ports/70232: libpng port has bad checksum

Gregory Bond gnb at itga.com.au
Mon Aug 9 23:30:22 UTC 2004 

>Number:         70232
>Category:       ports
>Synopsis:       libpng port has bad checksum
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Aug 09 23:30:21 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Gregory Bond
>Release:        FreeBSD 4.9-STABLE i386
>Organization:
ITG Australia Limited
>Environment:
System: FreeBSD hellcat.itga.com.au 4.9-STABLE FreeBSD 4.9-STABLE #24: Fri Mar 26 13:05:55 EST 2004 toor at grollo.itga.com.au:/usr/obj/usr/src/sys/HELLCAT i386


>Description:

Libpng port won't build do to checksum failures on the patch files.

Marked as serious/high because a HEAP of stuff depends on this!

[Yes, I've removed the distfiles and refetched, and cvsup'd the port, and 
checked gnats....]

root at grollo[/usr/ports/graphics/png] # make checksum
===>  Vulnerability check disabled
>How-To-Repeat:
	cd /usr/ports/graphics/png && make checksum

$ ls -l /usr/ports/distfiles/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt
-rw-------  1 root  wheel  1130 Aug  5 00:07 /usr/ports/distfiles/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt
$ grep RRGGBB distinfo
MD5 (libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt) = 1e49d90ffa33c25b5af90311fe022436
SIZE (libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt) = 1105
$ 

[note different size]

>Fix:

Not sure of the providence of the patch files, but try "make makesum" 
doesn't actually help - the patch files don't apply properly.

===>  Patching for png-1.2.5_8
===>  Applying distribution patches for png-1.2.5_8
2 out of 2 hunks failed--saving rejects to pngrtran.c.rej
*** Error code 2
>Release-Note:
>Audit-Trail:
>Unformatted:
 >> Checksum OK for libpng-1.2.5.tar.gz.
 >> Checksum mismatch for libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt.
 >> Checksum mismatch for libpng-patch01-pngrtran-filler-GG-overflow.txt.
 >> Checksum mismatch for libpng-patch02-pngerror-memcpy-overflow.txt.
 >> Checksum mismatch for libpng-patch03-trns-chunk-overflow.txt.
 >> Checksum mismatch for libpng-patch04-get-uint-31.txt.
 >> Checksum mismatch for libpng-patch05-pngpread-chunklength.txt.
 >> Checksum mismatch for libpng-patch06-pngread-chunklength.txt.
 >> Checksum mismatch for libpng-patch07-png-read-png-overflow.txt.
 >> Checksum mismatch for libpng-patch08-splt-buffer-overflow.txt.
 >> Checksum mismatch for libpng-patch09-null-iccp-profile.txt.
 >> Checksum mismatch for libpng-patch10-find-duplicate-chunk.txt.
 >> Checksum mismatch for libpng-patch11-limit-dimensions.txt.
 ===>  Refetch for 1 more times files: libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt libpng-patch01-pngrtran-filler-GG-overflow.txt libpng-patch02-pngerror-memcpy-overflow.txt libpng-patch03-trns-chunk-overflow.txt libpng-patch04-get-uint-31.txt libp ng-patch05-pngpread-chunklength.txt libpng-patch06-pngread-chunklength.txt libpng-patch07-png-read-png-overflow.txt libpng-patch08-splt-buffer-overflow.txt libpng-patch09-null-iccp-profile.txt libpng-patch10-find-duplicate-chunk.txt libpng-patch11-limit- dimensions.txt 
 ===>  Vulnerability check disabled
 >> libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt doesn't seem to exist in /usr/ports/distfiles/.
 >> Attempting to fetch from ftp://swrinde.nde.swri.edu/pub/png/src/.
 fetch: ftp://swrinde.nde.swri.edu/pub/png/src/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt: size unknown
 fetch: ftp://swrinde.nde.swri.edu/pub/png/src/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt: size of remote file is not known
 libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt        1130  B 1587 kBps
 
 [etc for the rest of the files]
 
 libpng-patch11-limit-dimensions.txt                   1121  B 1636 kBps
 ===>  Vulnerability check disabled
 >> Checksum OK for libpng-1.2.5.tar.gz.
 >> Checksum mismatch for libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt.
 >> Checksum mismatch for libpng-patch01-pngrtran-filler-GG-overflow.txt.
 >> Checksum mismatch for libpng-patch02-pngerror-memcpy-overflow.txt.
 >> Checksum mismatch for libpng-patch03-trns-chunk-overflow.txt.
 >> Checksum mismatch for libpng-patch04-get-uint-31.txt.
 >> Checksum mismatch for libpng-patch05-pngpread-chunklength.txt.
 >> Checksum mismatch for libpng-patch06-pngread-chunklength.txt.
 >> Checksum mismatch for libpng-patch07-png-read-png-overflow.txt.
 >> Checksum mismatch for libpng-patch08-splt-buffer-overflow.txt.
 >> Checksum mismatch for libpng-patch09-null-iccp-profile.txt.
 >> Checksum mismatch for libpng-patch10-find-duplicate-chunk.txt.
 >> Checksum mismatch for libpng-patch11-limit-dimensions.txt.
 ===>  Giving up on fetching files: libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt libpng-patch01-pngrtran-filler-GG-overflow.txt libpng-patch02-pngerror-memcpy-overflow.txt libpng-patch03-trns-chunk-overflow.txt libpng-patch04-get-uint-31.txt libpng- patch05-pngpread-chunklength.txt libpng-patch06-pngread-chunklength.txt libpng-patch07-png-read-png-overflow.txt libpng-patch08-splt-buffer-overflow.txt libpng-patch09-null-iccp-profile.txt libpng-patch10-find-duplicate-chunk.txt libpng-patch11-limit-dim ensions.txt

More information about the freebsd-ports-bugs mailing list