summaryrefslogtreecommitdiffstats
path: root/patches/source/freetype
diff options
context:
space:
mode:
Diffstat (limited to 'patches/source/freetype')
-rw-r--r--patches/source/freetype/freetype.CVE-2017-8287.diff31
-rwxr-xr-xpatches/source/freetype/freetype.SlackBuild123
-rw-r--r--patches/source/freetype/freetype.illadvisederror.diff31
-rw-r--r--patches/source/freetype/freetype.subpixel.rendering.diff12
-rw-r--r--patches/source/freetype/slack-desc19
5 files changed, 216 insertions, 0 deletions
diff --git a/patches/source/freetype/freetype.CVE-2017-8287.diff b/patches/source/freetype/freetype.CVE-2017-8287.diff
new file mode 100644
index 00000000..4f4b67b1
--- /dev/null
+++ b/patches/source/freetype/freetype.CVE-2017-8287.diff
@@ -0,0 +1,31 @@
+From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Sun, 26 Mar 2017 08:32:09 +0200
+Subject: * src/psaux/psobjs.c (t1_builder_close_contour): Add safety guard.
+
+Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
+
+diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
+index d18e821..0baf836 100644
+--- a/src/psaux/psobjs.c
++++ b/src/psaux/psobjs.c
+@@ -1718,6 +1718,14 @@
+ first = outline->n_contours <= 1
+ ? 0 : outline->contours[outline->n_contours - 2] + 1;
+
++ /* in malformed fonts it can happen that a contour was started */
++ /* but no points were added */
++ if ( outline->n_contours && first == outline->n_points )
++ {
++ outline->n_contours--;
++ return;
++ }
++
+ /* We must not include the last point in the path if it */
+ /* is located on the first point. */
+ if ( outline->n_points > 1 )
+--
+cgit v1.0-41-gc330
+
diff --git a/patches/source/freetype/freetype.SlackBuild b/patches/source/freetype/freetype.SlackBuild
new file mode 100755
index 00000000..bb514e22
--- /dev/null
+++ b/patches/source/freetype/freetype.SlackBuild
@@ -0,0 +1,123 @@
+#!/bin/sh
+
+# Copyright 2005-2012 Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+PKGNAM=freetype
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | cut -d - -f 2 | rev | cut -f 3- -d . | rev)}
+BUILD=${BUILD:-2_slack14.2}
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) export ARCH=i586 ;;
+ arm*) export ARCH=arm ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) export ARCH=$( uname -m ) ;;
+ esac
+fi
+
+if [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-freetype
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+cd $TMP
+rm -rf freetype-$VERSION
+tar xvf $CWD/freetype-$VERSION.tar.xz || exit 1
+cd freetype-$VERSION
+
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# This breaks far too many things. Freetype2 developers will have to get their
+# punishment on someone else's distribution.
+zcat $CWD/freetype.illadvisederror.diff.gz | patch -p1 --verbose || exit 1
+
+# The line below enables code patented by Microsoft, so don't uncomment it
+# unless you have a license to use the code and take all legal responsibility
+# for doing so.
+# Please see this web site for more details:
+# http://www.freetype.org/patents.html
+#zcat $CWD/freetype.subpixel.rendering.diff.gz | patch -p1 --verbose || exit 1
+
+# Security fix:
+zcat $CWD/freetype.CVE-2017-8287.diff.gz | patch -p1 --verbose || exit 1
+
+chown -R root:root .
+CFLAGS="$SLKCFLAGS" make setup CFG="--prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} --build=$ARCH-slackware-linux"
+make $NUMJOBS || make || exit 1
+make install DESTDIR=$PKG
+
+# This shouldn't be needed (apps should pick up -I/usr/include/freetype2 from
+# `freetype-config --cflags` while compiling), but it's so often reported as
+# a bug that I'll give in to the point. Now that Freetype1 is pretty much gone
+# having this link shouldn't hurt anything. Try not to rely on it, though.
+mkdir -p $PKG/usr/include
+( cd $PKG/usr/include
+ rm -rf freetype
+ ln -sf freetype2 freetype
+)
+
+# Can't imagine a lot of use for this:
+rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.a
+
+find $PKG | xargs file | grep -e "executable" -e "shared object" \
+ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+mv $PKG/usr/share/man $PKG/usr/man
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+
+mkdir -p $PKG/usr/doc/freetype-$VERSION
+cp -a \
+ docs \
+ README \
+ $PKG/usr/doc/freetype-$VERSION
+# too much
+rm -rf $PKG/usr/doc/freetype-$VERSION/docs/reference
+
+mkdir $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/freetype-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/patches/source/freetype/freetype.illadvisederror.diff b/patches/source/freetype/freetype.illadvisederror.diff
new file mode 100644
index 00000000..fee71076
--- /dev/null
+++ b/patches/source/freetype/freetype.illadvisederror.diff
@@ -0,0 +1,31 @@
+diff -Nur freetype-2.6.1.orig/include/freetype/freetype.h freetype-2.6.1/include/freetype/freetype.h
+--- freetype-2.6.1.orig/include/freetype/freetype.h 2015-10-03 23:54:01.000000000 -0500
++++ freetype-2.6.1/include/freetype/freetype.h 2015-10-04 22:13:40.233912984 -0500
+@@ -20,13 +20,20 @@
+ #define __FREETYPE_H__
+
+
+-#ifndef FT_FREETYPE_H
+-#error "`ft2build.h' hasn't been included yet!"
+-#error "Please always use macros to include FreeType header files."
+-#error "Example:"
+-#error " #include <ft2build.h>"
+-#error " #include FT_FREETYPE_H"
+-#endif
++/***************************************************************************/
++/* */
++/* If you think breaking almost 100% of all source that links with */
++/* freetype (anything using a configure file for sure) is a good idea, */
++/* then feel free to uncomment this block. */
++/* */
++/* #ifndef FT_FREETYPE_H */
++/* #error "`ft2build.h' hasn't been included yet!" */
++/* #error "Please always use macros to include FreeType header files." */
++/* #error "Example:" */
++/* #error " #include <ft2build.h>" */
++/* #error " #include FT_FREETYPE_H" */
++/* #endif */
++/***************************************************************************/
+
+
+ #include <ft2build.h>
diff --git a/patches/source/freetype/freetype.subpixel.rendering.diff b/patches/source/freetype/freetype.subpixel.rendering.diff
new file mode 100644
index 00000000..5ab3b379
--- /dev/null
+++ b/patches/source/freetype/freetype.subpixel.rendering.diff
@@ -0,0 +1,12 @@
+diff -Naur freetype-2.6.1.orig/include/freetype/config/ftoption.h freetype-2.6.1/include/freetype/config/ftoption.h
+--- freetype-2.6.1.orig/include/freetype/config/ftoption.h 2015-09-25 07:58:57.000000000 +0200
++++ freetype-2.6.1/include/freetype/config/ftoption.h 2015-10-31 16:11:42.016958163 +0100
+@@ -92,7 +92,7 @@
+ /* This is done to allow FreeType clients to run unmodified, forcing */
+ /* them to display normal gray-level anti-aliased glyphs. */
+ /* */
+-/* #define FT_CONFIG_OPTION_SUBPIXEL_RENDERING */
++#define FT_CONFIG_OPTION_SUBPIXEL_RENDERING
+
+
+ /*************************************************************************/
diff --git a/patches/source/freetype/slack-desc b/patches/source/freetype/slack-desc
new file mode 100644
index 00000000..d70b3e75
--- /dev/null
+++ b/patches/source/freetype/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
+# leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+freetype: freetype (A free, high-quality, and portable font engine)
+freetype:
+freetype: FreeType is a free and portable font rendering engine. It has been
+freetype: developed to provide support for a number of font formats, including
+freetype: TrueType, Type 1, and OpenType, and is designed to be small,
+freetype: efficient, highly customizable, and portable while capable of
+freetype: producing high-quality output.
+freetype:
+freetype: Homepage: http://www.freetype.org
+freetype:
+freetype: