Compare commits
4 Commits
| Author | SHA1 | Date |
|---|---|---|
Kevin Fenzi
|
cf3b62ddcb | |
Fedora Release Engineering
|
22ebcbb38d | |
Kevin Fenzi
|
66c2035263 | |
Jesse Keating
|
a68313af4b |
21
Makefile
21
Makefile
|
|
@ -1,21 +0,0 @@
|
|||
# Makefile for source rpm: fontforge
|
||||
# $Id$
|
||||
NAME := fontforge
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
ifeq ($(MAKEFILE_COMMON),)
|
||||
# attept a checkout
|
||||
define checkout-makefile-common
|
||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||
endif
|
||||
|
||||
include $(MAKEFILE_COMMON)
|
||||
|
|
@ -35,7 +35,7 @@ diff -Nur fontforge-20090224.orig/pyhook/loadfontforge.h fontforge-20090224/pyho
|
|||
if ( (lib = dlopen("libfontforge" SO_EXT,RTLD_LAZY))==NULL ) {
|
||||
#ifdef PREFIX
|
||||
- lib = dlopen( PREFIX "/lib/" "libfontforge" SO_EXT,RTLD_LAZY);
|
||||
+ lib = dlopen( SOLIBDIR "libfontforge.so.1" SO_EXT,RTLD_LAZY);
|
||||
+ lib = dlopen( SOLIBDIR "libfontforge.so.1" ,RTLD_LAZY);
|
||||
#endif
|
||||
}
|
||||
if ( lib==NULL ) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,50 @@
|
|||
--- fontforge/fontforge/fvimportbdf.c 15 Apr 2010 10:47:36 -0000 1.58
|
||||
+++ fontforge/fontforge/fvimportbdf.c 3 Dec 2010 21:03:38 -0000
|
||||
@@ -560,7 +560,7 @@
|
||||
}
|
||||
|
||||
if ( strcmp(tok,"FONT")==0 ) {
|
||||
- if ( sscanf(buf,"-%*[^-]-%[^-]-%[^-]-%[^-]-%*[^-]-", family, weight, italic )!=0 ) {
|
||||
+ if ( sscanf(buf,"-%*[^-]-%99[^-]-%99[^-]-%99[^-]-%*[^-]-", family, weight, italic )!=0 ) {
|
||||
char *pt=buf;
|
||||
int dcnt=0;
|
||||
while ( *pt=='-' && dcnt<7 ) { ++pt; ++dcnt; }
|
||||
@@ -616,26 +616,30 @@
|
||||
sscanf(buf, "%d", &defs->metricsset );
|
||||
else if ( strcmp(tok,"VVECTOR")==0 )
|
||||
sscanf(buf, "%*d %d", &defs->vertical_origin );
|
||||
+ /* For foundry, fontname and encname, only copy up to the buffer size */
|
||||
else if ( strcmp(tok,"FOUNDRY")==0 )
|
||||
- sscanf(buf, "%[^\"]", foundry );
|
||||
+ sscanf(buf, "%99[^\"]", foundry );
|
||||
else if ( strcmp(tok,"FONT_NAME")==0 )
|
||||
- sscanf(buf, "%[^\"]", fontname );
|
||||
+ sscanf(buf, "%99[^\"]", fontname );
|
||||
else if ( strcmp(tok,"CHARSET_REGISTRY")==0 )
|
||||
- sscanf(buf, "%[^\"]", encname );
|
||||
+ sscanf(buf, "%99[^\"]", encname );
|
||||
else if ( strcmp(tok,"CHARSET_ENCODING")==0 ) {
|
||||
enc = 0;
|
||||
if ( sscanf(buf, " %d", &enc )!=1 )
|
||||
sscanf(buf, "%d", &enc );
|
||||
+ /* These properties should be copied up to the buffer length too */
|
||||
} else if ( strcmp(tok,"FAMILY_NAME")==0 ) {
|
||||
- strcpy(family,buf);
|
||||
+ strncpy(family,buf,99);
|
||||
} else if ( strcmp(tok,"FULL_NAME")==0 || strcmp(tok,"FACE_NAME")==0 ) {
|
||||
- strcpy(full,buf);
|
||||
+ strncpy(full,buf,99);
|
||||
} else if ( strcmp(tok,"WEIGHT_NAME")==0 )
|
||||
- strcpy(weight,buf);
|
||||
+ strncpy(weight,buf,99);
|
||||
else if ( strcmp(tok,"SLANT")==0 )
|
||||
- strcpy(italic,buf);
|
||||
+ strncpy(italic,buf,99);
|
||||
else if ( strcmp(tok,"COPYRIGHT")==0 ) {
|
||||
- strcpy(comments,buf);
|
||||
+ /* LS: Assume the size of the passed-in buffer is 1000, see below in
|
||||
+ * COMMENT */
|
||||
+ strncpy(comments,buf,999);
|
||||
found_copyright = true;
|
||||
} else if ( strcmp(tok,"COMMENT")==0 && !found_copyright ) {
|
||||
char *pt = comments+strlen(comments);
|
||||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
Name: fontforge
|
||||
Version: 20090923
|
||||
Release: 2%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Summary: Outline and bitmap font editor
|
||||
|
||||
Group: Applications/Publishing
|
||||
|
|
@ -17,6 +17,7 @@ Source2: http://downloads.sourceforge.net/fontforge/fontforge_htdocs-%{do
|
|||
Source3: fontforge.xml
|
||||
Patch1: fontforge-20090224-pythondl.patch
|
||||
Patch2: fontforge-20090923-rel-path.patch
|
||||
Patch3: fontforge-20090923-CVE-2010-4259.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
Requires: xdg-utils
|
||||
|
|
@ -149,6 +150,12 @@ update-mime-database %{_datadir}/mime &> /dev/null || :
|
|||
%{_libdir}/pkgconfig/*.pc
|
||||
|
||||
%changelog
|
||||
* Sat Dec 04 2010 Kevin Fenzi <kevin@tummy.com> - 20090923-4
|
||||
- Add patch to fix CVE-2010-4259 (fixes #659359)
|
||||
|
||||
* Sat Mar 20 2010 Kevin Fenzi <kevin@tummy.com> - 20090923-3
|
||||
- Fix patch to fix python module (fixes #560277)
|
||||
|
||||
* Wed Dec 30 2009 Kevin Fenzi <kevin@tummy.com> - 20090923-2
|
||||
- Add patch to fix relative paths for fontlint (fixes #530760)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,2 +0,0 @@
|
|||
fontforge-20080927-1_fc10:HEAD:fontforge-20080927-1.fc10.src.rpm:1226141478
|
||||
fontforge-20081224-2_fc11:HEAD:fontforge-20081224-2.fc11.src.rpm:1235380490
|
||||
Loading…
Reference in New Issue