Backport tiff from trunk to fix a few CVE's

graphics/tiff/Makefile

@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.121 2015/09/13 09:27:08 wiz Exp $
+# $NetBSD: Makefile,v 1.137 2017/06/21 01:08:33 tez Exp $
 
-DISTNAME=	tiff-4.0.6
+DISTNAME=	tiff-4.0.8
+PKGREVISION=	1
 CATEGORIES=	graphics
 MASTER_SITES=	ftp://ftp.remotesensing.org/pub/libtiff/ \
 		http://libtiff.maptools.org/dl/
@@ -14,7 +15,6 @@ EXTRACT_ONLY=	${DISTNAME}${EXTRACT_SUFX}
 
 USE_LANGUAGES=		c c++
 USE_LIBTOOL=		yes
-USE_MULTIARCH=		lib
 GNU_CONFIGURE=		yes
 CONFIGURE_ARGS+=	--enable-rpath
 CONFIGURE_ARGS+=	--enable-cxx
@@ -28,7 +28,7 @@ TEST_TARGET=		check
 post-install:
 	cd ${DESTDIR}/${PREFIX}/${PKGMANDIR}/man3 && for file in *.3tiff; do\
 		target=`${ECHO} $$file | sed "s/3tiff/3/"`; \
-		[ -f $$file ] && ${MV} $$file $$target || ${TRUE}; \
+		${MV} $$file $$target; \
 	done
 
 .include "options.mk"

graphics/tiff/PLIST

@@ -1,14 +1,9 @@
-@comment $NetBSD: PLIST,v 1.21 2015/09/13 09:27:08 wiz Exp $
-bin/bmp2tiff
+@comment $NetBSD: PLIST,v 1.24 2017/05/29 13:44:05 he Exp $
 bin/fax2ps
 bin/fax2tiff
-bin/gif2tiff
 bin/pal2rgb
 bin/ppm2tiff
-bin/ras2tiff
 bin/raw2tiff
-bin/rgb2ycbcr
-bin/thumbnail
 bin/tiff2bw
 bin/tiff2pdf
 bin/tiff2ps
@@ -30,17 +25,11 @@ include/tiffvers.h
 lib/libtiff.la
 lib/libtiffxx.la
 lib/pkgconfig/libtiff-4.pc
-man/man1/bmp2tiff.1
 man/man1/fax2ps.1
 man/man1/fax2tiff.1
-man/man1/gif2tiff.1
 man/man1/pal2rgb.1
 man/man1/ppm2tiff.1
-man/man1/ras2tiff.1
 man/man1/raw2tiff.1
-man/man1/rgb2ycbcr.1
-man/man1/sgi2tiff.1
-man/man1/thumbnail.1
 man/man1/tiff2bw.1
 man/man1/tiff2pdf.1
 man/man1/tiff2ps.1
@@ -55,7 +44,6 @@ man/man1/tiffinfo.1
 man/man1/tiffmedian.1
 man/man1/tiffset.1
 man/man1/tiffsplit.1
-man/man1/tiffsv.1
 man/man3/TIFFClose.3
 man/man3/TIFFDataWidth.3
 man/man3/TIFFError.3
@@ -177,19 +165,13 @@ share/doc/tiff/html/man/TIFFsize.3tiff.html
 share/doc/tiff/html/man/TIFFstrip.3tiff.html
 share/doc/tiff/html/man/TIFFswab.3tiff.html
 share/doc/tiff/html/man/TIFFtile.3tiff.html
-share/doc/tiff/html/man/bmp2tiff.1.html
 share/doc/tiff/html/man/fax2ps.1.html
 share/doc/tiff/html/man/fax2tiff.1.html
-share/doc/tiff/html/man/gif2tiff.1.html
 share/doc/tiff/html/man/index.html
 share/doc/tiff/html/man/libtiff.3tiff.html
 share/doc/tiff/html/man/pal2rgb.1.html
 share/doc/tiff/html/man/ppm2tiff.1.html
-share/doc/tiff/html/man/ras2tiff.1.html
 share/doc/tiff/html/man/raw2tiff.1.html
-share/doc/tiff/html/man/rgb2ycbcr.1.html
-share/doc/tiff/html/man/sgi2tiff.1.html
-share/doc/tiff/html/man/thumbnail.1.html
 share/doc/tiff/html/man/tiff2bw.1.html
 share/doc/tiff/html/man/tiff2pdf.1.html
 share/doc/tiff/html/man/tiff2ps.1.html
@@ -204,7 +186,6 @@ share/doc/tiff/html/man/tiffinfo.1.html
 share/doc/tiff/html/man/tiffmedian.1.html
 share/doc/tiff/html/man/tiffset.1.html
 share/doc/tiff/html/man/tiffsplit.1.html
-share/doc/tiff/html/man/tiffsv.1.html
 share/doc/tiff/html/misc.html
 share/doc/tiff/html/support.html
 share/doc/tiff/html/tools.html
@@ -251,3 +232,5 @@ share/doc/tiff/html/v4.0.4.html
 share/doc/tiff/html/v4.0.4beta.html
 share/doc/tiff/html/v4.0.5.html
 share/doc/tiff/html/v4.0.6.html
+share/doc/tiff/html/v4.0.7.html
+share/doc/tiff/html/v${PKGVERSION}.html

graphics/tiff/distinfo

@@ -1,7 +1,10 @@
-$NetBSD: distinfo,v 1.68 2015/11/03 21:34:33 agc Exp $
+$NetBSD: distinfo,v 1.86 2017/06/21 02:47:45 pgoyette Exp $
 
