Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP5:GA
libcaca
libcaca-bsc1182731-prevent-overflow.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libcaca-bsc1182731-prevent-overflow.patch of Package libcaca
Index: libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/canvas.c =================================================================== --- libcaca-da28e9684ef445ac8d42745644336b8a75c01855.orig/caca/canvas.c +++ libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/canvas.c @@ -45,6 +45,7 @@ static int caca_resize(caca_canvas_t *, * * If an error occurs, NULL is returned and \b errno is set accordingly: * - \c EINVAL Specified width or height is invalid. + * - \c EOVERFLOW Specified width and height overflowed * - \c ENOMEM Not enough memory for the requested canvas size. * * \param width The desired canvas width @@ -200,6 +201,7 @@ int caca_unmanage_canvas(caca_canvas_t * * * If an error occurs, -1 is returned and \b errno is set accordingly: * - \c EINVAL Specified width or height is invalid. + * - \c EOVERFLOW Specified width and height overflowed. * - \c EBUSY The canvas is in use by a display driver and cannot be resized. * - \c ENOMEM Not enough memory for the requested canvas size. If this * happens, the canvas handle becomes invalid and should not be used. @@ -365,6 +367,14 @@ int caca_resize(caca_canvas_t *cv, int w { int x, y, f, old_width, old_height, new_size, old_size; + /* Check for overflow */ + new_size = width * height; + if (new_size < 0 || (width > 0 && new_size / width != height)) + { + seterrno(EOVERFLOW); + return -1; + } + old_width = cv->width; old_height = cv->height; old_size = old_width * old_height; @@ -375,7 +385,6 @@ int caca_resize(caca_canvas_t *cv, int w * dirty rectangle handling */ cv->width = width; cv->height = height; - new_size = width * height; /* If width or height is smaller (or both), we have the opportunity to * reduce or even remove dirty rectangles */ Index: libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/codec/import.c =================================================================== --- libcaca-da28e9684ef445ac8d42745644336b8a75c01855.orig/caca/codec/import.c +++ libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/codec/import.c @@ -61,6 +61,7 @@ static ssize_t import_caca(caca_canvas_t * * If an error occurs, -1 is returned and \b errno is set accordingly: * - \c ENOMEM Not enough memory to allocate canvas. + * - \c EOVERFLOW Importing data caused a value overflow. * - \c EINVAL Invalid format requested. * * \param cv A libcaca canvas in which to import the file. Index: libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/codec/text.c =================================================================== --- libcaca-da28e9684ef445ac8d42745644336b8a75c01855.orig/caca/codec/text.c +++ libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/codec/text.c @@ -46,7 +46,7 @@ ssize_t _import_text(caca_canvas_t *cv, char const *text = (char const *)data; unsigned int width = 0, height = 0, x = 0, y = 0, i; - caca_set_canvas_size(cv, width, height); + caca_set_canvas_size(cv, 0, 0); for(i = 0; i < size; i++) { @@ -70,15 +70,19 @@ ssize_t _import_text(caca_canvas_t *cv, if(y >= height) height = y + 1; - caca_set_canvas_size(cv, width, height); + if (caca_set_canvas_size(cv, width, height) < 0) + return -1; } caca_put_char(cv, x, y, ch); x++; } - if(y > height) - caca_set_canvas_size(cv, width, height = y); + if (y > height) + { + if (caca_set_canvas_size(cv, width, height = y) < 0) + return -1; + } return (ssize_t)size; } @@ -431,7 +435,8 @@ ssize_t _import_ansi(caca_canvas_t *cv, { savedattr = caca_get_attr(cv, -1, -1); caca_set_attr(cv, im.clearattr); - caca_set_canvas_size(cv, width = x + wch, height); + if (caca_set_canvas_size(cv, width = x + wch, height) < 0) + return -1; caca_set_attr(cv, savedattr); } else @@ -448,7 +453,8 @@ ssize_t _import_ansi(caca_canvas_t *cv, caca_set_attr(cv, im.clearattr); if(growy) { - caca_set_canvas_size(cv, width, height = y + 1); + if (caca_set_canvas_size(cv, width, height = y + 1) < 0) + return -1; } else { @@ -480,7 +486,8 @@ ssize_t _import_ansi(caca_canvas_t *cv, { savedattr = caca_get_attr(cv, -1, -1); caca_set_attr(cv, im.clearattr); - caca_set_canvas_size(cv, width, height = y); + if (caca_set_canvas_size(cv, width, height = y)) + return -1; caca_set_attr(cv, savedattr); } Index: libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/t/canvas.cpp =================================================================== --- libcaca-da28e9684ef445ac8d42745644336b8a75c01855.orig/caca/t/canvas.cpp +++ libcaca-da28e9684ef445ac8d42745644336b8a75c01855/caca/t/canvas.cpp @@ -53,18 +53,29 @@ public: CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 0); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 0); - caca_set_canvas_size(cv, 1, 1); + int ret = caca_set_canvas_size(cv, 1, 1); + CPPUNIT_ASSERT_EQUAL(ret, 0); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 1); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 1); - caca_set_canvas_size(cv, 1234, 1001); + ret = caca_set_canvas_size(cv, 1234, 1001); + CPPUNIT_ASSERT_EQUAL(ret, 0); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 1234); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 1001); - caca_set_canvas_size(cv, 0, 0); + ret = caca_set_canvas_size(cv, 0, 0); + CPPUNIT_ASSERT_EQUAL(ret, 0); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 0); CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 0); + CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, -1, 50)); + CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, 50, -1)); + CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, -1, -1)); + CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, INT_MAX / 2, 3)); + CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, 3, INT_MAX / 2)); + CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, INT_MAX / 2, INT_MAX / 2)); + CPPUNIT_ASSERT_EQUAL(0, caca_set_canvas_size(cv, 0, 0)); + caca_free_canvas(cv); } Index: libcaca-da28e9684ef445ac8d42745644336b8a75c01855/tools/makefont.c =================================================================== --- libcaca-da28e9684ef445ac8d42745644336b8a75c01855.orig/tools/makefont.c +++ libcaca-da28e9684ef445ac8d42745644336b8a75c01855/tools/makefont.c @@ -40,7 +40,8 @@ * and the UTF-8 glyphs necessary for canvas rotation and mirroring. */ static unsigned int const blocklist[] = { - 0x0000, 0x0080, /* Basic latin: A, B, C, a, b, c */ + 0x0020, 0x0080, /* Basic latin: A, B, C, a, b, c */ +#if 0 0x0080, 0x0100, /* Latin-1 Supplement: Ä, Ç, å, ß */ 0x0100, 0x0180, /* Latin Extended-A: Ā č Ō œ */ 0x0180, 0x0250, /* Latin Extended-B: Ǝ Ƹ */ @@ -63,6 +64,7 @@ static unsigned int const blocklist[] = 0x30a0, 0x3100, /* Katakana: ロ ル */ 0xff00, 0xfff0, /* Halfwidth and Fullwidth Forms: A, B, C, a, b, c */ 0x10400, 0x10450, /* Deseret: 𐐒 𐐋 */ +#endif 0, 0 }; @@ -105,10 +107,10 @@ int main(int argc, char *argv[]) if(argc != 5) { - fprintf(stderr, "%s: wrong argument count\n", argv[0]); - fprintf(stderr, "usage: %s <prefix> <font> <dpi> <bpp>\n", argv[0]); - fprintf(stderr, "eg: %s monospace9 \"Monospace 9\" 96 4\n", argv[0]); - return -1; + fprintf(stderr, "%s: wrong argument count\n", argv[0]); + fprintf(stderr, "usage: %s <prefix> <font> <dpi> <bpp>\n", argv[0]); + fprintf(stderr, "eg: %s monospace9 \"Monospace 9\" 96 4\n", argv[0]); + return -1; } prefix = argv[1]; @@ -118,8 +120,8 @@ int main(int argc, char *argv[]) if(dpi == 0 || (bpp != 1 && bpp != 2 && bpp != 4 && bpp != 8)) { - fprintf(stderr, "%s: invalid argument\n", argv[0]); - return -1; + fprintf(stderr, "%s: invalid argument\n", argv[0]); + return -1; } fprintf(stderr, "Font \"%s\", %i dpi, %i bpp\n", font, dpi, bpp); @@ -132,9 +134,9 @@ int main(int argc, char *argv[]) l = pango_layout_new(cx); if(!l) { - fprintf(stderr, "%s: unable to initialise pango\n", argv[0]); - g_object_unref(cx); - return -1; + fprintf(stderr, "%s: unable to initialise pango\n", argv[0]); + g_object_unref(cx); + return -1; } fd = pango_font_description_from_string(font); @@ -164,11 +166,11 @@ int main(int argc, char *argv[]) fullglyphs = 0; for(b = 0; blocklist[b + 1]; b += 2) { - blocks++; - glyphs += blocklist[b + 1] - blocklist[b]; - for(i = blocklist[b]; i < blocklist[b + 1]; i++) - if(caca_utf32_is_fullwidth(i)) - fullglyphs++; + blocks++; + glyphs += blocklist[b + 1] - blocklist[b]; + for(i = blocklist[b]; i < blocklist[b + 1]; i++) + if(caca_utf32_is_fullwidth(i)) + fullglyphs++; } control_size = 28 + 12 * blocks + 8 * glyphs; @@ -180,16 +182,16 @@ int main(int argc, char *argv[]) /* Let's go! */ printf("/* libcaca font file\n"); printf(" * \"%s\": %i dpi, %i bpp, %ix%i/%ix%i glyphs\n", - font, dpi, bpp, stdwidth, height, fullwidth, height); + font, dpi, bpp, stdwidth, height, fullwidth, height); printf(" * Automatically generated by tools/makefont.c:\n"); printf(" * tools/makefont %s \"%s\" %i %i\n", prefix, font, dpi, bpp); printf(" */\n"); printf("\n"); printf("static size_t const %s_size = %i;\n", - prefix, 4 + control_size + data_size); + prefix, 4 + control_size + data_size); printf("static uint8_t const %s_data[%i] =\n", - prefix, 4 + control_size + data_size); + prefix, 4 + control_size + data_size); printf("{\n"); printf("/* file: */\n"); @@ -217,10 +219,10 @@ int main(int argc, char *argv[]) n = 0; for(b = 0; blocklist[b + 1]; b += 2) { - printf_u32("%s", blocklist[b]); - printf_u32("%s", blocklist[b + 1]); - printf_u32("%s\n", n); - n += blocklist[b + 1] - blocklist[b]; + printf_u32("%s", blocklist[b]); + printf_u32("%s", blocklist[b + 1]); + printf_u32("%s\n", n); + n += blocklist[b + 1] - blocklist[b]; } printf("\n"); @@ -228,81 +230,81 @@ int main(int argc, char *argv[]) current_offset = n = 0; for(b = 0; blocklist[b + 1]; b += 2) { - for(i = blocklist[b]; i < blocklist[b + 1]; i++) - { - int x, y, bytes, current_width = stdwidth; - unsigned int k, current_size = stdsize; - - if(caca_utf32_is_fullwidth(i)) - { - current_width = fullwidth; - current_size = fullsize; - } - gtab[n].unicode = i; - bytes = caca_utf32_to_utf8(gtab[n].buf, gtab[n].unicode); - gtab[n].buf[bytes] = '\0'; - - /* Render glyph on a bitmap */ - pango_layout_set_text(l, gtab[n].buf, -1); - memset(img.buffer, 0, img.pitch * height); - pango_ft2_render_layout(&img, l, 0, 0); - - /* Fix glyphs that we know how to handle better */ - fix_glyph(&img, gtab[n].unicode, current_width, height); - - /* Write bitmap as an escaped C string */ - memset(glyph_data + current_offset, 0, current_size); - k = 0; - for(y = 0; y < height; y++) - { - for(x = 0; x < current_width; x++) - { - uint8_t pixel = img.buffer[y * img.pitch + x]; - - pixel >>= (8 - bpp); - glyph_data[current_offset + k / 8] - |= pixel << (8 - bpp - (k % 8)); - k += bpp; - } - } - - /* Check whether this is the same glyph as another one. Please - * don't bullshit me about sorting, hashing and stuff like that, - * our data is small enough for this to work. */ - for(k = 0; k < n; k++) - { - if(gtab[k].data_size != current_size) - continue; + for(i = blocklist[b]; i < blocklist[b + 1]; i++) + { + int x, y, bytes, current_width = stdwidth; + unsigned int k, current_size = stdsize; + + if(caca_utf32_is_fullwidth(i)) + { + current_width = fullwidth; + current_size = fullsize; + } + gtab[n].unicode = i; + bytes = caca_utf32_to_utf8(gtab[n].buf, gtab[n].unicode); + gtab[n].buf[bytes] = '\0'; + + /* Render glyph on a bitmap */ + pango_layout_set_text(l, gtab[n].buf, -1); + memset(img.buffer, 0, img.pitch * height); + pango_ft2_render_layout(&img, l, 0, 0); + + /* Fix glyphs that we know how to handle better */ + fix_glyph(&img, gtab[n].unicode, current_width, height); + + /* Write bitmap as an escaped C string */ + memset(glyph_data + current_offset, 0, current_size); + k = 0; + for(y = 0; y < height; y++) + { + for(x = 0; x < current_width; x++) + { + uint8_t pixel = img.buffer[y * img.pitch + x]; + + pixel >>= (8 - bpp); + glyph_data[current_offset + k / 8] + |= pixel << (8 - bpp - (k % 8)); + k += bpp; + } + } + + /* Check whether this is the same glyph as another one. Please + * don't bullshit me about sorting, hashing and stuff like that, + * our data is small enough for this to work. */ + for(k = 0; k < n; k++) + { + if(gtab[k].data_size != current_size) + continue; #if 0 - if(!memcmp(glyph_data + gtab[k].data_offset, - glyph_data + current_offset, current_size)) - break; + if(!memcmp(glyph_data + gtab[k].data_offset, + glyph_data + current_offset, current_size)) + break; #endif - } + } - gtab[n].data_offset = current_offset; - gtab[n].data_width = current_width; - gtab[n].data_size = current_size; - gtab[n].same_as = k; + gtab[n].data_offset = current_offset; + gtab[n].data_width = current_width; + gtab[n].data_size = current_size; + gtab[n].same_as = k; - if(k == n) - current_offset += current_size; + if(k == n) + current_offset += current_size; - n++; - } + n++; + } } printf("/* glyph_info: */\n"); n = 0; for(b = 0; blocklist[b + 1]; b += 2) { - for(i = blocklist[b]; i < blocklist[b + 1]; i++) - { - printf_u16("%s", gtab[n].data_width); - printf_u16("%s", height); - printf_u32("%s\n", gtab[gtab[n].same_as].data_offset); - n++; - } + for(i = blocklist[b]; i < blocklist[b + 1]; i++) + { + printf_u16("%s", gtab[n].data_width); + printf_u16("%s", height); + printf_u32("%s\n", gtab[gtab[n].same_as].data_offset); + n++; + } } printf("\n"); @@ -310,24 +312,38 @@ int main(int argc, char *argv[]) n = 0; for(b = 0; blocklist[b + 1]; b += 2) { - for(i = blocklist[b]; i < blocklist[b + 1]; i++) - { - /* Print glyph value in comment */ - printf("/* "); - printf_unicode(>ab[n]); - - if(gtab[n].same_as == n) - printf_hex(" */ %s\n", - glyph_data + gtab[n].data_offset, gtab[n].data_size); - else - { - printf(" is "); - printf_unicode(>ab[gtab[n].same_as]); - printf(" */\n"); - } + for(i = blocklist[b]; i < blocklist[b + 1]; i++) + { + /* Print glyph value in comment */ + printf("/* "); + printf_unicode(>ab[n]); + + if(gtab[n].same_as == n) + { + char const *lut = " .:nmW@"; + printf("\n"); + for (int y = 0; y < height; ++y) + { + for (int x = 0; x < gtab[n].data_width; ++x) + { + int val = glyph_data[gtab[n].data_offset + y * gtab[n].data_width + x]; + char ch = lut[val * val * 7 / 256 / 256]; + printf("%c%c", ch, ch); + } + printf("\n"); + } + //printf_hex(" */ %s\n", + // glyph_data + gtab[n].data_offset, gtab[n].data_size); + } + else + { + printf(" is "); + printf_unicode(>ab[gtab[n].same_as]); + printf(" */\n"); + } - n++; - } + n++; + } } printf("};\n"); @@ -347,74 +363,74 @@ int main(int argc, char *argv[]) */ static void fix_glyph(FT_Bitmap *i, uint32_t ch, - unsigned int width, unsigned int height) + unsigned int width, unsigned int height) { unsigned int x, y; switch(ch) { case 0x00002580: /* ▀ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = y < height / 2 ? 