Package init

2019-09-30 10:40:34 -04:00 · 2019-09-30 10:40:34 -04:00 · ce0a07f0a9
commit ce0a07f0a9
3 changed files with 110 additions and 0 deletions
--- a/CVE-2016-3977.patch
+++ b/CVE-2016-3977.patch
@ -0,0 +1,48 @@
+--- a/lib/dgif_lib.c	2016-04-02 23:34:00.000000000 +0800
+++ b/lib/dgif_lib_1.c	2019-07-17 11:42:30.488000000 +0800
+@@ -288,7 +288,11 @@ DGifGetScreenDesc(GifFileType *GifFile)
+     } else {
+         GifFile->SColorMap = NULL;
+     }
+-
+    /*
+     * No check here for whether the background color is in range for the
+     * screen color map.  Possibly there should be.
+     */
+ 
+     return GIF_OK;
+ }
+ 
+--- a/util/gif2rgb.c	2016-03-18 00:24:17.000000000 +0800
+++ b/util/gif2rgb_1.c	2019-07-17 11:45:22.044000000 +0800
+@@ -15,7 +15,7 @@ Toshio Kuratomi had written this in a co
+ 
+ I (ESR) took this off the main to-do list in 2012 because I don't think
+ the GIFLIB project actually needs to be in the converters-and-tools business.
+-Plenty of hackers do that; our jub is to supply stable library capability
+Plenty of hackers do that; our job is to supply stable library capability
+ with our utilities mainly interesting as test tools.
+ 
+ ***************************************************************************/
+@@ -461,7 +461,7 @@ static void GIF2RGB(int NumFiles, char *
+ 		break;
+ 	}
+     } while (RecordType != TERMINATE_RECORD_TYPE);
+-
+    
+     /* Lets dump it - set the global variables required and do it: */
+     ColorMap = (GifFile->Image.ColorMap
+ 		? GifFile->Image.ColorMap
+@@ -471,6 +471,12 @@ static void GIF2RGB(int NumFiles, char *
+         exit(EXIT_FAILURE);
+     }
+ 
+    /* check that the background color isn't garbage (SF bug #87) */
+    if (GifFile->SBackGroundColor < 0 || GifFile->SBackGroundColor >= ColorMap->ColorCount) {
+        fprintf(stderr, "Background color out of range for colormap\n");
+        exit(EXIT_FAILURE);
+    }
+
+     DumpScreen2RGB(OutFileName, OneFileFlag,
+ 		   ColorMap,
+ 		   ScreenBuffer, 
--- a/giflib-5.1.4.tar.bz2
+++ b/giflib-5.1.4.tar.bz2
--- a/giflib.spec
+++ b/giflib.spec
@ -0,0 +1,62 @@
+Name:          giflib
+Version:       5.1.4
+Release:       3
+Summary:       A library and utilities for processing GIFs
+License:       MIT
+URL:           http://www.sourceforge.net/projects/giflib/
+Source:        http://downloads.sourceforge.net/giflib/giflib-%{version}.tar.bz2
+
+Patch6000:     CVE-2016-3977.patch
+
+BuildRequires: make xmlto
+provides:      giflib-utils
+Obsoletes:     giflib-utils
+
+%description
+giflib is a library of gif images and provides utilities for processing images.
+
+%package       devel
+Summary:       files for developing programs which use the giflib library
+
+%description   devel
+development header files, libraries for programs using the giflib library.
+
+%package       help
+Summary:       help document for manipulating GIF format image files
+Buildarch:     noarch
+
+%description   help
+help document for manipulating GIF format image files
+
+%prep
+%autosetup -n %{name}-%{version} -p1
+
+%build
+%configure
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+%make_build
+
+%install
+%make_install
+rm -f doc/Makefile*
+
+%ldconfig_scriptlets
+
+%files
+%doc AUTHORS ChangeLog NEWS README COPYING
+%{_libdir}/libgif.so.7*
+%exclude %{_libdir}/*.{a,la}
+%{_bindir}/gif*
+
+%files devel
+%doc doc/*
+%{_libdir}/libgif.so
+%{_includedir}/gif_lib.h
+
+%files help
+%{_mandir}/man1/gif*.1*
+
+%changelog
+* Tue Sep 10 2019 Lijin Yang <yanglijin@huawei.com> - 5.1.4-3
+- Package init