-SHA1 (tiff-4.0.6.tar.gz) = 280e27704eaca5f592b82e71ac0c78b87395e2de
-RMD160 (tiff-4.0.6.tar.gz) = 3d5d6951a36baf32ab0e0958d3b4a9413b7f2e07
-SHA512 (tiff-4.0.6.tar.gz) = 2c8dbaaaab9f82a7722bfe8cb6fcfcf67472beb692f1b7dafaf322759e7016dad1bc58457c0f03db50aa5bd088fef2b37358fcbc1524e20e9e14a9620373fdf8
-Size (tiff-4.0.6.tar.gz) = 2192991 bytes
+SHA1 (tiff-4.0.8.tar.gz) = 88717c97480a7976c94d23b6d9ed4ac74715267f
+RMD160 (tiff-4.0.8.tar.gz) = 0d8bc26c98035810c73b8f876f76dc48efba7da8
+SHA512 (tiff-4.0.8.tar.gz) = 5d010ec4ce37aca733f7ab7db9f432987b0cd21664bd9d99452a146833c40f0d1e7309d1870b0395e947964134d5cfeb1366181e761fe353ad585803ff3d6be6
+Size (tiff-4.0.8.tar.gz) = 2065574 bytes
 SHA1 (patch-configure) = a0032133f06b6ac92bbf52349fabe83f74ea14a6
+SHA1 (patch-libtiff_tif_dir.h) = 50f565eac6a7157a7c99923f4b3ffaf31b021644
+SHA1 (patch-libtiff_tif_dirinfo.c) = cd0e4da46f62d888128e558c16ebcc6a867274df
+SHA1 (patch-libtiff_tif_dirread.c) = d98b5cb0ceca8f5923c015b09f04da3b8af094e5

graphics/tiff/patches/patch-libtiff_tif_dir.h

@@ -0,0 +1,25 @@
+$NetBSD: patch-libtiff_tif_dir.h,v 1.3 2017/06/21 02:47:45 pgoyette Exp $
+
+fix CVE-2014-8128, CVE-2016-5318, CVE-2015-7554 & CVE-2016-10095
+per http://bugzilla.maptools.org/show_bug.cgi?id=2580
+
+also CVE-2017-9147
+(http://bugzilla.maptools.org/show_bug.cgi?id=2693)
+
+
+Index: tif_dir.h
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.h,v
+retrieving revision 1.54
+retrieving revision 1.55
+diff -w -u -b -r1.54 -r1.55
+--- libtiff/tif_dir.h.orig	18 Feb 2011 20:53:05 -0000	1.54
++++ libtiff/tif_dir.h	1 Jun 2017 12:44:04 -0000	1.55
+@@ -291,6 +291,7 @@
+ extern int _TIFFMergeFields(TIFF*, const TIFFField[], uint32);
+ extern const TIFFField* _TIFFFindOrRegisterField(TIFF *, uint32, TIFFDataType);
+ extern  TIFFField* _TIFFCreateAnonField(TIFF *, uint32, TIFFDataType);
++extern int _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag);
+
+ #if defined(__cplusplus)
+ }