0xff : 0x00; - if(height & 1) - for(x = 0; x < width; x++) - i->buffer[x + (height / 2) * i->pitch] = 0x7f; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = y < height / 2 ? 0xff : 0x00; + if(height & 1) + for(x = 0; x < width; x++) + i->buffer[x + (height / 2) * i->pitch] = 0x7f; + break; case 0x00002584: /* ▄ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = y < height / 2 ? 0x00 : 0xff; - if(height & 1) - for(x = 0; x < width; x++) - i->buffer[x + (height / 2) * i->pitch] = 0x7f; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = y < height / 2 ? 0x00 : 0xff; + if(height & 1) + for(x = 0; x < width; x++) + i->buffer[x + (height / 2) * i->pitch] = 0x7f; + break; case 0x0000258c: /* ▌ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = x < width / 2 ? 0xff : 0x00; - if(width & 1) - for(y = 0; y < height; y++) - i->buffer[(width / 2) + y * i->pitch] = 0x7f; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = x < width / 2 ? 0xff : 0x00; + if(width & 1) + for(y = 0; y < height; y++) + i->buffer[(width / 2) + y * i->pitch] = 0x7f; + break; case 0x00002590: /* ▐ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = x < width / 2 ? 0x00 : 0xff; - if(width & 1) - for(y = 0; y < height; y++) - i->buffer[(width / 2) + y * i->pitch] = 0x7f; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = x < width / 2 ? 0x00 : 0xff; + if(width & 1) + for(y = 0; y < height; y++) + i->buffer[(width / 2) + y * i->pitch] = 0x7f; + break; case 0x000025a0: /* ■ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = - (y >= height / 4) && (y < 3 * height / 4) ? 0xff : 0x00; - if(height & 3) - for(x = 0; x < width; x++) /* FIXME: could be more precise */ - i->buffer[x + (height / 4) * i->pitch] = - i->buffer[x + (3 * height / 4) * i->pitch] = 0x7f; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = + (y >= height / 4) && (y < 3 * height / 4) ? 0xff : 0x00; + if(height & 3) + for(x = 0; x < width; x++) /* FIXME: could be more precise */ + i->buffer[x + (height / 4) * i->pitch] = + i->buffer[x + (3 * height / 4) * i->pitch] = 0x7f; + break; case 0x00002588: /* █ */ - memset(i->buffer, 0xff, height * i->pitch); - break; + memset(i->buffer, 0xff, height * i->pitch); + break; case 0x00002593: /* ▓ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = - ((x + 2 * (y & 1)) & 3) ? 0xff : 0x00; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = + ((x + 2 * (y & 1)) & 3) ? 0xff : 0x00; + break; case 0x00002592: /* ▒ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = ((x + y) & 1) ? 0xff : 0x00; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = ((x + y) & 1) ? 0xff : 0x00; + break; case 0x00002591: /* ░ */ - for(y = 0; y < height; y++) - for(x = 0; x < width; x++) - i->buffer[x + y * i->pitch] = - ((x + 2 * (y & 1)) & 3) ? 0x00 : 0xff; - break; + for(y = 0; y < height; y++) + for(x = 0; x < width; x++) + i->buffer[x + y * i->pitch] = + ((x + 2 * (y & 1)) & 3) ? 0x00 : 0xff; + break; } } @@ -425,9 +441,9 @@ static int printf_unicode(struct glyph * wr += printf("U+%.04X: \"", g->unicode); if(g->unicode < 0x20 || (g->unicode >= 0x7f && g->unicode <= 0xa0)) - wr += printf("\\x%.02x\"", g->unicode); + wr += printf("\\x%.02x\"", g->unicode); else - wr += printf("%s\"", g->buf); + wr += printf("%s\"", g->buf); return wr; } @@ -450,7 +466,7 @@ static int printf_hex(char const *fmt, u char *parser = buf; while(bytes--) - parser += sprintf(parser, "%i,", (unsigned int)*data++); + parser += sprintf(parser, "%i,", (unsigned int)*data++); parser[0] = '\0'; return printf(fmt, buf);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor