debian/0000755000000000000000000000000013342315036007166 5ustar debian/README.source0000644000000000000000000000277213333322275011360 0ustar sam2p source package notes ========================== Patch system ------------ sam2p uses quilt to make changes to the upstream source, as part of the 3.0 (quilt) source format. The patches are stored in debian/patches and applied automatically by dpkg-source. To list the patches run: $ quilt series To manually apply all the patches run: $ quilt push -a To manually unapply all of the patches run: $ quilt pop -a To manually apply or unapply enough patches of the series so that a given one is on top run: $ quilt push PATCH $ quilt pop PATCH To edit a patch, put it on top then run: $ quilt edit FILE To add a patch run: $ quilt new PATCH When you are done editing a file within a patch run: $ quilt refresh then edit the patch header according to DEP-3. Source content -------------- The original tarball contains a debian directory which is removed by dpkg-source during the source package unpacking. Version control --------------- The package Git repository contains an “upstream” branch which replicates the original tarball content. For new version it is merged into the main “master” branch but its debian directory must be removed as dpkg-source does, for instance by creating a temporary branch and making an intermediate commit: $ git-import-orig ../sam2p_0.49.orig.tar.gz $ git checkout -b temp upstream $ git rm -r debian $ git commit -m "Remove original debian directory" $ git checkout master $ git merge temp $ git branch -d temp debian/changelog0000644000000000000000000002166113342307212011043 0ustar sam2p (0.49.2-3+deb8u3build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian -- Mike Salvatore Thu, 30 Aug 2018 12:50:56 -0400 sam2p (0.49.2-3+deb8u3) jessie-security; urgency=medium * Non-maintainer upload by the LTS team. * Fix CVE-2018-12601: a heap-buffer-overflow in function ReadImage, in file input-tga.ci using https://github.com/pts/sam2p/commit/8b2b715199 from Peter Szabo. * Fix CVE-2018-12578: a heap-buffer-overflow in bmp_compress1_row using https://github.com/pts/sam2p/commit/22e7a17e70 from Peter Szabo. -- Holger Levsen Fri, 10 Aug 2018 16:37:19 +0200 sam2p (0.49.2-3+deb8u2) jessie; urgency=high * Non-maintainer upload. * Fix CVE-2018-7487, CVE-2018-7551, CVE-2018-7552, CVE-2018-7553 and CVE-2018-7554. Multiple invalid frees and buffer-overflow vulnerabilities were discovered in sam2p that may lead to a denial-of-service (application crash) or unspecified other impact. -- Markus Koschany Sat, 07 Apr 2018 17:48:42 +0200 sam2p (0.49.2-3+deb8u1) jessie; urgency=high * Non-maintainer upload. * Fix CVE-2017-14628, CVE-2017-14629, CVE-2017-14630, CVE-2017-14631, CVE-2017-14636, CVE-2017-14637, CVE-2017-16663: Several integer overflow or heap-based buffer overflow issues were discovered in sam2p that may lead to an application crash or other unspecified impact. (Closes: #876744) -- Markus Koschany Wed, 22 Nov 2017 21:39:20 +0100 sam2p (0.49.2-3) unstable; urgency=medium * debian/sam2p.1: correct the documentation of -m:dpi:RES and document -m:dpi:-RES. (Closes: #619824) * debian/control: update Standards-Version to 3.9.5 (no change needed). -- Tanguy Ortolo Sun, 31 Aug 2014 18:06:07 +0200 sam2p (0.49.2-2.1) UNRELEASED; urgency=low * Remove myself from Uploaders -- Stefan Fritsch Sun, 03 Nov 2013 10:49:03 +0100 sam2p (0.49.2-2) unstable; urgency=low * debian/rules: manually clean files instead of relying on the make clean target, which depends on a file generated by the configure script, thus unusable before buildining. (Closes: #724468) -- Tanguy Ortolo Tue, 24 Sep 2013 21:59:01 +0200 sam2p (0.49.2-1) unstable; urgency=low * New upstream version. (Closes: #721142) * debian/patches: remove patches integrated by upstream - 06_update-ccdep.patch - 07_fix-rule.hpp.patch -- Tanguy Ortolo Sun, 08 Sep 2013 18:47:53 +0200 sam2p (0.49.1-2) unstable; urgency=low * debian/sam2p.1: various small spelling and cosmetic corrections. * debian/sam2p_pdf_scale.1.xml: fix a typo in the copyright date. * debian/patches: patches to prevent FTBFS with GCC 4.8 (Closes: #701351) - 06_update-ccdep.patch: update ccdep.pl to take into account GCC 4.8 error messages. - 07_fix-rule.hpp.patch: fix a syntax error in rule.hpp. * debian/compat: switch to dh 9 for hardening. * debian/patches/08_respect-cxxflags.patch: make the Makefile take into account hardening build flags. * debian/rules: make configure restoration workaround more resilient (when the backup file is already there). * debian/control: - remove obsolete field DM-Upload-Allowed. - switch to dh 9 for hardening. - update Vcs-* fields with canonical URLs (for Policy 3.9.4). - update Standards-Versions to 3.9.4 (need to update Vcs-* fields). -- Tanguy Ortolo Tue, 13 Aug 2013 21:40:59 +0200 sam2p (0.49.1-1) unstable; urgency=low * New upstream version. * debian/changelog.upstream: updated from original debian/changelog. * debian/clean: clean debian/sam2p_pdf_scale.1. * debian/control: depends on what it takes to compile DocBook to troff. * debian/dirs: removed (useless). * debian/sam2p.manpages: install debian/sam2p_pdf_scale.1. * debian/rules: - removed a configure workaround for a problem which has been fixed upstream. - use sam2p_pdf_scale.pl instead of debian/sam2p_pdf_scale.pl. - compile debian/sam2p_pdf_scale.1.xml. * debian/sam2p_pdf_scale.pl: removed (now provided by upstream) * debian/sam2p_pdf_scale.1.xml: a manpage for sam2p_pdf_scale. -- Tanguy Ortolo Thu, 15 Dec 2011 23:53:38 +0100 sam2p (0.49-1) unstable; urgency=low [ Tanguy Ortolo ] * New upstream version. * debian/patches/02_show_whole_version.patch: not needed anymore. * debian/rules: - adapt the configure workaround. - install upstream changelog from its new location debian/changelog.upstream, see below. - remove a useless DIST_CLEAN=1 in the clean feature, and work around the upstream make clean to keep the configure script it tries to remove. - remove a wrong duplicated example. - add an LDFLAG to only link to needed libraries. * debian/patches: removed two patches which do not seem needed anymore: - 04_fix_gcc_4.3_FTBFS_420983.patch. - 06_fix_makedep.patch. * debian/README.source: update to match the new packaging context: - document quilt instead of dpatch. - original debian directory is removed by dpkg-source. - document the upstream Git branch use. * debian/changelog.upstream: keep upstream changelog here. * debian/clean: removed unused targets. * debian/control: updated Standards-Version, no change needed. [ Stefan Fritsch ] * Move Tanguy to Maintainer and myself to Uploaders. * Set DM-Upload-Allowed: yes -- Stefan Fritsch Sun, 27 Nov 2011 19:55:53 +0100 sam2p (0.47-1-4) UNRELEASED; urgency=low * debian/control: - put myself in Uploaders, adopting the package. (Closes: #619846) - add Vcs-* fields. * debian/watch: fix. * debian/copyright: switch to DEP-5 machine-readable format. * debian/source/format, debian/patches, debian/rules, debian/control: switch to dpkg-source 3.0 (quilt) format and stop using dpatch. * debian/patches/*.patch: switch to DEP-3 tagging format. * debian/rules: - switched to dh7 catchall-style. - removed get-orig-source: useless, we have uscan for that. * debian/examples: use dh_installexamples to install the example files. * debian/sam2p.1: correct a typo (ouput instead of output). -- Tanguy Ortolo Tue, 01 Nov 2011 16:21:42 +0100 sam2p (0.47-1-3) unstable; urgency=low * Trick the build system into working with gcc 4.5. Closes: #615685 * Bump standards-version: no changes * Add debian/source/format -- Stefan Fritsch Fri, 04 Mar 2011 19:47:32 +0100 sam2p (0.47-1-2) unstable; urgency=low * Clean up rules file and convert to debhelper's dh. * Add watch file. -- Stefan Fritsch Sat, 05 Dec 2009 20:29:27 +0100 sam2p (0.47-1-1) unstable; urgency=low * New upstream version. * Include sam2p_pdf_scale script from upstream svn r105 (closes: #557864). * Bump standards-version: - add README.source * Fix some lintian warnings: - point to GPL-2 in copyright file - bump debhelper compatibility level -- Stefan Fritsch Sat, 28 Nov 2009 18:45:59 +0100 sam2p (0.45-3-3) unstable; urgency=low * Fix bashism in debian/rules (closes: #478624). * Bump Standards-Version (no changes). * Convert copyright file to utf8. -- Stefan Fritsch Tue, 06 May 2008 17:16:13 +0200 sam2p (0.45-3-2) unstable; urgency=low * Fix handling of nostrip build option (Closes: #437946) * Fix some lintian warnings -- Stefan Fritsch Mon, 03 Sep 2007 21:14:20 +0200 sam2p (0.45-3-1) unstable; urgency=low * New upstream release * Fix FTBFS with gcc 4.3 pre-release (Closes: #420983) * Fix FSF address * Fix manpage encoding * Convert build system to dpatch * Bump Standards-Version (no changes) * New maintainer email address -- Stefan Fritsch Wed, 02 May 2007 19:49:20 +0200 sam2p (0.44-13-1) unstable; urgency=low * New upstream release - Fixes FTBFS with gcc-4.0.1 (Closes: #324573) - Adds -j:quiet option (Closes: #324738) * Avoid error message from child shell * Make -v display full upstream version -- Stefan Fritsch Fri, 26 Aug 2005 17:47:32 +0200 sam2p (0.44-11-1) unstable; urgency=low * New upstream release - contains partial fix for bug #315046: gsview complains about %%BeginData: * set Standards-Version to 3.6.2 (no changes needed) -- Stefan Fritsch Tue, 21 Jun 2005 22:33:39 +0200 sam2p (0.44-10-1) unstable; urgency=low * New upstream release - fixes FTBFS with gcc-4.0 and problems on 64bit arches Closes: #303723 -- Stefan Fritsch Sun, 17 Apr 2005 14:48:42 +0200 sam2p (0.44-8-1) unstable; urgency=low * New upstream release * Update manpage -- Stefan Fritsch Tue, 22 Feb 2005 13:38:41 +0100 sam2p (0.44-7-1) unstable; urgency=low * Initial Release. (Closes: #276489) -- Stefan Fritsch Wed, 12 Jan 2005 17:51:51 +0100 debian/compat0000644000000000000000000000000213262164132010364 0ustar 9 debian/sam2p.manpages0000644000000000000000000000005013262164132011720 0ustar debian/sam2p.1 debian/sam2p_pdf_scale.1 debian/rules0000755000000000000000000000344013262164132010247 0ustar #!/usr/bin/make -f # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 export DEB_BUILD_MAINT_OPTIONS = hardening=+all export DEB_LDFLAGS_MAINT_APPEND =-Wl,--as-needed %: dh $@ override_dh_auto_configure: dh_auto_configure -- --enable-gif --enable-lzw override_dh_auto_build: xsltproc --nonet -o debian/ \ /usr/share/xml/docbook/stylesheet/docbook-xsl-ns/manpages/docbook.xsl \ debian/sam2p_pdf_scale.1.xml # (the generated file debian/sam2p_pdf_scale.1 is cleaned by # dh_clean(1), cf. debian/clean) dh_auto_build override_dh_auto_install: dh_auto_install -- prefix=$(CURDIR)/debian/sam2p/usr override_dh_install: dh_install perl -0777 -p -e 's{.*?http://www.inf.bme.hu/~pts/Magic.Perl.Header\s*$$}{#!/usr/bin/perl -w}ms' \ < sam2p_pdf_scale.pl > debian/sam2p/usr/bin/sam2p_pdf_scale override_dh_installchangelogs: dh_installchangelogs debian/changelog.upstream override_dh_installexamples: dh_installexamples # Removing a duplicate file (the other name, sam2p_fishg.job, is the # correct one, cf. its content) rm $(CURDIR)/debian/sam2p/usr/share/doc/sam2p/examples/sam2p_fisht.job override_dh_auto_test: override_dh_auto_clean: # Manually clean, since make clean depends on two files, Makehelp and # Makedep, which are not provided but generated by configure, making # the clean impossible at the beginning. # Remove generated auxiliary makefiles rm -f Makedep Makehelp # Remove existing files directly listed in the make clean target rm -f *.o *.tth *.tmp.pin *.tmp.i *.tmp.ps0 *.tmp.h # Remove existing files indirectly listed in the make clean target, as # the $(ALL) variable defined in the Makedep auxiliary makefile rm -f sam2p_version.h ps_tiny sam2p # Remove generated files I found listed nowhere in the makefile rm -f config.h config.log config.status debian/patches/0000755000000000000000000000000013333322140010607 5ustar debian/patches/CVE-2017-14636.patch0000644000000000000000000000074013262164132013324 0ustar --- image.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/image.cpp b/image.cpp index e921fde..5238fd7 100644 --- a/image.cpp +++ b/image.cpp @@ -715,6 +715,7 @@ void Image::Indexed::sortPal() { unsigned ncols = getNcols(), i; assert(transp == -1 || transp + 0U == ncols - 1); assert(ncols <= 256); + if (ncols == 0) return; /* Safe if ncols == 0 and transp == -1. */ if (transp + 0U == ncols - 1) --ncols; if (ncols <= 1) return; #if SIZEOF_SHORT>=4 debian/patches/CVE-2017-14631.patch0000644000000000000000000000374413262164132013326 0ustar --- in_pcx.cpp | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/in_pcx.cpp b/in_pcx.cpp index a64be49..f04e4c1 100644 --- a/in_pcx.cpp +++ b/in_pcx.cpp @@ -171,11 +171,11 @@ static Image::Sampled *LoadPCX return_pcxError(bname,"unrecognized magic number"); } - pinfo->w = (hdr[PCX_XMAXL] + ((int) hdr[PCX_XMAXH]<<8)) - - (hdr[PCX_XMINL] + ((int) hdr[PCX_XMINH]<<8)); + pinfo->w = (hdr[PCX_XMAXL] + ((dimen) hdr[PCX_XMAXH]<<8)) + - (hdr[PCX_XMINL] + ((dimen) hdr[PCX_XMINH]<<8)); - pinfo->h = (hdr[PCX_YMAXL] + ((int) hdr[PCX_YMAXH]<<8)) - - (hdr[PCX_YMINL] + ((int) hdr[PCX_YMINH]<<8)); + pinfo->h = (hdr[PCX_YMAXL] + ((dimen) hdr[PCX_YMAXH]<<8)) + - (hdr[PCX_YMINL] + ((dimen) hdr[PCX_YMINH]<<8)); pinfo->w++; pinfo->h++; @@ -188,7 +188,7 @@ static Image::Sampled *LoadPCX pinfo->w, pinfo->h, hdr[PCX_VER], hdr[PCX_ENC]); fprintf(stderr," BitsPerPixel=%d, planes=%d, BytePerRow=%d, colors=%d\n", hdr[PCX_BPP], hdr[PCX_PLANES], - hdr[PCX_BPRL] + ((int) hdr[PCX_BPRH]<<8), + hdr[PCX_BPRL] + ((dimen) hdr[PCX_BPRH]<<8), colors); } #endif @@ -364,7 +364,7 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) w = pinfo->w; h = pinfo->h; planes = (unsigned) hdr[PCX_PLANES]; - bperlin = hdr[PCX_BPRL] + ((int) hdr[PCX_BPRH]<<8); + bperlin = hdr[PCX_BPRL] + ((dimen) hdr[PCX_BPRH]<<8); /* allocate 24-bit image */ const PCX_SIZE_T alloced = multiply_check(w, h, planes); @@ -453,9 +453,10 @@ static void pcxLoadRaster ___((FILE *fp, byte *image, int depth, byte *hdr, dime int b; byte *oldimage; - bperlin = hdr[PCX_BPRL] + ((int) hdr[PCX_BPRH]<<8); - if (depth == 1) pad = (bperlin * 8) - w; - else pad = bperlin - w; + bperlin = hdr[PCX_BPRL] + ((dimen) hdr[PCX_BPRH]<<8); + pad = (depth == 1) ? bperlin * 8 : bperlin; + if (pad < w) FatalError("pad too small"); + pad -= w; row = bcnt = 0; debian/patches/CVE-2018-7551.patch0000644000000000000000000000536113262164132013247 0ustar From: Markus Koschany Date: Thu, 5 Apr 2018 11:02:16 +0200 Subject: CVE-2018-7551 Bug-Upstream: https://github.com/pts/sam2p/issues/28 Origin: https://github.com/pts/sam2p/commit/a6621e996f976912252018be8a8836ee6a966ee3 --- input-pnm.ci | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/input-pnm.ci b/input-pnm.ci index 1645071..033a8ca 100644 --- a/input-pnm.ci +++ b/input-pnm.ci @@ -177,6 +177,18 @@ static struct struct_pnm_types { 0 , 0, 0, 0, NULL} }; +static slen_t multiply_check(slen_t a, slen_t b) { + slen_t result; + if (a == 0) return 0; + /* Check for overflow. Works only if everything is unsigned. */ + if ((result = a * b) / a != b) FATALP("PNM: can't open file\n"); + return result; +} + +static slen_t multiply_check(slen_t a, slen_t b, slen_t c) { + return multiply_check(multiply_check(a, b), c); +} + #if PTS_SAM2P bitmap_type pnm_load_image (FILEE* filename) #else @@ -265,8 +277,8 @@ bitmap_type pnm_load_image (at_string filename) BITMAP_HEIGHT (bitmap) = (at_dimen_t) pnminfo->yres; BITMAP_PLANES (bitmap) = (pnminfo->np)?(pnminfo->np):1; - /* BITMAP_BITS (bitmap) = (unsigned char *) malloc (pnminfo->yres * pnminfo->xres * BITMAP_PLANES (bitmap)); */ - XMALLOCT(BITMAP_BITS (bitmap), unsigned char *, pnminfo->yres * pnminfo->xres * BITMAP_PLANES (bitmap)); + /* BITMAP_BITS (bitmap) = (unsigned char *) malloc ((slen_t)pnminfo->yres * pnminfo->xres * BITMAP_PLANES (bitmap)); */ + XMALLOCT(BITMAP_BITS (bitmap), unsigned char *, multiply_check(pnminfo->yres, pnminfo->xres, BITMAP_PLANES (bitmap))); pnminfo->loader (scan, pnminfo, BITMAP_BITS (bitmap)); /* vvv Dat: We detect truncation late truncated files will just have garbage :-( */ if (pnmscanner_eof(scan)) @@ -299,7 +311,7 @@ pnm_load_ascii (PNMScanner *scan, #endif d = data; if (info->np==0) { /* PBM */ - dend=d+info->xres*info->yres; + dend=d+(slen_t)info->xres*info->yres; while (d!=dend) { /* pnmscanner_getsmalltoken(scan, (unsigned char *)buf); */ pnmscanner_eatwhitespace(scan); @@ -307,7 +319,7 @@ pnm_load_ascii (PNMScanner *scan, pnmscanner_getchar(scan); } } else { /* PGM or PPM */ /**** pts ****/ - dend=d+info->xres*info->yres*info->np; + dend=d+(slen_t)info->xres*info->yres*info->np; switch (s=info->maxval) { case 255: while (d!=dend) { @@ -350,10 +362,10 @@ pnm_load_raw (PNMScanner *scan, scanlines = info->yres; d = data; - delta=info->xres * info->np; + delta=(slen_t)info->xres * info->np; dend=d+delta*scanlines; while (d!=dend) { - if (info->xres*info->np != fread_FILEE((char*)d, delta, fd)) return; + if (delta != fread_FILEE((char*)d, delta, fd)) return; d+=delta; } d=data; debian/patches/CVE-2018-12601.patch0000644000000000000000000000417113333313147013316 0ustar commit 8b2b7151991e07ef262857c2325e95c3b2867f80 Author: Peter Szabo Date: Mon Jun 25 13:42:18 2018 +0200 fixed overflow detection in TGA image dimensions; this fixes https://github.com/pts/sam2p/issues/41 Index: sam2p-0.49.2/input-tga.ci =================================================================== --- sam2p-0.49.2.orig/input-tga.ci +++ sam2p-0.49.2/input-tga.ci @@ -287,6 +287,7 @@ ReadImage (FILE *fp, unsigned char *alphas; int width, height, bpp, abpp, pbpp, nalphas; + int wh, wh3, whp; int j, k; int pelbytes, wbytes, bsize, npels, pels; int rle, badread; @@ -444,7 +445,17 @@ ReadImage (FILE *fp, else pelbytes = 3; - image.bitmap = (unsigned char *) malloc (width * height * 3 * sizeof(unsigned char)); + wh = (unsigned)width * height; + if (wh / width != height) { + idl_error: + FATALP("TGA: image dimensions too large"); + } + wh3 = 3U * wh; + if (wh3 / 3 != wh) goto idl_error; + whp = (unsigned)pelbytes * wh; + if (whp / pelbytes != wh) goto idl_error; + + image.bitmap = (unsigned char *) malloc (wh3); BITMAP_WIDTH (image) = (unsigned short) width; BITMAP_HEIGHT (image) = (unsigned short) height; BITMAP_PLANES (image) = (unsigned short) 3; @@ -455,7 +466,7 @@ ReadImage (FILE *fp, /* Maybe we need to reverse the data. */ buffer = NULL; if (horzrev || vertrev) - buffer = (unsigned char *) malloc (width * height * pelbytes * sizeof (unsigned char)); + buffer = (unsigned char *) malloc (whp); if (rle) myfread = rle_fread; else @@ -464,7 +475,7 @@ ReadImage (FILE *fp, wbytes = width * pelbytes; badread = 0; - npels = width * height; + npels = wh; bsize = wbytes * height; /* Suck in the data one height at a time. */ @@ -566,7 +577,7 @@ ReadImage (FILE *fp, int xpos, ypos; temp2 = temp = image.bitmap; - image.bitmap = temp3 = (unsigned char *) malloc (width * height * 3 * sizeof (unsigned char)); + image.bitmap = temp3 = (unsigned char *) malloc (wh3); for (ypos = 0; ypos < height; ypos++) { debian/patches/CVE-2018-7487.patch0000644000000000000000000000141613262164132013254 0ustar From: Markus Koschany Date: Wed, 4 Apr 2018 22:58:32 +0200 Subject: CVE-2018-7487 Bug-Upstream: https://github.com/pts/sam2p/issues/18 --- in_pcx.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/in_pcx.cpp b/in_pcx.cpp index f04e4c1..e8e1ce1 100644 --- a/in_pcx.cpp +++ b/in_pcx.cpp @@ -239,7 +239,7 @@ static Image::Sampled *LoadPCX if (fread(pinfo->pal, 1, colors*3, fp) != colors * 3 + 0U || ferror(fp) || feof(fp)) { pcxError(bname,"Error reading PCX colormap. Using grayscale."); - for (i=0; i<256; i++) PAL_R(pinfo,i) = PAL_G(pinfo,i) = PAL_B(pinfo,i) = i; + for (i=0; i=1 && cs<=5 ? names[cs] : (char*)NULLP; } +static void fatal_image_too_large() { + Error::sev(Error::EERROR) << "Image: Image too large." << (Error*)0; +} + +static slen_t multiply_check(slen_t a, slen_t b) { + const slen_t result = a * b; + /* Check for overflow. Works only if everything is unsigned. */ + if (result / a != b) fatal_image_too_large(); + return result; +} + +static slen_t multiply_check(slen_t a, slen_t b, slen_t c) { + return multiply_check(multiply_check(a, b), c); +} + +static slen_t add_check(slen_t a, slen_t b) { + /* Check for overflow. Works only if everything is unsigned. */ + if (b > (slen_t)-1 - a) fatal_image_too_large(); + return a + b; +} + +#if 0 +static slen_t add_check(slen_t a, slen_t b, slen_t c) { + return add_check(add_check(a, b), c); +} +#endif + +static slen_t add_check(slen_t a, slen_t b, slen_t c, slen_t d) { + return add_check(add_check(a, b), add_check(c, d)); +} void Image::Sampled::init(slen_t l_comment, slen_t l_header, dimen_t wd_, dimen_t ht_, /* ^^^ 24 is required for /Transparent in out_tiff_work */ @@ -117,8 +147,10 @@ void Image::Sampled::init(slen_t l_comment, slen_t l_header, dimen_t wd_, dimen_ cpp=cpp_; // pred=1; transpc=0x1000000UL; /* Dat: this means: no transparent color */ - rlen=(((rlen_t)bpc_)*cpp_*wd_+7)>>3; - beg=new char[len=l_comment+l_header+rlen*ht_+PADDING]; + const slen_t rlens = add_check(multiply_check(bpc_, cpp_, wd_), 7) >> 3; + rlen = rlens; + if (rlen != rlens) fatal_image_too_large(); + beg=new char[len=add_check(l_comment, l_header, multiply_check(rlen, ht_), bpc)]; rowbeg=(headp=const_cast(beg)+l_comment)+l_header; trail=const_cast(beg)+len-bpc; } diff --git a/in_pcx.cpp b/in_pcx.cpp index 592b678..a64be49 100644 --- a/in_pcx.cpp +++ b/in_pcx.cpp @@ -27,6 +27,7 @@ #define return_pcxError(bname, conststr) Error::sev(Error::EERROR) << "PCX: " conststr << (Error*)0 #define byte unsigned char #define size_t slen_t +#define PCX_SIZE_T slen_t #define malloc_byte(n) new byte[n] #define free(p) delete p #define DEBUG 1 @@ -108,6 +109,16 @@ static void pcxLoadRaster PARM((FILE *, byte *, int, byte *, dimen, dimen)); static int pcxError PARM((char *, char *)); #endif +static PCX_SIZE_T multiply_check(PCX_SIZE_T a, PCX_SIZE_T b) { + const PCX_SIZE_T result = a * b; + /* Check for overflow. Works only if everything is unsigned. */ + if (result / a != b) FatalError("Image too large."); + return result; +} + +static PCX_SIZE_T multiply_check(PCX_SIZE_T a, PCX_SIZE_T b, PCX_SIZE_T c) { + return multiply_check(multiply_check(a, b), c); +} /*******************************************/ static Image::Sampled *LoadPCX @@ -197,12 +208,12 @@ static Image::Sampled *LoadPCX Image::Indexed *img=new Image::Indexed(pinfo->w, pinfo->h, colors, 8); pinfo->pal=(byte*)img->getHeadp(); ASSERT_SIDE(pcxLoadImage8((char*)NULLP/*bname*/, fp, pinfo, hdr)); - memcpy(img->getRowbeg(), pinfo->pic, pinfo->w*pinfo->h); + memcpy(img->getRowbeg(), pinfo->pic, multiply_check(pinfo->w, pinfo->h)); ret=img; } else { Image::RGB *img=new Image::RGB(pinfo->w, pinfo->h, 8); ASSERT_SIDE(pcxLoadImage24((char*)NULLP/*bname*/, fp, pinfo, hdr)); - memcpy(img->getRowbeg(), pinfo->pic, pinfo->w*pinfo->h*3); + memcpy(img->getRowbeg(), pinfo->pic, multiply_check(pinfo->w, pinfo->h, 3)); ret=img; } free(pinfo->pic); @@ -304,8 +315,6 @@ static Image::Sampled *LoadPCX return ret; } - - /*****************************/ static int pcxLoadImage8 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr), (fname, fp, pinfo, hdr), (char *fname; @@ -318,11 +327,10 @@ static int pcxLoadImage8 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr), byte *image; - /* note: overallocation to make life easier... */ - image = (byte *) malloc_byte((size_t) (pinfo->h + 1) * pinfo->w + 16); + image = (byte *) malloc_byte(multiply_check(pinfo->h, pinfo->w)); if (!image) FatalError("Can't alloc 'image' in pcxLoadImage8()"); - xvbzero((char *) image, (size_t) ((pinfo->h+1) * pinfo->w + 16)); + xvbzero((char *) image, multiply_check(pinfo->h, pinfo->w)); switch (hdr[PCX_BPP]) { case 1: case 2: case 4: case 8: pcxLoadRaster(fp, image, hdr[PCX_BPP], hdr, pinfo->w, pinfo->h); break; @@ -359,10 +367,17 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) bperlin = hdr[PCX_BPRL] + ((int) hdr[PCX_BPRH]<<8); /* allocate 24-bit image */ - pic24 = (byte *) malloc_byte((size_t) w*h*planes); + const PCX_SIZE_T alloced = multiply_check(w, h, planes); + const PCX_SIZE_T w_planes = multiply_check(w, planes); + pic24 = (byte *) malloc_byte(alloced); + if (!pic24) FatalError("couldn't malloc 'pic24'"); - xvbzero((char *) pic24, (size_t) w*h*planes); + /* This may still fail with a segfault for large values of alloced, even + * if malloc_byte has succeeded. + */ + xvbzero((char *) pic24, alloced); + fprintf(stderr, "AAA3\n"); #if 0 /**** pts ****/ maxv = 0; @@ -370,7 +385,7 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) pix = pinfo->pic = pic24; i = 0; /* planes, in this while loop */ j = 0; /* bytes per line, in this while loop */ - nbytes = bperlin*h*planes; + nbytes = multiply_check(bperlin, h, planes); while (nbytes > 0 && (c = MACRO_GETC(fp)) != EOF) { if (c>=0xC0) { /* have a rep. count */ @@ -395,10 +410,10 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) if (j == bperlin) { j = 0; if (++i < planes) { - pix -= (w*planes)-1; /* next plane on this line */ + pix -= w_planes-1; /* next plane on this line */ } else { - pix -= (planes-1); /* start of next line, first plane */ + pix -= planes-1; /* start of next line, first plane */ i = 0; } } @@ -415,7 +430,7 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) for (i=0, pix=pic24; i Date: Tue Jul 17 17:59:02 2018 +0200 rewritten bmp_compress1_row from scratch; this fixes https://github.com/pts/sam2p/issues/39 diff --git a/appliers.cpp b/appliers.cpp index 83a3e27..944c909 100644 --- a/appliers.cpp +++ b/appliers.cpp @@ -1916,129 +1916,107 @@ Rule::Applier out_png_applier = { "PNG", out_png_check_rule, out_png_work, 0 }; /* --- Sat Jun 15 19:30:41 CEST 2002 */ -/** BMP RLE compression, type 1. Seems to be optimal. +/** BMP RLE compression, type 1. Close to optimal. * @param dst buffer with enough place for compressed data. The caller must - * pre-allocate >=(send-sbeg)+(send-sbeg+128)*2/255. - * @param sbeg first raw data char to compress - * @param send char to finish compression just before + * pre-allocate >=(pend-p)+(pend-p+254)/255*2 bytes. + * @param p first raw data char to compress + * @param pend char to finish compression just before * @return dst+(number of characters occupied by compressed data) * - * in-memory implementation Sun Jun 23 20:02:41 CEST 2002 + * BUGFIX on output size at Tue Jul 17 17:31:52 CEST 2018 */ -static char *bmp_compress1_row(char *dst, char const *sbeg, char const *send) { - #if 0 - # define BMP_ASSERT(x) assert(x) - #else - # define BMP_ASSERT(x) - #endif - #undef BUF - #define BUF(x) (*(x)) - #undef PUTCH__ - #define PUTCH__(c) (*dst++=(c)) - char c, c2; - char const *beg, *end, *rend, *q, *r, *best; - signed bestca, rca; /* both must fit into -255..255 */ - slen_t frl, efrl; - int ci; - // bool oddp; - - beg=sbeg; - end=(send-sbeg>255) ? beg+255 : send; - - while (beg!=end) { /* there is still unprocessed data in the buffer */ - c=BUF(beg++); - if (beg==end) { PUTCH__(1); PUTCH__(c); break; } /* last char */ - if (c==BUF(beg)) { /* sure r chunk */ - ci=2; beg++; - rep: - while (beg!=end && c==BUF(beg)) { beg++; ci++; } - PUTCH__(ci); PUTCH__(c); /* r chunk */ - } else { /* possible c chunk */ - rend=end; - BMP_ASSERT(end-beg<=254); - if (end!=send) { /* read an extra char as the terminator of the last run-length of c, buf:0..254 */ - end++; - BMP_ASSERT(end-beg==255); /* buffer is full (255 chars) */ +static char *bmp_compress1_row(char *dst, char const *p, char const *pend) { +#ifndef NDEBUG + char const * const dstend = dst + (pend - p) + (pend - p + 254) / 255 * 2; +#endif + while (p != pend) { + char const *px = p; + char c = *p++; + if (p == pend) { + assert(dst + 2 <= dstend); + *dst++ = 1; + *dst++ = c; + break; + } + if (c == *p) { + for (++p; p != pend && c == *p && p - px < 255; ++p) {} + assert(dst + 2 <= dstend); + *dst++ = p - px; + *dst++ = c; + continue; + } + extend_c_chunk: + if (p == pend || p - px == 255) { emit_cr_chunk: + if (p - px == 1) { + assert(dst + 2 <= dstend); + *dst++ = 1; + *dst++ = *px; + } else if (p - px == 2) { + assert(dst + 4 <= dstend); + /* 0, 2 is BMP delta record, so emit 2 r chunks. */ + *dst++ = 1; + *dst++ = *px; + *dst++ = 1; + *dst++ = px[1]; + } else { + assert(dst + 2 + (p - px) <= dstend); + *dst++ = 0; + assert(p - px >= 3 && p - px <= 255); + *dst++ = p - px; + for (; px != p; *dst++ = *px++) {} /* memcpy(). */ } - - best=r=beg; - bestca=rca=-1; /* best and current advantage of c over r */ - - while (r!=rend) { /* c chunk should stop only at run-length boundaries */ - BMP_ASSERT(-255<=rca && rca<=255); - BMP_ASSERT(-255<=bestca && bestca<=255); - q=r; r=q+1; ci=1; while (r!=end && BUF(r)==BUF(q)) { r++; ci++; } - if (r==end && end!=rend) break; - if (((r-beg)&1)==0) { /* odd (!) copy length */ - rca+=3-ci; - if (rca<=bestca-1) { r--; break; } /* fix-5 (instead of rule-4): `xyz|bbbbb|xyz|', `abcdef|gggggggg|abababababab|', `abcdef|ggg|hhh|ggg|hhh|ggg|hhh|ggg|hhh|abababababab|' */ - if (bestca 1); + goto at_least_3; + for (;;) { + assert(state == 1 || state == 2); + assert(py < pend); + if (py - px > 255) goto emit_cr_chunk; /* Just speed. */ + c = *py++; + if (py == pend) { /* 1 byte before EOF */ + if (--state != 0 && py - px <= 255) p = py; + goto emit_cr_chunk; + } + if (*py != c) { /* Not even a run of 2. */ + --py; + assert(py - px <= 255); + p = py; + if (p - px == 255) goto emit_cr_chunk; + goto extend_c_chunk_nonempty; + } + ++py; + if (py == pend) goto emit_cr_chunk; + if (*py == c) { /* Run of at least 3. */ + ++py; + at_least_3: + if (py == pend) goto emit_cr_chunk; + if (*py == c) goto emit_cr_chunk; /* Run of at least 4. */ + if (--state == 0) goto emit_cr_chunk; + /* Skip over run of 3. */ + } + } } + } else if (p - px == 254) { + /* !! Suboptimal for 'ab' * 127 + 'y' * 256. */ + goto emit_cr_chunk; } - BMP_ASSERT(-255<=rca && rca<=255); - BMP_ASSERT(-255<=bestca && bestca<=255); - if (bestca<=0 /* no possible positive advantage */ - || best-beg<=1 /* 1: c is one char, plus 1 char in buf. Imp: ==1?! */ - ) { ci=1; goto rep; } - r=best; /* Imp: get rid of this assignment */ - BMP_ASSERT(beg!=r); - BMP_ASSERT(((r-beg)&1)==1); /* even copy length */ - - if (end==r) { /* no followers, last chunk */ - /* BMP_ASSERT(had_eof); */ - // oddp=(1+(r-beg)&1)==1; - PUTCH__(0); - PUTCH__((r-beg)+1); - PUTCH__(c); - while (beg!=r) { PUTCH__(BUF(beg)); beg++; } /* emit c chunk */ - // if (oddp) PUTCH__(0); /* Imp: padding breaks optimality */ - } else { - BMP_ASSERT(r!=end); - /* BMP_ASSERT(r!=rend); */ /* r==rend is possible here */ - c2=BUF(r); frl=1; q=r+1; - while (q!=end && c2==BUF(q)) { q++; frl++; } /* count follower run length */ - efrl=frl; ci=-2; if (q==end) { /* Imp: get rid of -2 (-2 -> -1) */ - BMP_ASSERT(q==end); - while ((ci=(q==send)?-1:(unsigned char)*q++)!=-1 && (char)ci==c2) efrl++; - } - - /* printf("clen=%u\n", clen); */ - if (1+(r>beg ? r-beg : 256+beg-r)<255 && efrl>=256 && efrl%255==1) { r++; efrl--; } /* make the c chunk one char longer if appropriate */ - - // oddp=(1+(r-beg)&1)==1; - PUTCH__(0); - PUTCH__(1+(r-beg)); - PUTCH__(c); - while (beg!=r) { PUTCH__(BUF(beg)); beg++; } /* emit c chunk */ - // if (oddp) PUTCH__(0); /* Imp: padding breaks optimality */ - - beg=q; /* remove beginning of the r chunk from the buffer */ - if (ci>=0) { beg--; BMP_ASSERT((unsigned char)BUF(beg)==ci); } - - while (efrl>=255) { PUTCH__('\377'); PUTCH__(c2); efrl-=255; } /* emit full r chunks */ - if (efrl>=2) { /* emit last r chunk */ - PUTCH__(efrl); PUTCH__(c2); - } else if (efrl!=0) { - BMP_ASSERT(efrl==1); - beg--; /* leave a single instance of c2 in beginning of the buffer */ - BMP_ASSERT(BUF(beg)==c2); - } - } /* IF c chunk has followers */ - } /* IF r or c chunk */ - end=(send-beg>255) ? beg+255 : send; - } /* WHILE main loop */ + } + ++p; + goto extend_c_chunk; + } return dst; - #undef BUF - #undef PUTCH__ } - /** Windows Bitmap BMP output */ Rule::Applier::cons_t out_bmp_check_rule(Rule::OutputRule* or_) { /* Supported BMP types: /Rgb8, @@ -2093,7 +2071,7 @@ Rule::Applier::cons_t out_bmp_work(GenBuffer::Writable& out, Rule::OutputRule*or : or_->cache.SampleFormat==Image::SF_Indexed4 ? 2 : 1; SimBuffer::B data; - slen_t crowsize=2+ rlen+(rlen+128)*2/255; /* !! Imp: real upper bound? */ + slen_t crowsize=2+ rlen+(rlen+254)/255*2; /* !! Imp: real upper bound? */ char *crow=new char[crowsize]; /* !! GIMP compatibility */ if (or_->cache.Compression==or_->cache.CO_RLE) { debian/patches/03_avoid_errormessage.patch0000644000000000000000000000273313262164132016025 0ustar Description: We don't have tif22pnm in debian, so we just quell the error message Author: Stefan Fritsch Last-Update: 2011-11-01 --- sam2p-0.44-13.orig/in_tiff.cpp +++ sam2p-0.44-13/in_tiff.cpp @@ -32,14 +32,7 @@ #endif #else #if OS_COTY==COTY_UNIX - #if 1 - "(tif22pnm -rgba %S pnm: || tifftopnm %S)"; - #else - /* Dat: not using this to suppress `sh: tif22pnm: command not found', because - * it would hide precious error messages printed by tif22pnm. - */ - "((tif22pnm -rgba %S pnm: 2>/dev/null)|| tifftopnm %S)"; - #endif + "if (type -p tiff22pnm >/dev/null); then tif22pnm -rgba %S pnm: ; else tifftopnm %S ; fi"; #else "tif22pnm -rgba %S pnm:"; /* Wants to seek in the file. */ #endif --- sam2p-0.44-13.orig/in_png.cpp +++ sam2p-0.44-13/in_png.cpp @@ -35,14 +35,7 @@ "png22pnm -rgba %S >%D"; #else #if OS_COTY==COTY_UNIX - #if 1 - "(png22pnm -rgba %S || (pngtopnm <%S && pngtopnm -alpha <%S)) >%D"; - #else - /* Dat: not using this to suppress `sh: png22pnm: command not found', because - * it would hide precious error messages printed by png22pnm. - */ - "((png22pnm -rgba %S 2>/dev/null)|| (pngtopnm <%S && pngtopnm -alpha <%S)) >%D"; - #endif + "(if (type -p png22pnm >/dev/null); then png22pnm -rgba %S; else (pngtopnm <%S && pngtopnm -alpha <%S); fi ) >%D"; #else "png22pnm -rgba %S >%D"; #endif debian/patches/08_respect-cxxflags.patch0000644000000000000000000000144713262164132015435 0ustar Description: Make the makefile respect the exported build flags The Makefile, or rather the included Makehelp, forcefully sets CXXFLAGS. This patch includes the value of CPPFLAGS into it so hardening flags are taken into account. Author: Tanguy Ortolo Forwarded: not-needed Last-Update: 2013-08-13 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ Index: sam2p/Makehelp.in =================================================================== --- sam2p.orig/Makehelp.in 2013-08-13 13:31:31.019798641 +0200 +++ sam2p/Makehelp.in 2013-08-13 13:34:11.710705429 +0200 @@ -1,6 +1,6 @@ CXX=@CXX@ LDXX=@LDXX@ -CXXFLAGS=-DHAVE_CONFIG2_H @CXXFLAGS@ +CXXFLAGS+=$(CPPFLAGS) -DHAVE_CONFIG2_H @CXXFLAGS@ CXXFLAGSB=@CXXFLAGSB@ ENABLE_DEBUG=@ENABLE_DEBUG@ GFLAG=@GFLAG@ debian/patches/CVE-2017-14629.patch0000644000000000000000000000364113262164132013331 0ustar --- in_xpm.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/in_xpm.cpp b/in_xpm.cpp index dce69bf..33bda0f 100644 --- a/in_xpm.cpp +++ b/in_xpm.cpp @@ -285,14 +285,14 @@ static Image::Sampled *in_xpm_reader(Image::Loader::UFD *ufd, SimBuffer::Flat co memset(bin, 255, sizeof(*bin) * 65536); /* Make bin[*]=-1 */ for (i=0,p=tab; (unsigned)isetPal(i, rgb[i]); - bin[(p[0]<<8)+p[1]]=i; + bin[(((unsigned char*)p)[0]<<8)+((unsigned char*)p)[1]]=i; } assert(p==pend); while (ht--!=0) { tok.getComma(); for (p=outbuf+ret->getRlen(); outbuf!=p; ) { tok.readInStr(pend,2); - if ((s=bin[(pend[0]<<8)+pend[1]])<0) Error::sev(Error::EERROR) << "XPM: unpaletted color" << (Error*)0; + if ((s=bin[(((unsigned char*)pend)[0]<<8)+((unsigned char*)pend)[1]])<0) Error::sev(Error::EERROR) << "XPM: unpaletted color" << (Error*)0; *outbuf++=s; } } @@ -301,12 +301,12 @@ static Image::Sampled *in_xpm_reader(Image::Loader::UFD *ufd, SimBuffer::Flat co Image::Sampled::rgb_t rgb1; unsigned short *bin=new unsigned short[65536], s; memset(bin, 255, sizeof(*bin) * 65536); /* Make bin[*]=max */ - for (i=0,p=tab; (unsigned)igetRlen(); outbuf!=p; ) { tok.readInStr(pend,2); - if ((s=bin[(pend[0]<<8)+pend[1]])==(unsigned short)-1) Error::sev(Error::EERROR) << "XPM: unpaletted color" << (Error*)0; + if ((s=bin[(((unsigned char*)pend)[0]<<8)+((unsigned char*)pend)[1]])==(unsigned short)-1) Error::sev(Error::EERROR) << "XPM: unpaletted color" << (Error*)0; *outbuf++=(rgb1=rgb[s])>>16; *outbuf++=rgb1>>8; *outbuf++=rgb1; debian/patches/CVE-2018-7554.patch0000644000000000000000000001441113262164132013246 0ustar From: Markus Koschany Date: Thu, 5 Apr 2018 11:25:44 +0200 Subject: CVE-2018-7554 This is also the fix for CVE-2018-7552. Verified by testing the patch against the reproducer. Bug-Upstream: https://github.com/pts/sam2p/issues/29 Origin: https://github.com/pts/sam2p/commit/118cb8102b767df4100d8a14184e44b33a822861 Origin: https://github.com/pts/sam2p/commit/1e43ec5fe34b009cb43f90a9d562442ca347cd75 Origin: https://github.com/pts/sam2p/commit/beea3bd8dd05a731fddfa447ff0bad19fe32c973 Origin: https://github.com/pts/sam2p/commit/47378716ab03d6b39ee959c949df551c643942f1 --- input-bmp.ci | 57 ++++++++++++++++++++++++++++++++++++--------------------- input-pnm.ci | 4 +++- 2 files changed, 39 insertions(+), 22 deletions(-) diff --git a/input-bmp.ci b/input-bmp.ci index 8aadcfc..64f7947 100644 --- a/input-bmp.ci +++ b/input-bmp.ci @@ -81,7 +81,7 @@ bitmap_type bmp_load_image (at_string filename) FILE *fd; unsigned char buffer[64]; int ColormapSize, Maps=0, Grey; - at_dimen_t rowbytes; + at_dimen_t rowbytes, wd_bpp; unsigned char ColorMap[256][3]; bitmap_type image; @@ -167,6 +167,14 @@ bitmap_type bmp_load_image (at_string filename) else FATALP ("BMP: Error reading BMP file header #4"); + switch (Bitmap_Head.biBitCnt) { + case 32: case 24: case 16: case 8: case 4: case 2: case 1: break; + default: + FATALP ("BMP: Invalid bpp."); + } + + if (Maps != 3 && Maps != 4) FATALP("BMP: Bad color_size."); + /* Valid options 1, 4, 8, 16, 24, 32 */ /* 16 is awful, we should probably shoot whoever invented it */ @@ -191,8 +199,8 @@ bitmap_type bmp_load_image (at_string filename) /* Windows and OS/2 declare filler so that rows are a multiple of * word length (32 bits == 4 bytes) */ - - rowbytes = ((multiply_check(Bitmap_Head.biWidth, Bitmap_Head.biBitCnt) >> 3) + 3) & ~3; + wd_bpp = multiply_check(Bitmap_Head.biWidth, Bitmap_Head.biBitCnt); + rowbytes = ((wd_bpp >> 5) + (wd_bpp & 31 ? 1 : 0)) << 2; #ifdef DEBUG printf("\nSize: %u, Colors: %u, Bits: %u, Width: %u, Height: %u, Comp: %u, Zeile: %u\n", @@ -227,27 +235,31 @@ bitmap_type bmp_load_image (at_string filename) static int ReadColorMap (FILE *fd, - unsigned char buffer[256][3], - int number, - int size, + unsigned char cmap[256][3], + int color_count, + int color_size, /* 3 or 4. */ int *grey) { int i; unsigned char rgb[4]; - *grey=(number>2); - for (i = 0; i < number ; i++) +#ifdef DEBUG + fprintf(stderr, "color_size=%d\n", color_size); +#endif + *grey=(color_count>2); + for (i = 0; i < color_count ; i++) { - if (!ReadOK (fd, rgb, size)) + if (!ReadOK (fd, rgb, color_size)) FATALP ("BMP: Bad colormap"); /* Bitmap save the colors in another order! But change only once! */ - buffer[i][0] = rgb[2]; - buffer[i][1] = rgb[1]; - buffer[i][2] = rgb[0]; + cmap[i][0] = rgb[2]; + cmap[i][1] = rgb[1]; + cmap[i][2] = rgb[0]; *grey = ((*grey) && (rgb[0]==rgb[1]) && (rgb[1]==rgb[2])); } + memset(&cmap[i], 0, (256 - i) * 3); return 0; } @@ -285,6 +297,7 @@ ReadImage (FILE *fd, } XMALLOCT (image, unsigned char*, multiply_check(wdht, channels)); + memset(image, 0, wdht * channels); XMALLOCT (buffer, unsigned char*, rowbytes); rowstride = multiply_check(width, channels); @@ -303,7 +316,7 @@ ReadImage (FILE *fd, *(temp++)= buffer[xpos * 4 + 1]; *(temp++)= buffer[xpos * 4]; } - --ypos; /* next line */ + if (ypos-- == 0) break; /* next line */ } } break; @@ -319,7 +332,7 @@ ReadImage (FILE *fd, *(temp++)= buffer[xpos * 3 + 1]; *(temp++)= buffer[xpos * 3]; } - --ypos; /* next line */ + if (ypos-- == 0) break; /* next line */ } } break; @@ -336,7 +349,7 @@ ReadImage (FILE *fd, *(temp++)= (unsigned char)(((rgb >> 5) & 0x1f) * 8); *(temp++)= (unsigned char)(((rgb) & 0x1f) * 8); } - --ypos; /* next line */ + if (ypos-- == 0) break; /* next line */ } } break; @@ -347,23 +360,25 @@ ReadImage (FILE *fd, { if (compression == 0) { + const int bpp8 = 8 / bpp; + const at_dimen_t rowpad = rowbytes - (width * bpp + 7) / 8; +#ifdef DEBUG + fprintf(stderr, "BMP bpp=%d width=%d height=%d channels=%d malloced=%d rowbytes=%d\n", bpp, width, height, channls, width * height * channels, rowbytes); +#endif while (ReadOK (fd, &v, 1)) { - for (i = 1; (i <= (8 / bpp)) && (xpos < width); i++, xpos++) + for (i = 1; i <= bpp8 && xpos < width; i++, xpos++) { temp = (unsigned char*) (image + (ypos * rowstride) + (xpos * channels)); *temp= (unsigned char)(( v & ( ((1<> (8-(i*bpp))); } if (xpos == width) { - (void) ReadOK (fd, buffer, rowbytes - 1 - - (width * bpp - 1) / 8); - ypos--; + if (!ReadOK (fd, buffer, rowpad)) break; + if (ypos-- == 0) break; /* next line */ xpos = 0; } - if ((int)ypos < 0) - break; } break; } diff --git a/input-pnm.ci b/input-pnm.ci index 23de594..2c07b00 100644 --- a/input-pnm.ci +++ b/input-pnm.ci @@ -236,6 +236,7 @@ bitmap_type pnm_load_image (at_string filename) FATALP ("PNM: is not a valid file"); /* Look up magic number to see what type of PNM this is */ + pnminfo->loader = NULL; for (ctr=0; pnm_types[ctr].name; ctr++) if (buf[1] == pnm_types[ctr].name) { @@ -243,6 +244,7 @@ bitmap_type pnm_load_image (at_string filename) pnminfo->asciibody = pnm_types[ctr].asciibody; pnminfo->maxval = pnm_types[ctr].maxval; pnminfo->loader = pnm_types[ctr].loader; + break; } if (!pnminfo->loader) FATALP ("PNM: file not in a supported format"); @@ -402,7 +404,7 @@ pnm_load_rawpbm (PNMScanner *scan, fd = pnmscanner_fd(scan); /****pts****/ /* rowlen = (unsigned int)ceil((double)(info->xres)/8.0);*/ - rowlen=(info->xres+7)>>3; + rowlen = (info->xres >> 3) + (info->xres & 3 ? 1 : 0); /* buf = (unsigned char *)malloc(rowlen*sizeof(unsigned char)); */ XMALLOCT(buf, unsigned char*, rowlen*sizeof(unsigned char)); debian/patches/CVE-2017-14628.patch0000644000000000000000000000173613262164132013333 0ustar --- in_pcx.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/in_pcx.cpp b/in_pcx.cpp index e65a6b8..592b678 100644 --- a/in_pcx.cpp +++ b/in_pcx.cpp @@ -355,7 +355,7 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) w = pinfo->w; h = pinfo->h; - planes = (int) hdr[PCX_PLANES]; + planes = (unsigned) hdr[PCX_PLANES]; bperlin = hdr[PCX_BPRL] + ((int) hdr[PCX_BPRH]<<8); /* allocate 24-bit image */ @@ -379,6 +379,7 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) if (c == EOF) { MACRO_GETC(fp); break; } } else cnt = 1; + if (cnt > nbytes) FatalError("Repeat count too large."); #if 0 /**** pts ****/ if (c > maxv) maxv = c; @@ -403,6 +404,7 @@ static int pcxLoadImage24 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr) } } } + if (nbytes != 0) pcxError(0, "Image data truncated."); #if 0 /**** pts ****/ debian/patches/05_fix_nostrip.patch0000644000000000000000000000147513262164132014515 0ustar Description: fix DEB_BUILD_OPTIONS=nostrip Author: Stefan Fritsch Last-Update: 2011-11-01 Index: sam2p/Makefile =================================================================== --- sam2p.orig/Makefile 2011-11-01 18:42:54.000000000 +0100 +++ sam2p/Makefile 2011-11-01 18:52:13.878830302 +0100 @@ -17,7 +17,7 @@ export PERL_BADLANG CXXX=$(CXD_assert) -LDALL=$(LDXX) -s $(LDFLAGS) $(LIBS) +LDALL=$(LDXX) $(LDFLAGS) $(LIBS) ifeq ($(ENABLE_DEBUG), no) CXXX=$(CXD_no) endif @@ -51,8 +51,8 @@ IDE_TARGETS_debug := $(patsubst %,%.yes, $(TARGETS)) IDE_TARGETS_release := $(TARGETS) -CXD_assert =$(CXX) -s -O2 -CXD_no =$(CXX) -s -DNDEBUG -O3 +CXD_assert =$(CXX) -g -O2 +CXD_no =$(CXX) -DNDEBUG -O3 # CXD_yes =$(CXX) $(GFLAG) -lefence CXD_yes =$(CXX) $(GFLAG) CXD_checker=checkerg++ $(GFLAG) debian/patches/CVE-2017-14637.patch0000644000000000000000000002750113262164132013331 0ustar --- cols2.pl | 2 +- xpmc.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cols2.pl b/cols2.pl index b1a343a..b6f09cc 100644 --- a/cols2.pl +++ b/cols2.pl @@ -272,7 +272,7 @@ sub hash0($) { push @{$P[$N]}, $_[0]; } -@P=(); +@P=(undef)x1109; for (@L) { hash0($_); } # my $S=""; # die @P; diff --git a/xpmc.h b/xpmc.h index 1960e48..1b965fb 100644 --- a/xpmc.h +++ b/xpmc.h @@ -1,4 +1,4 @@ #define xpmColors_mul 95 #define xpmColors_mod 1109 -unsigned short xpmColors_ofs[]={0,0,0,1,0,0,0,0,0,0,0,0,15,0,43,0,0,0,0,0,0,0,65,0,0,0,84,0,0,0,0,0,96,0,0,0,0,0,0,0,113,0,0,0,0,0,0,0,0,0,0,129,140,151,162,173,199,210,221,232,243,0,254,0,0,0,0,268,0,0,0,0,282,0,0,0,0,0,0,0,0,0,0,0,0,0,0,296,0,310,0,0,0,0,0,0,0,0,0,0,0,0,0,329,0,0,0,0,0,0,0,0,343,352,0,0,0,0,0,0,368,0,0,0,0,0,0,0,0,0,0,0,0,0,382,0,0,0,0,0,0,0,0,0,0,0,391,402,413,424,435,446,457,468,479,490,0,0,0,0,0,0,0,0,0,501,0,516,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,525,0,0,0,0,0,0,540,0,557,0,0,0,568,0,0,576,0,0,0,0,0,0,0,0,0,0,594,0,0,0,0,0,607,0,0,0,0,0,0,0,0,0,0,0,0,0,0,623,634,645,656,667,678,689,700,711,722,0,0,733,0,0,0,743,0,0,0,0,0,0,0,0,0,0,0,0,763,0,0,0,0,771,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,785,0,0,0,794,0,0,0,0,0,0,0,0,806,816,0,0,0,0,833,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,842,853,864,875,886,897,908,919,930,941,0,952,0,0,0,0,0,966,0,0,0,0,0,0,0,0,0,980,0,0,0,0,0,0,989,0,0,1011,0,1026,0,0,0,0,0,0,0,0,0,1041,1056,0,0,1066,0,0,0,0,0,1075,1090,0,1106,0,1120,0,0,0,1134,0,0,0,0,0,1148,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1167,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1180,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1199,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1214,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1228,0,0,0,0,0,0,1241,1255,0,0,0,0,1265,1279,0,0,0,0,0,0,0,0,0,1293,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1312,0,0,0,0,0,0,0,0,0,0,0,0,0,1324,0,1333,0,1345,0,0,0,0,0,0,0,0,0,0,1359,0,0,0,1370,0,0,0,0,1387,1405,0,0,1418,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1436,0,0,0,1450,0,0,0,1461,0,0,0,0,1482,0,1497,0,0,0,0,0,0,0,1511,0,0,0,0,0,0,0,0,0,1527,0,0,0,0,0,0,0,0,0,1541,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1560,1571,1582,1593,1604,1615,1626,1637,1648,1659,0,0,0,0,0,0,0,0,0,0,0,1670,0,0,1685,0,0,0,0,0,1699,0,0,0,0,0,0,0,1710,0,0,0,0,0,0,1721,0,0,0,0,0,0,0,0,0,0,0,1739,1748,0,0,0,0,0,0,1758,0,1776,0,1788,0,0,0,0,0,0,0,0,0,1806,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1831,1857,1868,1879,1890,1901,1912,1923,1934,1945,0,0,0,0,0,0,0,1956,0,0,0,0,0,0,0,0,0,0,0,0,0,1969,0,0,0,0,0,0,0,1979,0,0,0,0,0,0,1994,0,2004,0,0,0,0,0,2015,0,0,0,0,0,0,0,0,0,0,0,0,2033,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2049,0,0,0,0,2067,2078,2089,2100,2111,2122,2133,2144,2155,2166,0,0,0,0,2177,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2190,2209,2225,0,0,0,0,0,0,0,2241,0,2256,0,0,0,0,2267,0,2286,0,2297,0,0,0,0,0,0,0,0,0,0,0,2312,0,0,0,0,0,0,0,0,0,0,0,0,2328,0,0,0,0,0,0,0,0,0,0,2340,0,0,0,2358,0,0,0,2372,2383,2394,2405,2432,2443,2464,2488,2499,2510,2521,2538,0,0,0,0,0,0,0,2558,2568,0,0,0,0,0,0,0,0,0,0,2583,0,0,0,2603,0,0,0,0,0,0,2623,0,0,0,2635,0,2649,0,0,0,2663,2673,2683,2693,2703,2713,2723,2733,2743,2753,0,0,0,0,0,0,2763,2777,0,0,0,0,2790,2809,0,0,0,0,2826,0,2841,2851,0,0,0,0,0,0,0,0,0,0,0,2862,2873,2884,2895,2906,2917,2928,2939,2950,2961,0,2972,0,0,2981,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2994,}; +unsigned short xpmColors_ofs[]={0,0,0,1,0,0,0,0,0,0,0,0,15,0,43,0,0,0,0,0,0,0,65,0,0,0,84,0,0,0,0,0,96,0,0,0,0,0,0,0,113,0,0,0,0,0,0,0,0,0,0,129,140,151,162,173,199,210,221,232,243,0,254,0,0,0,0,268,0,0,0,0,282,0,0,0,0,0,0,0,0,0,0,0,0,0,0,296,0,310,0,0,0,0,0,0,0,0,0,0,0,0,0,329,0,0,0,0,0,0,0,0,343,352,0,0,0,0,0,0,368,0,0,0,0,0,0,0,0,0,0,0,0,0,382,0,0,0,0,0,0,0,0,0,0,0,391,402,413,424,435,446,457,468,479,490,0,0,0,0,0,0,0,0,0,501,0,516,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,525,0,0,0,0,0,0,540,0,557,0,0,0,568,0,0,576,0,0,0,0,0,0,0,0,0,0,594,0,0,0,0,0,607,0,0,0,0,0,0,0,0,0,0,0,0,0,0,623,634,645,656,667,678,689,700,711,722,0,0,733,0,0,0,743,0,0,0,0,0,0,0,0,0,0,0,0,763,0,0,0,0,771,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,785,0,0,0,794,0,0,0,0,0,0,0,0,806,816,0,0,0,0,833,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,842,853,864,875,886,897,908,919,930,941,0,952,0,0,0,0,0,966,0,0,0,0,0,0,0,0,0,980,0,0,0,0,0,0,989,0,0,1011,0,1026,0,0,0,0,0,0,0,0,0,1041,1056,0,0,1066,0,0,0,0,0,1075,1090,0,1106,0,1120,0,0,0,1134,0,0,0,0,0,1148,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1167,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1180,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1199,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1214,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1228,0,0,0,0,0,0,1241,1255,0,0,0,0,1265,1279,0,0,0,0,0,0,0,0,0,1293,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1312,0,0,0,0,0,0,0,0,0,0,0,0,0,1324,0,1333,0,1345,0,0,0,0,0,0,0,0,0,0,1359,0,0,0,1370,0,0,0,0,1387,1405,0,0,1418,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1436,0,0,0,1450,0,0,0,1461,0,0,0,0,1482,0,1497,0,0,0,0,0,0,0,1511,0,0,0,0,0,0,0,0,0,1527,0,0,0,0,0,0,0,0,0,1541,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1560,1571,1582,1593,1604,1615,1626,1637,1648,1659,0,0,0,0,0,0,0,0,0,0,0,1670,0,0,1685,0,0,0,0,0,1699,0,0,0,0,0,0,0,1710,0,0,0,0,0,0,1721,0,0,0,0,0,0,0,0,0,0,0,1739,1748,0,0,0,0,0,0,1758,0,1776,0,1788,0,0,0,0,0,0,0,0,0,1806,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1831,1857,1868,1879,1890,1901,1912,1923,1934,1945,0,0,0,0,0,0,0,1956,0,0,0,0,0,0,0,0,0,0,0,0,0,1969,0,0,0,0,0,0,0,1979,0,0,0,0,0,0,1994,0,2004,0,0,0,0,0,2015,0,0,0,0,0,0,0,0,0,0,0,0,2033,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2049,0,0,0,0,2067,2078,2089,2100,2111,2122,2133,2144,2155,2166,0,0,0,0,2177,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2190,2209,2225,0,0,0,0,0,0,0,2241,0,2256,0,0,0,0,2267,0,2286,0,2297,0,0,0,0,0,0,0,0,0,0,0,2312,0,0,0,0,0,0,0,0,0,0,0,0,2328,0,0,0,0,0,0,0,0,0,0,2340,0,0,0,2358,0,0,0,2372,2383,2394,2405,2432,2443,2464,2488,2499,2510,2521,2538,0,0,0,0,0,0,0,2558,2568,0,0,0,0,0,0,0,0,0,0,2583,0,0,0,2603,0,0,0,0,0,0,2623,0,0,0,2635,0,2649,0,0,0,2663,2673,2683,2693,2703,2713,2723,2733,2743,2753,0,0,0,0,0,0,2763,2777,0,0,0,0,2790,2809,0,0,0,0,2826,0,2841,2851,0,0,0,0,0,0,0,0,0,0,0,2862,2873,2884,2895,2906,2917,2928,2939,2950,2961,0,2972,0,0,2981,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2994,0,0,0,0,0,0,0,0,0,0,0,}; char xpmColors_dat[]="\000LawnGreen\000|\374\000\000SlateGray\000p\200\220WhiteSmoke\000\365\365\365\000MediumForestGreen\000""2\201K\000LightSlateGray\000w\210\231\000Magenta\000\377\000\377\000DarkSeaGreen\000\217\274\217\000ForestGreen\000P\237i\000Gray60\000\231\231\231\000Gray61\000\234\234\234\000Gray62\000\236\236\236\000Gray63\000\241\241\241\000GreenYellow\000\255\377/Gray64\000\243\243\243\000Gray65\000\246\246\246\000Gray66\000\250\250\250\000Gray67\000\253\253\253\000Gray68\000\255\255\255\000Gray69\000\260\260\260\000PaleGreen\000s\336x\000chocolate\000\322i\036\000DarkKhaki\000\275\267k\000PeachPuff\000\377\332\271\000DarkOliveGreen\000UV/\000LightCyan\000\340\377\377\000Blue\000\000\000\377\000NavajoWhite\000\377\336\255\000AliceBlue\000\360\370\377\000Gold\000\332\252\000\000Gray70\000\263\263\263\000Gray71\000\265\265\265\000Gray72\000\270\270\270\000Gray73\000\272\272\272\000Gray74\000\275\275\275\000Gray75\000\277\277\277\000Gray76\000\302\302\302\000Gray77\000\304\304\304\000Gray78\000\307\307\307\000Gray79\000\311\311\311\000GhostWhite\000\370\370\377\000peru\000\315\205?\000DarkSalmon\000\351\226z\000MidnightBlue\000//d\000Salmon\000\351\226z\000Tan\000\336\270\207\000DarkSlateGray\000/OO\000moccasin\000\377\344\265\000LightYellow\000\377\377\340\000Gray80\000\314\314\314\000Gray81\000\317\317\317\000Gray82\000\321\321\321\000Gray83\000\324\324\324\000Gray84\000\326\326\326\000Gray85\000\331\331\331\000Gray86\000\333\333\333\000Gray87\000\336\336\336\000Gray88\000\340\340\340\000Gray89\000\343\343\343\000Azure\000\360\377\377\000MediumSlateBlue\000jj\215\000Red\000\377\000\000\000VioletRed\000\363>\226\000Plum\000\305H\233\000SkyBlue\000r\237\377\000linen\000\372\360\346\000AntiqueWhite\000\372\353\327\000Navy\000##u\000Gray90\000\345\345\345\000Gray91\000\350\350\350\000Gray92\000\353\353\353\000Gray93\000\355\355\355\000Gray94\000\360\360\360\000Gray95\000\362\362\362\000Gray96\000\365\365\365\000Gray97\000\367\367\367\000Gray98\000\372\372\372\000Gray99\000\374\374\374\000OliveDrab\000k\216#\000LightBlue\000\260\342\377\000None\000\003\002\001\000MediumSpringGreen\000#\216#\000BlueViolet\000\212+\342\000MediumBlue\000""22\314\000PapayaWhip\000\377\357\325\000Brown\000\245**\000Pink\000\377\265\305\000chartreuse\000\177\377\000\000SpringGreen\000A\254A\000RoyalBlue\000Ai\341\000Goldenrod\000\357\337\204\000Turquoise\000\031\314\337\000LightGoldenrod\000\356\335\202\000NavyBlue\000##u\000MediumSeaGreen\000""4wf\000PowderBlue\000\260\340\346\000LimeGreen\000\000\257\024\000honeydew\000\360\377\360\000LightPink\000\377\266\301\000ivory\000\377\377\360\000OrangeRed\000\377E\000\000SteelBlue\000Tp\252\000LightSteelBlue\000|\230\323\000Gray100\000\377\377\377\000Gray\000~~~\000DimGray\000TTT\000gainsboro\000\334\334\334\000tomato\000\377cG\000LemonChiffon\000\377\372\315\000DarkGoldenrod\000\270\206\013\000SeaGreen\000R\225\204\000DarkTurquoise\000\000\246\246\000Firebrick\000\216##\000Yellow\000\377\377\000\000MediumAquamarine\000\000\223\217\000DodgerBlue\000\036\220\377\000CadetBlue\000_\222\236\000YellowGreen\000""2\330""8\000SlateBlue\000~\210\253\000LightSlateBlue\000\204p\377\000Gray10\000\032\032\032\000Gray11\000\034\034\034\000Gray12\000\037\037\037\000Gray13\000!!!\000Gray14\000$$$\000Gray15\000&&&\000Gray16\000)))\000Gray17\000+++\000Gray18\000...\000Gray19\000""000\000DarkOrange\000\377\214\000\000LightGray\000\250\250\250\000Orange\000\377\207\000\000Sienna\000\226R-\000PaleVioletRed\000\333p\223\000snow\000\377\372\372\000Coral\000\377rV\000PaleGoldenrod\000\356\350\252\000OldLace\000\375\365\346\000PaleTurquoise\000\257\356\356\000LightGoldenrodYellow\000\372\372\322\000DeepSkyBlue\000\000\277\377Gray20\000""333\000Gray21\000""666\000Gray22\000""888\000Gray23\000;;;\000Gray24\000===\000Gray25\000@@@\000Gray26\000BBB\000Gray27\000EEE\000Gray28\000GGG\000Gray29\000JJJ\000seashell\000\377\365\356\000Black\000\000\000\000\000DarkViolet\000\224\000\323\000Wheat\000\365\336\263\000Violet\000\234>\316\000LightSeaGreen\000\040\262\252\000FloralWhite\000\377\372\360\000LavenderBlush\000\377\360\365\000Gray30\000MMM\000Gray31\000OOO\000Gray32\000RRR\000Gray33\000TTT\000Gray34\000WWW\000Gray35\000YYY\000Gray36\000\\\\\\\000Gray37\000^^^\000Gray38\000aaa\000Gray39\000ccc\000DeepPink\000\377\024\223\000Green\000\000\377\000White\000\377\377\377\000LightSalmon\000\377\240z\000Transparent\000\000\000\001\000DarkOrchid\000\213\040\213\000purple\000\240\040\360\000BlanchedAlmond\000\377\353\315\000Orchid\000\357\204\357\000LightCoral\000\360\200\200\000SaddleBrown\000\213E\023\000Thistle\000\330\277\330\000DarkSlateBlue\000""8Kf\000burlywood\000\336\270\207\000Gray40\000fff\000Gray41\000iii\000Gray42\000kkk\000MediumPurple\000\223p\333Gray43\000nnn\000Gray44\000ppp\000Maroon\000\217\000RGray45\000sss\000IndianRed\000k99Gray46\000uuu\000Gray47\000xxx\000Gray48\000zzz\000Gray49\000}}}\000MediumOrchid\000\275R\275\000MediumVioletRed\000\325\040y\000Khaki\000\263\263~\000SandyBrown\000\364\244`\000MediumGoldenrod\000\321\301f\000MediumTurquoise\000\000\322\322\000HotPink\000\377i\264\000MistyRose\000\377\344\341\000MintCream\000\365\377\372\000Gray0\000\000\000\000\000Gray1\000\003\003\003\000Gray2\000\005\005\005\000Gray3\000\010\010\010\000Gray4\000\012\012\012\000Gray5\000\015\015\015\000Gray6\000\017\017\017\000Gray7\000\022\022\022\000Gray8\000\024\024\024\000Gray9\000\027\027\027\000RosyBrown\000\274\217\217\000cornsilk\000\377\370\334\000CornflowerBlue\000\"\"\230\000LightSkyBlue\000\207\316\372\000Aquamarine\000""2\277\301\000Beige\000\365\365\334\000Bisque\000\377\344\304\000Gray50\000\177\177\177\000Gray51\000\202\202\202\000Gray52\000\205\205\205\000Gray53\000\207\207\207\000Gray54\000\212\212\212\000Gray55\000\214\214\214\000Gray56\000\217\217\217\000Gray57\000\221\221\221\000Gray58\000\224\224\224\000Gray59\000\226\226\226\000Cyan\000\000\377\377\000lavender\000\346\346\372\000DarkGreen\000\000V-"; debian/patches/CVE-2017-16663.patch0000644000000000000000000000776613262164132013345 0ustar From: Markus Koschany Date: Wed, 22 Nov 2017 22:04:59 +0100 Subject: CVE-2017-16663 Bug-Upstream: https://github.com/pts/sam2p/issues/16 Origin: https://github.com/pts/sam2p/commit/b3dd8209cc98673d682e82971bf822568f8efa27 --- input-bmp.ci | 45 +++++++++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 18 deletions(-) diff --git a/input-bmp.ci b/input-bmp.ci index 9834f05..8aadcfc 100644 --- a/input-bmp.ci +++ b/input-bmp.ci @@ -48,6 +48,14 @@ struct Bitmap_Head_Struct /* 36 */ } Bitmap_Head; +static at_dimen_t multiply_check(at_dimen_t a, at_dimen_t b) { + const at_dimen_t result = a * b; + /* Check for overflow. Works only if everything is unsigned. */ + if (result / a != b) FATALP("BMP: Image too large."); + return result; +} + + static long ToL (unsigned char *); static short ToS (unsigned char *); static int ReadColorMap (FILE *, @@ -56,12 +64,12 @@ static int ReadColorMap (FILE *, int, int *); static unsigned char *ReadImage (FILE *, - int, - int, + at_dimen_t, + at_dimen_t, unsigned char[256][3], int, int, - int, + at_dimen_t, int); #if PTS_SAM2P @@ -72,7 +80,8 @@ bitmap_type bmp_load_image (at_string filename) { FILE *fd; unsigned char buffer[64]; - int ColormapSize, rowbytes, Maps=0, Grey; + int ColormapSize, Maps=0, Grey; + at_dimen_t rowbytes; unsigned char ColorMap[256][3]; bitmap_type image; @@ -183,7 +192,7 @@ bitmap_type bmp_load_image (at_string filename) * word length (32 bits == 4 bytes) */ - rowbytes= ( (Bitmap_Head.biWidth * Bitmap_Head.biBitCnt - 1) / 32) * 4 + 4; + rowbytes = ((multiply_check(Bitmap_Head.biWidth, Bitmap_Head.biBitCnt) >> 3) + 3) & ~3; #ifdef DEBUG printf("\nSize: %u, Colors: %u, Bits: %u, Width: %u, Height: %u, Comp: %u, Zeile: %u\n", @@ -244,40 +253,40 @@ ReadColorMap (FILE *fd, static unsigned char* ReadImage (FILE *fd, - int width, - int height, + at_dimen_t width, + at_dimen_t height, unsigned char cmap[256][3], int bpp, int compression, - int rowbytes, + at_dimen_t rowbytes, int grey) { unsigned char v,howmuch; - int xpos = 0, ypos = 0; + unsigned xpos = 0, ypos = 0; unsigned char *image; unsigned char *temp, *buffer; - long rowstride, channels; + unsigned char channels; unsigned short rgb; + const at_dimen_t wdht = multiply_check(width, height); + at_dimen_t rowstride; int i, j; if (bpp >= 16) /* color image */ { - XMALLOCT (image, unsigned char*, width * height * 3 * sizeof (unsigned char)); channels = 3; } else if (grey) /* grey image */ { - XMALLOCT (image, unsigned char*, width * height * 1 * sizeof (unsigned char)); channels = 1; } else /* indexed image */ { - XMALLOCT (image, unsigned char*, width * height * 1 * sizeof (unsigned char)); channels = 1; } - XMALLOCT (buffer, unsigned char*, rowbytes); - rowstride = width * channels; + XMALLOCT (image, unsigned char*, multiply_check(wdht, channels)); + XMALLOCT (buffer, unsigned char*, rowbytes); + rowstride = multiply_check(width, channels); ypos = height - 1; /* Bitmaps begin in the lower left corner */ @@ -353,14 +362,14 @@ ReadImage (FILE *fd, xpos = 0; } - if (ypos < 0) + if ((int)ypos < 0) break; } break; } else { - while (ypos >= 0 && xpos <= width) + while ((int)ypos >= 0 && xpos <= width) { (void) ReadOK (fd, buffer, 2); if ((unsigned char) buffer[0] != 0) @@ -440,7 +449,7 @@ ReadImage (FILE *fd, unsigned char *temp2, *temp3; unsigned char index; temp2 = temp = image; - XMALLOCT (image, unsigned char*, width * height * 3 * sizeof (unsigned char)); + XMALLOCT (image, unsigned char*, multiply_check(wdht, 3)); temp3 = image; for (ypos = 0; ypos < height; ypos++) { debian/patches/CVE-2018-7553.patch0000644000000000000000000000463713262164132013256 0ustar From: Markus Koschany Date: Wed, 4 Apr 2018 23:01:09 +0200 Subject: CVE-2018-7553 Bug-Upstream: https://github.com/pts/sam2p/issues/32 Origin: https://github.com/pts/sam2p/commit/2ca32ec848fd97074367bc26b239fa25bbf0e720 --- in_pcx.cpp | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/in_pcx.cpp b/in_pcx.cpp index e8e1ce1..456c150 100644 --- a/in_pcx.cpp +++ b/in_pcx.cpp @@ -109,6 +109,12 @@ static void pcxLoadRaster PARM((FILE *, byte *, int, byte *, dimen, dimen)); static int pcxError PARM((char *, char *)); #endif +static slen_t add_check(PCX_SIZE_T a, PCX_SIZE_T b) { + /* Check for overflow. Works only if everything is unsigned. */ + if (b > (PCX_SIZE_T)-1 - a) FatalError("Image too large."); + return a + b; +} + static PCX_SIZE_T multiply_check(PCX_SIZE_T a, PCX_SIZE_T b) { const PCX_SIZE_T result = a * b; /* Check for overflow. Works only if everything is unsigned. */ @@ -327,7 +333,8 @@ static int pcxLoadImage8 ___((char *fname, FILE *fp, PICINFO *pinfo, byte *hdr), byte *image; - image = (byte *) malloc_byte(multiply_check(pinfo->h, pinfo->w)); + /* Adding 7 bytes as a sentinel for depth == 1 in pcxLoadRaster. */ + image = (byte *) malloc_byte(add_check(multiply_check(pinfo->h, pinfo->w), 7)); if (!image) FatalError("Can't alloc 'image' in pcxLoadImage8()"); xvbzero((char *) image, multiply_check(pinfo->h, pinfo->w)); @@ -449,14 +456,17 @@ static void pcxLoadRaster ___((FILE *fp, byte *image, int depth, byte *hdr, dime { /* was supported: 8 bits per pixel, 1 plane, or 1 bit per pixel, 1-8 planes */ - unsigned row, bcnt, bperlin, pad, cnt, pmask, i, pleft; + unsigned row, cnt, pmask, pleft; + PCX_SIZE_T bperlin, pad, bcnt; int b; byte *oldimage; bperlin = hdr[PCX_BPRL] + ((dimen) hdr[PCX_BPRH]<<8); - pad = (depth == 1) ? bperlin * 8 : bperlin; - if (pad < w) FatalError("pad too small"); + pad = multiply_check(bperlin, 8 / depth); + if (pad < w) FatalError("bperlin too small"); pad -= w; + /* image (including sentinel) isn't large enough for bperlin. */ + if (pad > 7) FatalError("bperlin too large"); row = bcnt = 0; @@ -471,7 +481,7 @@ static void pcxLoadRaster ___((FILE *fp, byte *image, int depth, byte *hdr, dime } else cnt = 1; - for (i=0; i 0) { switch (depth) { case 1: *image++|=(b&0x80)?pmask:0; debian/control0000644000000000000000000000140213262164132010566 0ustar Source: sam2p Section: graphics Priority: optional Maintainer: Tanguy Ortolo Build-Depends: debhelper (>= 9~), perl, docbook-xsl-ns, xsltproc Homepage: http://code.google.com/p/sam2p/ Standards-Version: 3.9.5 Vcs-Git: git://anonscm.debian.org/collab-maint/sam2p.git/ Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/sam2p.git Package: sam2p Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Recommends: netpbm, libjpeg-progs Description: convert raster images to EPS, PDF, and other formats sam2p is a command line utility that converts many raster (bitmap) image formats like GIF, JPG/JPEG, and PNG into PostScript or PDF files. PS or EPS files created by sam2p are usually not much larger than the source file. debian/source/0000755000000000000000000000000013262164132010466 5ustar debian/source/format0000644000000000000000000000001413262164132011674 0ustar 3.0 (quilt) debian/clean0000644000000000000000000000015713262164132010176 0ustar debian/sam2p_pdf_scale.1 Makedep bts1.ttt bts2.ttt l1g8l.pst l1g8z.pst l1gbl.pst l1gbz.pst l1ghl.pst l1ghz.pst debian/copyright0000644000000000000000000000671213262164132011127 0ustar Format: http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?revision=202&view=co Upstream-Name: sam2p Upstream-Contact: Szabó Péter Source: http://code.google.com/p/sam2p/downloads/list Files: * Copyright: 2002-2004 Szabó Péter License: GPL-2+ Files: cgif.* Copyright: 1989-1996 Gershon Elber 1997 Eric S. Raymond License: MIT Files: pts_defl.* Copyright: 1995-1996 Jean-loup Gailly and Mark Adler License: Zlib Files: pts_fax.* Copyright: 1993-1999 Aladdin Enterprises License: GPL-2+ Files: pts_lzw.* Copyright: 1985-1986 The Regents of the University of California 1988-1997 Sam Leffler 1991-1997 Silicon Graphics License: GPL-2+ Files: debian/* Copyright: 2005-2011 Stefan Fritsch 2011 Tanguy Ortolo License: GPL-2+ License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 dated June, 1991. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this package; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. . On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. License: Zlib This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. . Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: . 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. debian/sam2p_pdf_scale.1.xml0000644000000000000000000001153413262164132013075 0ustar .
will be generated. You may view the manual page with: man -l .
'. A typical entry in a Makefile or Makefile.am is: DB2MAN = /usr/share/xml/docbook/stylesheet/docbook-xsl-ns/manpages/docbook.xsl XP = xsltproc sam2p_pdf_scale.1: sam2p_pdf_scale.1.xml $(XP) $(DB2MAN) $< The xsltproc binary is found in the xsltproc package. The XSL files are in docbook-xsl-ns. A description of the parameters you can use can be found in the docbook-xsl-doc-* packages. Validation can be done using: `xmllint -''-noout -''-valid manpage.xml` General documentation about man-pages and man-page-formatting: man(1), man(7), http://www.tldp.org/HOWTO/Man-Page/ --> ]>
User commands &program; &authorfirstname;&authorsurname; Wrote this manpage for the Debian system.
&authoremail;
 2011 &authorfullname; This manual page was written for the Debian system (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or (at your option) any later version published by the Free Software Foundation. On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2. &upcommand; &mansection; &command; scale a PDF file from sam2p to a given page size &command; page_width page_height input.pdf output.pdf DESCRIPTION This manual page documents briefly the &command; command. It was written for the Debian distribution because the original program does not have a manual page. &command; reads a PDF file and scales it so that it fits into the given page size, adding margins when needed to keep its aspect ratio. OPTIONS page_width Page width, in points (1pt = 1/72in). page_height Page height, in points. input.pdf Input file. output.pdf Output file. By default, the input file is replaced. BUGS The upstreams BTS can be found at http://code.google.com/p/sam2p/issues.
debian/watch0000644000000000000000000000021113262164132010211 0ustar version=3 opts=dversionmangle=s/-\d+$// http://code.google.com/p/sam2p/downloads/list //sam2p.googlecode.com/files/sam2p-([\d.]+).tar.gz debian/sam2p.10000644000000000000000000001215413262164132010275 0ustar .\" Hey, EMACS: -*- nroff -*- .\" First parameter, NAME, should be all caps .\" Second parameter, SECTION, should be 1-8, maybe w/ subsection .\" other parameters are allowed: see man(7), man(1) .TH SAM2P 1 "January 23, 2005" .\" Please adjust this date whenever revising the manpage. .\" .\" Some roff macros, for reference: .\" .nh disable hyphenation .\" .hy enable hyphenation .\" .ad l left justify .\" .ad b justify to both left and right margins .\" .nf disable filling .\" .fi enable filling .\" .br insert line break .\" .sp insert n+1 empty lines .\" for manpage-specific macros, see man(7) .SH NAME sam2p \- program to convert raster images to PostScript, PDF, and other formats .SH SYNOPSIS .B sam2p .RI [ options ] " infile" " outfile" .br .B sam2p .RI [ options ] " jobfile" .SH DESCRIPTION This manual page documents briefly the .B sam2p command. It was written for the Debian distribution because the original program does not have a manual page. The complete documentation can be found in .B /usr/share/doc/sam2p/README.gz .PP .\" TeX users may be more comfortable with the \fB\fP and .\" \fI\fP escape sequences to invoke bold face and italics, .\" respectively. \fBsam2p\fP is a program that converts many raster (bitmap) image formats into Adobe PostScript or PDF files and several other formats. The images are not vectorized. .B sam2p gives full control to the user to specify standards-compliance, compression, and bit depths. .PP \fBsam2p\fP can operate in two modes: one-liner mode and job mode. In job mode the user has to write a ``job'' file which specifies the conversion parameters and allows full control of all aspects of the final output. This manpage deals only with one-liner mode, see .B /usr/share/doc/sam2p/README.gz for details on job mode. .SH EXAMPLES To convert an image file to EPS, use: sam2p infile.gif outfile.eps The output format is guessed from the file extension. Optionally, the output format also can be specified as option or as prefix to the output file. For example, the following commands produce postscript level 3: sam2p infile.gif psl3:outfile.ps sam2p \-ps:3 infile.gif outfile.ps .B sam2p can include its own (zip and lzw) decompression filter in Postscript files, allowing better compression than normally supported by Postscript level 1: sam2p \-1 \-c:zip infile.gif outfile.ps sam2p \-1 \-c:lzw infile.gif outfile.ps .SH OPTIONS .TP .B \-1, \-ps:1, psl1: produce Postscript Level 1 .TP .B \-1c, \-ps:1c, pslc: produce Postscript Level 1 with the CMYK and `colorimage' extension .TP .B \-2, \-ps:2, psl2: produce Postscript Level 2 (default for postscript) .TP .B \-3, \-ps:3, psl3: produce Postscript Level 3 .TP .B \-pdf:b0, pdfb1.0: produce PDF version 1.0 (BI inline image) .TP .B \-pdf:b2, pdfb1.2: produce PDF version 1.2 (BI inline image) (default for PDF) .TP .B \-pdf:0, pdf1.0: produce PDF version 1.0 (XObject image) .TP .B \-pdf:2, pdf1.2: produce PDF version 1.2 (XObject image) .sp 1 .TP .B \-e:0, \-e:none don't scale .TP .B \-e, \-e:1, \-e:scale scale image to fit page .TP .B \-e:rot, \-e:rotate scale and rotate image to fit page (default if output filename has .ps extension) .sp 1 .TP .B \-m:\fIdimen\fP set all page margins to \fIdimen\fP .br \fIdimen\fP can have one of the following units (as in TeX): bp, in, pt, pc, dd, cc, sp, cm, mm .TP .B \-m:\fIspec\fP:\fIdimen\fP set \fIspec\fP margin(s) to \fIdimen\fP (\fIspec\fP can be \fBl\fP, \fBr\fP, \fBt\fP, \fBb\fP, \fBv\fP (top and bottom), \fBh\fP (left and right)) .TP .B \-m:dpi:\fIres\fP set output EPS or PDF to resolution 72*72/\fIres\fP dpi .sp 1 .TP .B \-m:dpi:-\fIres\fP set output EPS or PDF to resolution \fIres\fP dpi .sp 1 .TP .B \-c:none, \-c:lzw, \-c:zip, \-c:rle, \-c:fax, \-c:dct, \-c:jpeg select compression type (support depends on output format) .sp 1 .TP .B \-j:quiet print only error and fatal error messages, suppress warnings, notices etc. Must be put at the beginning of the command line to suppress initial banners, too. .sp 1 .TP .B \-\- If not the last argument: treat all further arguments as files (required if a filename contains a colon or starts with a minus) .br If the last argument: use input filename as output filename (i.e. overwrite input file). .SH SUPPORTED FILE FORMATS .TP .B Input formats: PNM, PBM, PGM, PPM, XPM, GIF, LBM, TGA, PCX, .br JPEG (requires djpeg from package libjpeg-progs), .br TIFF (requires tifftopnm from package netpbm), .br PNG (requires pngtopnm from package netpbm), .br PS, EPS, PDF (require ghostscript) .TP .B Output formats: XWD, BMP, PNG, TIFF6, JPEG, PNM, GIF89a, XPM, PS (levels 1,2,3), EPS (levels 2,3), PDF (1.0 and 1.2) .sp 2 For some formats, .B sam2p supports transparency. See the README file for more info. .SH SEE ALSO The program is documented fully in .B /usr/share/doc/sam2p/README.gz .SH AUTHOR sam2p was written by Szab\['o] P\['e]ter . .PP This manual page was written by Stefan Fritsch , for the Debian project (but may be used by others under the terms of the GNU General Public License, Version 2). debian/changelog.upstream0000644000000000000000000001716413262164132012710 0ustar sam2p (0.49.1) lucid; urgency=low * Fixed GCC 4.6 incompatibilities in ccdep.pl (the dependency generator of the build system). -- Peter Szabo Wed, 14 Dec 2011 17:44:47 +0100 sam2p (0.49-2) karmic; urgency=low * Fixed error reporting at cleanup time. * Fixed file closing for temporary file removal on Windows. -- Peter Szabo Thu, 30 Jun 2011 01:24:59 +0200 sam2p (0.49-1) karmic; urgency=low * Fixed version reporting in `sam2p --version'. -- Peter Szabo Wed, 29 Jun 2011 19:17:45 +0200 sam2p (0.48-1) karmic; urgency=low * Added sam2p_pdf_scale.pl to the files list. * Added examples/sam2p.spec for Fedora. -- Peter Szabo Tue, 22 Mar 2011 19:23:07 +0100 sam2p (0.47-1) unstable; urgency=low * Fixed some bugs. * Added some missing example files. * Clarified the documentation a bit. -- Szab Pter Sun, 8 Aug 2009 01:50:53 +0200 sam2p (0.46-2) unstable; urgency=low * image.cpp: added sortPal(), so now sam2p converts source images to canonical form. * encoder.cpp, sam2p_main.cpp: Fixed predictor autodetection ultimately. * Small compliation and documentation improvements. -- Szab Pter Sun, 5 Apr 2009 01:50:53 +0200 sam2p (0.46-1) unstable; urgency=low * Small bugfixes. * encoder.cpp: Fixed ``/Predictor 15'' so it produces an efficient predictor, similar to what libpng does. * sam2p_main.cpp: Made ``/Predictor 15'' automatic for ZIP or LZW compression if no `-c' command line flag was specified. -- Szab Pter Sun, 5 Apr 2009 01:50:53 +0200 sam2p (0.45-3) unstable; urgency=low * in_ps.c: improved PostScript EPS load support, forcing `showpage'. -- Szab Pter Thu, 10 Aug 2006 13:07:47 +0200 sam2p (0.45-2) unstable; urgency=low * cgif.c is indicated to be free software. -- Szab Pter Sun, 2 Jul 2006 23:04:21 +0200 sam2p (0.45-1) unstable; urgency=low * Small docs changes. * Little bugfixes. -- Szab Pter Sun, 2 Jul 2006 17:19:29 +0200 sam2p (0.44-14) unstable; urgency=low * assertion BUGFIX in image.cpp:1480 Image::SampledInfo::setSampleFormat() -- Szabo Peter Thu, 6 Apr 2006 15:13:11 +0200 sam2p (0.44-13) unstable; urgency=low * Added -j:quiet * No >/dev/null on png22pnm and tif22pnm -- Szab Pter Fri, 26 Aug 2005 08:29:56 +0200 sam2p (0.44-12) unstable; urgency=low * Fixed non-(0,0)-based EPS loading by putting `translate' after `setpagedevice' in in_ps.cpp -- Szab Pter Fri, 12 Aug 2005 23:13:38 +0200 sam2p (0.44-11) unstable; urgency=low * %%BeginData:; hack for GSView, as reported by Zoltn Petres -- Szab Pter Tue, 17 May 2005 14:39:20 +0200 sam2p (0.44-10) unstable; urgency=low * encoder.cpp slen_t -> int fixes for 64-bit. Thanks to Stefan Fritsch. -- Szab Pter Thu, 14 Apr 2005 09:23:01 +0200 sam2p (0.44-9) unstable; urgency=low * 64-bit fix (slen_t and slendiff_t), in reply to the report by Stefan Fritsch. -- Szab Pter Tue, 12 Apr 2005 20:51:40 +0200 sam2p (0.44-8) unstable; urgency=low * Added /ImageDPI and -m:dpi:, see README. * Fixed a couple of bugs. -- Szab Pter Mon, 21 Feb 2005 23:53:51 +0100 sam2p (0.44-7) unstable; urgency=low * Updated copyright of pts_fax.c * Updated copyright of cgif.c * BUGFIX of JPEG -> EPS `delete tp' buf in appliers.cpp -- Szab Pter Thu, 20 Jan 2005 15:11:23 +0100 sam2p (0.44-6) unstable; urgency=low * Re-ripped pts_defl.c from linux-2.6.8.1 (ZLIB 1.1.3), formerly it was Info-ZIP 2.2 * BUGFIX in image.cpp * Documentation fixes -- Szab Pter Tue, 18 Jan 2005 17:04:28 +0100 sam2p (0.44-5) unstable; urgency=low * Added -pdf:x (generate PDF with /XObject{}s). * Changed PDF output so elements of /Kids are indirect references (see the PDF Reference 1.5 for details). * Added option: -transparent "#abcdef" -- Szab Pter Sat, 8 Jan 2005 12:29:10 +0100 sam2p (0.44-4) unstable; urgency=low * Some glitches of g++-3.4 avoided. Now sam2p compiles fine. * -l:gs=-r216 support for PDF. -- Szab Pter Thu, 6 Jan 2005 10:59:50 +0100 sam2p (0.44-3) unstable; urgency=low * minor fixes, documentation addons -- Szab Pter Tue, 1 Jun 2004 18:50:15 +0200 sam2p (0.44-2) unstable; urgency=low * Added answers to FAQ in README. -- Szab Pter Fri, 5 Mar 2004 19:54:44 +0100 sam2p (0.44-1) unstable; urgency=low * bugfixes * PDF, PS and EPS import * compressed bts2.ttt, so target sam2p is smaller (ps_tiny --copy) * printf("%.16g") in configure -- Szab Pter Wed, 1 Oct 2003 19:49:32 +0200 sam2p (0.43-4) unstable; urgency=low * Allow to read stdin from a pipe * Recognize SOF2 (progressive) JPEG and other non-baseline types * Fixed SimBuffer::Flat::copyRange -- Szab Pter Tue, 11 Mar 2003 14:10:37 +0100 sam2p (0.43-3) unstable; urgency=low * Merged with CVS, created Debian source packages. -- Szab Pter Wed, 12 Feb 2003 20:51:58 +0100 sam2p (0.43-2) unstable; urgency=low * Added proper Description:, Depends: and Build-Depends: to debian/changelog, modified the Makefile to respect $(DESTDIR) etc. -- Szab Pter Fri, 7 Feb 2003 14:16:56 +0100 sam2p (0.43-1) unstable; urgency=low * Initial Debian release. * PDF generation bugfixes * PDF /MediaBox is output into a separate line near the beginning of file (graphicP compatibility) sam2p (0.41) unstable; urgency=low * vcsam2p.exe (graphic .exe with Visual Studio 6.0), merged * added Below feature -m:lower:5 * png22pnm support * Debian Slink pdfTeX integration -- Szab Pter Wed, 5 Feb 2003 18:40:12 +0100 sam2p (0.41) unstable; urgency=low * All earlier versions listed here: * 0.29 Apr 4 2002 sam2p_article.tex preliminary version * 0.30 Sat Apr 6 09:19:23 CEST 2002 * 0.31 -- Fri Apr 12 23:54:57 CEST 2002 not working TCL/TK GUI, sam2p_article corrected * 0.32 Sat Apr 13 12:55:09 CEST 2002 -- PCX input, class Encoder, class Decoder * 0.33 JPEG, TIFF, PNG input. JPEG output. * 0.34 PDF output, PNG output. * 0.35 Fri Apr 26 08:28:41 CEST 2002 transparency, gui, sam2p_talk, EuroBachoTeX 2002 * 0.36 Sat May 26 14:06:09 CEST 2002 Blanca bugfixes * 0.37 Sat Jun 1 14:06:43 CEST 2002 ccdep.pl, --enable-debug, XPM output, opaque TIFF output, more PS output, BMP output, transparent PNM output, one-liner mode, XWD output, PS output with margins, autoconf consts, built-in CCITTFaxEncode * 0.38 Tue Sep 3 20:16:59 CEST 2002 Many portability bugfixes. Now more versions of GNU C++ compilers and more achitectures are tested and supported. gcc-3.1 or gcc-3.2 compliance (AC_C_CONST working const; with autoconf 2.53) * 0.39 -j:warn, allow /OutputFile(-) (stdout) in one-liner mode, one-liner mode with src == dst filename `--', EPS margins, PDF margins, -m, scaling PS output command line, PSL1 Gray ZIP&LZW in all TransferEncodings * 0.40 Wed Dec 11 19:24:31 CET 2002 builds out-of-the box (./configure ...; make -> sam2p.exe) on Win32 with MinGW32 + Perl * 0.41 GIF and XPM load bugfixes synchronized to GIMP tif22pnm transparent(+?) TIFF output, really better tif22pnm support -- Szab Pter Wed, 5 Feb 2003 11:40:12 +0100 Local variables: mode: debian-changelog End: debian/examples0000644000000000000000000000001313262164132010721 0ustar examples/* debian/docs0000644000000000000000000000000713262164132010036 0ustar README