graphics/tiff/patches/patch-libtiff_tif_dirinfo.c

@@ -0,0 +1,127 @@
+$NetBSD: patch-libtiff_tif_dirinfo.c,v 1.3 2017/06/21 02:47:45 pgoyette Exp $
+
+fix CVE-2014-8128, CVE-2016-5318, CVE-2015-7554 & CVE-2016-10095
+per http://bugzilla.maptools.org/show_bug.cgi?id=2580
+
+also CVE-2017-9147 
+(http://bugzilla.maptools.org/show_bug.cgi?id=2693)
+
+
+Index: tif_dirinfo.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirinfo.c,v
+retrieving revision 1.126
+retrieving revision 1.127
+diff -w -u -b -r1.126 -r1.127
+--- libtiff/tif_dirinfo.c.orig	18 Nov 2016 02:52:13 -0000	1.126
++++ libtiff/tif_dirinfo.c	1 Jun 2017 12:44:04 -0000	1.127
+@@ -956,6 +956,109 @@
+ 	return 0;
+ }
+
++int
++_TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag)
++{
++	/* Filter out non-codec specific tags */
++	switch (tag) {
++	    /* Shared tags */
++	    case TIFFTAG_PREDICTOR:
++	    /* JPEG tags */
++	    case TIFFTAG_JPEGTABLES:
++	    /* OJPEG tags */
++	    case TIFFTAG_JPEGIFOFFSET:
++	    case TIFFTAG_JPEGIFBYTECOUNT:
++	    case TIFFTAG_JPEGQTABLES:
++	    case TIFFTAG_JPEGDCTABLES:
++	    case TIFFTAG_JPEGACTABLES:
++	    case TIFFTAG_JPEGPROC:
++	    case TIFFTAG_JPEGRESTARTINTERVAL:
++	    /* CCITT* */
++	    case TIFFTAG_BADFAXLINES:
++	    case TIFFTAG_CLEANFAXDATA:
++	    case TIFFTAG_CONSECUTIVEBADFAXLINES:
++	    case TIFFTAG_GROUP3OPTIONS:
++	    case TIFFTAG_GROUP4OPTIONS:
++		break;
++	    default:
++		return 1;
++	}
++	/* Check if codec specific tags are allowed for the current
++	 * compression scheme (codec) */
++	switch (tif->tif_dir.td_compression) {
++	    case COMPRESSION_LZW:
++		if (tag == TIFFTAG_PREDICTOR)
++		    return 1;
++		break;
++	    case COMPRESSION_PACKBITS:
++		/* No codec-specific tags */
++		break;
++	    case COMPRESSION_THUNDERSCAN:
++		/* No codec-specific tags */
++		break;
++	    case COMPRESSION_NEXT:
++		/* No codec-specific tags */
++		break;
++	    case COMPRESSION_JPEG:
++		if (tag == TIFFTAG_JPEGTABLES)
++		    return 1;
++		break;
++	    case COMPRESSION_OJPEG:
++		switch (tag) {
++		    case TIFFTAG_JPEGIFOFFSET:
++		    case TIFFTAG_JPEGIFBYTECOUNT:
++		    case TIFFTAG_JPEGQTABLES:
++		    case TIFFTAG_JPEGDCTABLES:
++		    case TIFFTAG_JPEGACTABLES:
++		    case TIFFTAG_JPEGPROC:
++		    case TIFFTAG_JPEGRESTARTINTERVAL:
++			return 1;
++		}
++		break;
++	    case COMPRESSION_CCITTRLE:
++	    case COMPRESSION_CCITTRLEW:
++	    case COMPRESSION_CCITTFAX3:
++	    case COMPRESSION_CCITTFAX4:
++		switch (tag) {
++		    case TIFFTAG_BADFAXLINES:
++		    case TIFFTAG_CLEANFAXDATA:
++		    case TIFFTAG_CONSECUTIVEBADFAXLINES:
++			return 1;
++		    case TIFFTAG_GROUP3OPTIONS:
++			if (tif->tif_dir.td_compression == COMPRESSION_CCITTFAX3)
++			    return 1;
++			break;
++		    case TIFFTAG_GROUP4OPTIONS:
++			if (tif->tif_dir.td_compression == COMPRESSION_CCITTFAX4)
++			    return 1;
++			break;
++		}
++		break;
++	    case COMPRESSION_JBIG:
++		/* No codec-specific tags */
++		break;
++	    case COMPRESSION_DEFLATE:
++	    case COMPRESSION_ADOBE_DEFLATE:
++		if (tag == TIFFTAG_PREDICTOR)
++		    return 1;
++		break;
++	   case COMPRESSION_PIXARLOG:
++		if (tag == TIFFTAG_PREDICTOR)
++		    return 1;
++		break;
++	    case COMPRESSION_SGILOG:
++	    case COMPRESSION_SGILOG24:
++		/* No codec-specific tags */
++		break;
++	    case COMPRESSION_LZMA:
++		if (tag == TIFFTAG_PREDICTOR)
++		    return 1;
++		break;
++
++	}
++	return 0;
++}
++
+ /* vim: set ts=8 sts=8 sw=8 noet: */
+
+ /*

graphics/tiff/patches/patch-libtiff_tif_dirread.c

@@ -0,0 +1,28 @@
+$NetBSD: patch-libtiff_tif_dirread.c,v 1.7 2017/06/21 02:47:45 pgoyette Exp $
+
+fix CVE-2014-8128, CVE-2016-5318, CVE-2015-7554 & CVE-2016-10095
+per http://bugzilla.maptools.org/show_bug.cgi?id=2580
+
+also CVE-2017-9147 
+(http://bugzilla.maptools.org/show_bug.cgi?id=2693)
+
+
+Index: tif_dirread.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v
+retrieving revision 1.208
+retrieving revision 1.209
+diff -w -u -b -r1.208 -r1.209
+--- libtiff/tif_dirread.c.orig	27 Apr 2017 15:46:22 -0000	1.208
++++ libtiff/tif_dirread.c	1 Jun 2017 12:44:04 -0000	1.209
+@@ -3580,6 +3580,10 @@
+ 							goto bad;
+ 						dp->tdir_tag=IGNORE;
+ 						break;
++                                        default:
++                                            if( !_TIFFCheckFieldIsValidForCodec(tif, dp->tdir_tag) )
++                                                dp->tdir_tag=IGNORE;
++                                            break;
+ 				}
+ 			}
+ 		}