -rpath linker +# option. Even on systems that don't require it, you might prefer to do +# that rather than set up environment variables or configuration files +# to tell the system where the libraries are. A "Y" here means to put +# the directory information in the executable at link time. + +NEED_RUNTIME_PATH = N +# Solaris, SunOS, NetBSD, AIX: +#NEED_RUNTIME_PATH = Y + +# RPATHOPTNAME is the option you use on the link command to specify +# a runtime search path for a shared library. It is meaningless unless +# NEED_RUNTIME_PATH is Y. +RPATHOPTNAME = -rpath + +# The following variables tell where your various libraries on which +# Netpbm depends live. The LIBxxx variable is a full file +# specification of the link library (not necessarily the library used +# at run time). e.g. "/usr/local/lib/graphics/libjpeg.so". It usually +# doesn't matter if the library prefix and suffix are right -- you can +# use "lib" and ".so" or ".a" regardless of what your system actually +# uses because these just turn into "-L" and "-l" linker options +# anyway. ".a" implies a static library for some purposes, though. +# If you don't have the library in question, use a value of NONE for +# LIBxxx and the build will simply skip the programs that require that +# library. If the library is in your linker's (or the Netpbm build's) +# default search path, leave off the directory part, e.g. "libjpeg.so". + +# The xxxHDR_DIR variable is the directory in which the interface +# headers for the library live (e.g. /usr/include). If they are in your +# compiler's default search path, set this variable to null. + +# This is where the Netpbm shared libraries will reside when Netpbm is +# fully installed. In some configurations, the Netpbm builder builds +# this information into the Netpbm executables. This does NOT affect +# where the Netpbm installer installs the libraries. A null value +# means the libraries are in a default search path used by the runtime +# library loader. +NETPBMLIB_RUNTIME_PATH = +#NETPBMLIB_RUNTIME_PATH = /usr/lib/netpbm + +# The TIFF library. See above. If you want to build the tiff +# converters, you must have the tiff library already installed. + +TIFFLIB = NONE +TIFFHDR_DIR = + +#TIFFLIB = libtiff.so +#TIFFHDR_DIR = /usr/include/libtiff +#NetBSD: +#TIFFLIB = $(LOCALBASE)/lib/libtiff.so +#TIFFHDR_DIR = $(LOCALBASE)/include +# OSF, Tru64: +#TIFFLIB = /usr/local1/DEC/lib/libtiff.so +#TIFFHDR_DIR = /usr/local1/DEC/include + +# Some TIFF libraries do Jpeg and/or Z (flate) compression and thus any +# program linked with the TIFF library needs a Jpeg and/or Z library. +# Some TIFF libraries have such library statically linked in, but others +# need it to be dynamically linked at program load time. +# Make this 'N' if youf TIFF library doesn't need such dynamic linking. +# As of 2005.01, the most usual build of the TIFF library appears to require +# both. +TIFFLIB_NEEDS_JPEG = Y +TIFFLIB_NEEDS_Z = Y + +# The JPEG library. See above. If you want to build the jpeg +# converters you must have the jpeg library already installed. + +# Tiff files can use JPEG compression, so the Tiff library can reference +# the JPEG library. If your Tiff library references a dynamic JPEG +# library, you must specify at least JPEGLIB here, or the Tiff +# converters will not build. Note that your Tiff library may have the +# JPEG stuff statically linked in, in which case you won't need +# JPEGLIB in order to build the Tiff converters. + +JPEGLIB = NONE +JPEGHDR_DIR = +#JPEGLIB = libjpeg.so +#JPEGHDR_DIR = /usr/include/jpeg +# Netbsd: +#JPEGLIB = ${LOCALBASE}/lib/libjpeg.so +#JPEGHDR_DIR = ${LOCALBASE}/include +# OSF, Tru64: +#JPEGLIB = /usr/local1/DEC/libjpeg.so +#JPEGHDR_DIR = /usr/local1/DEC/include +# Typical: +#JPEGLIB = /usr/local/lib/libjpeg.so +#JPEGHDR_DIR = /usr/local/include +# Don't build JPEG stuff: +#JPEGLIB = NONE + + +# The PNG library. See above. If you want to build the PNG +# converters you must have the PNG library already installed. + +# The PNG library, by convention starting around April 2002, gets installed +# with names that include a version number, such as libpng10.a and header +# files in /usr/include/libpng10. But there is conventionally an unnumbered +# alias (e.g. libpng.a, /usr/include/libpng) for the preferred version. +# +# Recent versions of the library (since some time in the 2002-2006 period) +# have an associated 'libpng-config' that tells how to link it. The make +# files will use that program if it exists (must be in the PATH). In that +# case, PNGLIB and PNGHDR_DIR are irrelevant, but PNGVER is still meaningful, +# because the make file runs 'libpng$(PNGVER)-config'. + +PNGLIB = NONE +PNGHDR_DIR = +PNGVER = +#PNGLIB = libpng$(PNGVER).so +#PNGHDR_DIR = /usr/include/libpng$(PNGVER) +# NetBSD: +#PNGLIB = $(LOCALBASE)/lib/libpng$(PNGVER).so +#PNGHDR_DIR = $(LOCALBASE)/include +# OSF/Tru64: +#PNGLIB = /usr/local1/DEC/lib/libpng$(PNGVER).so +#PNGHDR_DIR = /usr/local1/DEC/include + +# The zlib compression library. See above. You need it to build +# anything that needs the PNG library (see above). If you selected +# NONE for the PNG library, it doesn't matter what you specify here -- +# it won't get used. +# +# If you have 'libpng-config' (see above), these are irrelevant. + +ZLIB = NONE +ZHDR_DIR = +#ZLIB = libz.so + +# The JBIG lossless image compression library (aka JBIG-KIT): + +JBIGLIB = $(BUILDDIR)/converter/other/jbig/libjbig.a +JBIGHDR_DIR = $(SRCDIR)/converter/other/jbig + +# The Jasper JPEG-2000 image compression library (aka JasPer): +JASPERLIB = $(INTERNAL_JASPERLIB) +JASPERHDR_DIR = $(INTERNAL_JASPERHDR_DIR) +# JASPERDEPLIBS is the libraries (-l options or file names) on which +# The Jasper library depends -- i.e. what you have to link into any +# executable that links in the Jasper library. +JASPERDEPLIBS = +#JASPERDEPLIBS = -ljpeg + +# And the Utah Raster Toolkit (aka URT aka RLE) library: + +URTLIB = $(BUILDDIR)/urt/librle.a +URTHDR_DIR = $(SRCDIR)/urt + +# The X11 library has facilities for talking to an X Window System +# server. It is required by Pamx. + +X11LIB = /usr/lib/libX11.so +X11HDR_DIR = + +#X11LIB = /usr/lib/libX11.so +#X11HDR_DIR = + +# The Linux SVGA library (Svgalib) is a facility for displaying graphics +# on the Linux console. It is required by Ppmsvgalib. + +LINUXSVGALIB = NONE +LINUXSVGAHDR_DIR = + +#LINUXSVGALIB = /usr/lib/libvga.so +#LINUXSVGAHDR_DIR = /usr/include/vgalib + +# If you don't want any network functions, set OMIT_NETWORK to "y". +# The only thing that requires network functions is the option in +# ppmtompeg to run it on multiple computers simultaneously. On some +# systems network functions don't work or we haven't figured out how to +# make them work, or they just aren't worth the effort. +OMIT_NETWORK = +#DJGPP/Windows, Tru64: +# (there's some minor header problem that prevents network functions from +# building on Tru64 2000.10.06) +#OMIT_NETWORK = y + +# These are -l options to link in the network libraries. Often, these are +# built into the standard C library, so this can be null. This is irrelevant +# if OMIT_NETWORK is "y". + +NETWORKLD = +# Solaris, SunOS: +#NETWORKLD = -lsocket -lnsl +# SCO: +#NETWORKLD = -lsocket, -lresolv + +# DONT_HAVE_PROCESS_MGMT is Y if this system doesn't have the usual +# Unix process management stuff - fork, wait, etc. N for a regular Unix +# system. +DONT_HAVE_PROCESS_MGMT = N + +# The following variables are used only by 'make install' (and the +# variants of it). Paths here don't, for example, get built into any +# programs. + +# This is where everything goes when you do 'make package', unless you +# override it by setting 'pkgdir' on the Make command line. +PKGDIR_DEFAULT = /tmp/netpbm + +# Subdirectory of the package directory ($(pkgdir)) in which man pages +# go. +PKGMANDIR = /share/man + +# File permissions for installed files. +# Note that on some systems (e.g. Solaris), 'install' can't use the +# mnemonic permissions - you have to use octal. + +# binaries (pbmmake, etc) +INSTALL_PERM_BIN = 755 # u=rwx,go=rx +# shared libraries (libpbm.so, etc) +INSTALL_PERM_LIBD = 755 # u=rwx,go=rx +# static libraries (libpbm.a, etc) +INSTALL_PERM_LIBS = 644 # u=rw,go=r +# header files (pbm.h, etc) +INSTALL_PERM_HDR = 644 # u=rw,go=r +# man pages (pbmmake.1, etc) +INSTALL_PERM_MAN = 644 # u=rw,go=r +# data files (pnmtopalm color maps, etc) +INSTALL_PERM_DATA = 644 # u=rw,go=r + +# Specify the suffix that want the man pages to have. + +SUFFIXMANUALS1 = 1 +SUFFIXMANUALS3 = 3 +SUFFIXMANUALS5 = 5 + +#NETPBMLIBTYPE tells the kind of libraries that will get built to hold the +#Netpbm library functions. The value is used only in make file tests. +# "unixshared" means a unix-style shared library, typically named like +# libxyz.so.2.3 +NETPBMLIBTYPE = unixshared +# "unixstatic" means a unix-style static library, (like libxyz.a) +#NETPBMLIBTYPE = unixstatic +# "dll" means a Windows DLL shared library +#NETPBMLIBTYPE = dll +# "dylib" means a Darwin/Mac OS shared library +#NETPBMLIBTYPE = dylib + +#NETPBMLIBSUFFIX is the suffix used on whatever kind of library is +#selected above. All this is used for is to construct library names. +#The make files never examine the actual value. +NETPBMLIBSUFFIX = so + +# "a" is the suffix for unix-style static libraries. It is also +# traditionally used for shared libraries on AIX. The Visual Age C +# manual says sometimes .so works on AIX, and GNU software for AIX +# 5.1.0 does indeed use it. In our experiments, it works fine if you +# name the library file explicitly on the link, but isn't in the -l +# search order. If you name the library explicitly on the link, the +# library must live in exactly the same position at run time, so we +# can't use that. Therefore, you cannot build both static and shared +# libraries with AIX. You have to choose. +#NETPBMLIBSUFFIX = a +# For HP-UX shared libraries: +#NETPBMLIBSUFFIX = sl +# Darwin/Mac OS shared library: +#NETPBMLIBSUFFIX = dylib +# Windows shared library: +#NETPBMLIBSUFFIX = dll + +#STATICLIB_TOO is "y" to signify that you want a static library built +#and installed in addition to whatever library type you specified by +#NETPBMLIBTYPE. If NETPBMLIBTYPE specified a static library, +#STATICLIB_TOO simply has no effect. +STATICLIB_TOO = y +#STATICLIB_TOO = n + +#STATICLIBSUFFIX is the suffix that static libraries have. It's +#meaningless if you aren't building static libraries. +STATICLIBSUFFIX = a + +#SHLIBPREFIXLIST is a blank-delimited list of prefixes that a filename +#of a shared library may have on this system. Traditionally, it's +#just "lib", as in libc or libnetpbm. On Windows, though, varying +#prefixes are used when multiple alternative forms of a library are +#available. The first prefix in this list is what we use to name the +#Netpbm shared libraries. +# +# This variable controls how 'libopt' gets built. +# +SHLIBPREFIXLIST = lib +#Cygwin: +#SHLIBPREFIXLIST = cyg lib + +NETPBMSHLIBPREFIX = $(firstword $(SHLIBPREFIXLIST)) + +#DLLVER is used to version the DLLs built on cygwin or other +#windowsish platforms. We can't add this to LIBROOT, or we'd +#version the static libs (which is bad). We can't add this +#at the end of the name (like unix does with so numbers) because +#windows will only load dlls whose name ends in "dll". So, +#we have this variable, which becomes the end of the library "root" name +#for DLLs only. +# +# This variable controls how 'libopt' gets built. +# +DLLVER = +#Cygwin +#DLLVER = $(NETPBM_MAJOR_RELEASE) + +#NETPBM_DOCURL is the URL of the main documentation page for Netpbm. +#This is a directory which contains a file for each Netpbm program, +#library, and file type. E.g. The documentation for jpegtopnm might be in +#http://netpbm.sourceforge.net/doc/jpegtopnm.html . This value gets +#installed in the man pages (which say no more than to read the webpage) +#and in the Webman netpbm.url file. +NETPBM_DOCURL = http://netpbm.sourceforge.net/doc/ +#For a system with no web access, but a local copy of the doc: +#NETPBM_DOCURL = file:/usr/doc/netpbm/ + + + + + +####Lines above were copied from config.mk.in by 'configure'. +####Lines below were added by 'configure' based on the GNU platform. +DEFAULT_TARGET = nonmerge +NETPBMLIBTYPE=unixshared +NETPBMLIBSUFFIX=so +STATICLIB_TOO=y +CFLAGS = -O3 -ffast-math -pedantic -fno-common -Wall -Wno-uninitialized -Wmissing-declarations -Wimplicit -Wwrite-strings -Wmissing-prototypes -Wundef -Wno-unknown-pragmas +CFLAGS_MERGE = -Wno-missing-declarations -Wno-missing-prototypes +LDRELOC = ld --reloc +LINKER_CAN_DO_EXPLICIT_LIBRARY=Y +LINKERISCOMPILER = Y +CFLAGS_SHLIB += -fPIC +TIFFLIB = libtiff.so +JPEGLIB = libjpeg.so +ZLIB = libz.so +X11LIB = /usr/lib/libX11.so +NETPBM_DOCURL = http://netpbm.sourceforge.net/doc/ diff --git a/netpbm.spec b/netpbm.spec new file mode 100644 index 0000000..5f13ca9 --- /dev/null +++ b/netpbm.spec @@ -0,0 +1,230 @@ +Name: netpbm +Version: 10.61.02 +Release: 1mamba +Summary: Tools for manipulating graphics files in netpbm supported formats +Group: Applications/Multimedia +Vendor: openmamba +Distribution: openmamba +Packager: Silvan Calarco +URL: http://netpbm.sourceforge.net +#Source: http://www12.frugalware.org/mirrors/ftp.frugalware.org/pub/other/sources/netpbm/netpbm-%{version}.tar.bz2 +#Source0: http://downloads.sourceforge.net/project/netpbm/super_stable/%{version}/netpbm-%{version}.tgz +Source: http://archlinux.c3sl.ufpr.br/other/packages/netpbm/netpbm-%{version}.tar.gz +Source1: %{name}-docs-20030520.tar.bz2 +Source2: %{name}-10.51.00-config.mk +Patch0: %{name}-10.15-make.patch +Patch1: %{name}-10.30-manpath.patch +Patch2: %{name}-10.22-security_mktemp.patch +Patch3: %{name}-10.23-security-rh.patch +Patch4: %{name}-10.27-bmptopnm.patch +Patch5: %{name}-10.28-CAN-2005-2471.patch +Patch6: %{name}-10.28-gcc4.patch +Patch7: %{name}-10.20-CAN-2005-2978.patch +Patch8: %{name}-10.30-pamtofits.patch +License: Freeware +## AUTOBUILDREQ-BEGIN +BuildRequires: glibc-devel +BuildRequires: libjpeg-devel +BuildRequires: libpng-devel +BuildRequires: libtiff-devel +%if "%{stage1}" != "1" +BuildRequires: libX11-devel +%endif +BuildRequires: libxml2-devel +BuildRequires: libz-devel +BuildRequires: perl-devel +## AUTOBUILDREQ-END +Requires: libnetpbm = %{?epoch:%epoch:}%{version}-%{release} +## AUTOBUILDREQ-END +BuildRoot: %{_tmppath}/%{name}-%{version}-root + +%description +Netpbm is a toolkit for manipulation of graphic images, including conversion of images between a variety of different formats. +There are over 220 separate tools in the package including converters for about 100 graphics formats. +Examples of the sort of image manipulation we're talking about are: + * Shrinking an image by 10% + * Cutting the top half off of an image + * Making a mirror image + * Creating a sequence of images that fade from one image to another + +The goal of Netpbm is to be a single source for all the primitive graphics utilities, especially converters, one might need. +So if you know of some freely redistributable software in this vein which is not in the package yet, you should bring it to the attention of the Netpbm maintainer so it can be included in the next release. + +Netpbm does not contain interactive tools and doesn't have a graphical interface. + +%package -n libnetpbm +Group: System/Libraries +Summary: A library for manipulating graphics files in netpbm supported formats + +%description -n libnetpbm +Netpbm is a toolkit for manipulation of graphic images, including conversion of images between a variety of different formats. +There are over 220 separate tools in the package including converters for about 100 graphics formats. +Examples of the sort of image manipulation we're talking about are: + * Shrinking an image by 10% + * Cutting the top half off of an image + * Making a mirror image + * Creating a sequence of images that fade from one image to another + +%package -n libnetpbm-devel +Group: Development/Libraries +Summary: Tools for manipulating graphics files in netpbm supported formats +Requires: libnetpbm = %{?epoch:%epoch:}%{version}-%{release} +Provides: netpbm-devel +Obsoletes: netpbm-devel + +%description -n libnetpbm-devel +Netpbm is a toolkit for manipulation of graphic images, including conversion of images between a variety of different formats. +There are over 220 separate tools in the package including converters for about 100 graphics formats. +Examples of the sort of image manipulation we're talking about are: + * Shrinking an image by 10% + * Cutting the top half off of an image + * Making a mirror image + * Creating a sequence of images that fade from one image to another + +This package contains static libraries and header files need for development. + +%prep +%setup -q -c -a1 -n netpbm-%{version} + +mv advanced/* . +rmdir advanced + +%patch0 -p1 +#%patch1 -p1 -b .manpath +#%patch2 -p1 -b .security_mktemp +#%patch3 -p1 -b .security_rh +#%patch4 -p1 -b .bmptopnm +#%patch5 -p1 -b .can_2005_2471 +%patch6 -p1 -b .gcc4 +#%patch7 -p1 -b .can_2005_2978 +#%patch8 -p1 -b .pamtofits + +install -m0644 %{SOURCE2} ./config.mk +sed -i "s|CC =.*|CC = %{_host}-gcc|" config.mk +%if "%{stage1}" == "1" +sed -i "s|X11LIB =.*|X11LIB = NONE|" config.mk +%endif + +# fix strange permissions +find netpbm.sourceforge.net -type d | xargs chmod 755 +find netpbm.sourceforge.net -type f | xargs chmod 644 + +%build +#%if "%{_host}" != "%{_build}" +#make -C buildtools CC=%{_build}-gcc +#sed -i "s|libpng-config|-lpng14|" converter/other/Makefile +#%endif + +%make \ + CFLAGS="%{optflags} -fPIC" -j1 \ + CC=%{_host}-gcc \ + LINUXSVGALIB=NONE \ +%if "%{stage1}" != "1" + X11LIB=%{_libdir}/libX11.so \ +%else + X11LIB=NONE \ +%endif + NETPBM_DOCURL=%{_datadir}/doc/%{name}-%{version}/netpbm.sourceforge.net/doc + +%install +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" +install -d %{buildroot} +make package \ + pkgdir=%{buildroot}%{_prefix} \ + STRIPFLAG="" \ + LINUXSVGALIB=NONE \ + PKGMANDIR=/share/man \ +%if "%{stage1}" != "1" + X11LIB=%{_libdir}/libX11.so \ +%else + X11LIB=NONE \ +%endif + NETPBM_DOCURL=%{_datadir}/doc/%{name}-%{version}/netpbm.sourceforge.net/doc + +%ifarch x86_64 +mv %{buildroot}%{_prefix}/lib %{buildroot}%{_libdir} +%endif + +mv %{buildroot}%{_prefix}/link/libnetpbm.a %{buildroot}%{_libdir} +mv %{buildroot}%{_prefix}/misc/*.map %{buildroot}%{_libdir} + +#ln -sf libnetpbm.so.10 %{buildroot}%{_libdir}/libnetpbm.so + +# remove unpackaged files +rm -fr %{buildroot}%{_prefix}/misc/ +rm %{buildroot}%{_prefix}/README +rm %{buildroot}%{_prefix}/VERSION +rm %{buildroot}%{_prefix}/pkginfo +rm %{buildroot}%{_prefix}/man/web/netpbm.url +rm %{buildroot}%{_prefix}/link/libnetpbm.so +rm %{buildroot}%{_prefix}/config_template + +%clean +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" + +%post -n libnetpbm -p /sbin/ldconfig +%postun -n libnetpbm -p /sbin/ldconfig + +%files +%defattr(-,root,root,-) +%attr(755,root,root) %{_bindir}/* + +%files -n libnetpbm +%defattr(-,root,root,-) +%{_libdir}/libnetpbm.so.* +%{_libdir}/*.map +%{_mandir}/man[15]/* +%doc README doc/COPYRIGHT.PATENT + +%files -n libnetpbm-devel +%defattr(-,root,root,-) +%attr(644,root,root) %{_libdir}/libnetpbm.a +%attr(755,root,root) %{_libdir}/libnetpbm.so +%{_includedir}/* +%{_mandir}/man3/* +%doc README doc/{HISTORY,USERDOC} +%doc netpbm.sourceforge.net + +%changelog +* Fri Jul 26 2013 Automatic Build System 10.61.02-1mamba +- update to 10.61.02 + +* Thu Jul 18 2013 Silvan Calarco 10.60.00-2mamba +- fix broken libnetpbm.so symlink + +* Wed Dec 26 2012 Automatic Build System 10.60.00-1mamba +- automatic version update by autodist + +* Fri Aug 10 2012 Automatic Build System 10.58.00-1mamba +- automatic version update by autodist + +* Tue Apr 17 2012 Silvan Calarco 10.57.00-1mamba +- update to 10.57.00 + +* Wed Aug 18 2010 Silvan Calarco 10.51.00-1mamba +- update to 10.51.00 + +* Fri May 14 2010 Silvan Calarco 10.35.74-2mamba +- added libnetpbm and libnetpbm subpackages + +* Thu May 13 2010 Silvan Calarco 10.35.74-1mamba +- update to 10.35.74 + +* Wed Dec 10 2008 Silvan Calarco 10.33-1mamba +- automatic update by autodist + +* Wed Jun 13 2007 Aleph0 10.30-3mamba +- fix permissions of some documentation folders + +* Mon Jun 26 2006 Davide Madrisan 10.30-2qilnx +- security update (qibug#190) + +* Wed Oct 26 2005 Davide Madrisan 10.30-1qilnx +- update to version 10.30 by autospec +- security fix QSA-2005-127 (CAN-2005-2978) + +* Fri Aug 12 2005 Davide Madrisan 10.20-2qilnx +- fixed several security issues: QSA-2005-089 (p2, p3, CAN-2005-2471) + +* Wed Feb 25 2004 Davide Madrisan 10.20-1qilnx +- first build