ports/70232: libpng port has bad checksum
Gregory Bond
gnb at itga.com.au
Mon Aug 9 23:30:22 UTC 2004
>Number: 70232
>Category: ports
>Synopsis: libpng port has bad checksum
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Aug 09 23:30:21 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Gregory Bond
>Release: FreeBSD 4.9-STABLE i386
>Organization:
ITG Australia Limited
>Environment:
System: FreeBSD hellcat.itga.com.au 4.9-STABLE FreeBSD 4.9-STABLE #24: Fri Mar 26 13:05:55 EST 2004 toor at grollo.itga.com.au:/usr/obj/usr/src/sys/HELLCAT i386
>Description:
Libpng port won't build do to checksum failures on the patch files.
Marked as serious/high because a HEAP of stuff depends on this!
[Yes, I've removed the distfiles and refetched, and cvsup'd the port, and
checked gnats....]
root at grollo[/usr/ports/graphics/png] # make checksum
===> Vulnerability check disabled
>How-To-Repeat:
cd /usr/ports/graphics/png && make checksum
$ ls -l /usr/ports/distfiles/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt
-rw------- 1 root wheel 1130 Aug 5 00:07 /usr/ports/distfiles/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt
$ grep RRGGBB distinfo
MD5 (libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt) = 1e49d90ffa33c25b5af90311fe022436
SIZE (libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt) = 1105
$
[note different size]
>Fix:
Not sure of the providence of the patch files, but try "make makesum"
doesn't actually help - the patch files don't apply properly.
===> Patching for png-1.2.5_8
===> Applying distribution patches for png-1.2.5_8
2 out of 2 hunks failed--saving rejects to pngrtran.c.rej
*** Error code 2
>Release-Note:
>Audit-Trail:
>Unformatted:
>> Checksum OK for libpng-1.2.5.tar.gz.
>> Checksum mismatch for libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt.
>> Checksum mismatch for libpng-patch01-pngrtran-filler-GG-overflow.txt.
>> Checksum mismatch for libpng-patch02-pngerror-memcpy-overflow.txt.
>> Checksum mismatch for libpng-patch03-trns-chunk-overflow.txt.
>> Checksum mismatch for libpng-patch04-get-uint-31.txt.
>> Checksum mismatch for libpng-patch05-pngpread-chunklength.txt.
>> Checksum mismatch for libpng-patch06-pngread-chunklength.txt.
>> Checksum mismatch for libpng-patch07-png-read-png-overflow.txt.
>> Checksum mismatch for libpng-patch08-splt-buffer-overflow.txt.
>> Checksum mismatch for libpng-patch09-null-iccp-profile.txt.
>> Checksum mismatch for libpng-patch10-find-duplicate-chunk.txt.
>> Checksum mismatch for libpng-patch11-limit-dimensions.txt.
===> Refetch for 1 more times files: libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt libpng-patch01-pngrtran-filler-GG-overflow.txt libpng-patch02-pngerror-memcpy-overflow.txt libpng-patch03-trns-chunk-overflow.txt libpng-patch04-get-uint-31.txt libp ng-patch05-pngpread-chunklength.txt libpng-patch06-pngread-chunklength.txt libpng-patch07-png-read-png-overflow.txt libpng-patch08-splt-buffer-overflow.txt libpng-patch09-null-iccp-profile.txt libpng-patch10-find-duplicate-chunk.txt libpng-patch11-limit- dimensions.txt
===> Vulnerability check disabled
>> libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt doesn't seem to exist in /usr/ports/distfiles/.
>> Attempting to fetch from ftp://swrinde.nde.swri.edu/pub/png/src/.
fetch: ftp://swrinde.nde.swri.edu/pub/png/src/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt: size unknown
fetch: ftp://swrinde.nde.swri.edu/pub/png/src/libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt: size of remote file is not known
libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt 1130 B 1587 kBps
[etc for the rest of the files]
libpng-patch11-limit-dimensions.txt 1121 B 1636 kBps
===> Vulnerability check disabled
>> Checksum OK for libpng-1.2.5.tar.gz.
>> Checksum mismatch for libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt.
>> Checksum mismatch for libpng-patch01-pngrtran-filler-GG-overflow.txt.
>> Checksum mismatch for libpng-patch02-pngerror-memcpy-overflow.txt.
>> Checksum mismatch for libpng-patch03-trns-chunk-overflow.txt.
>> Checksum mismatch for libpng-patch04-get-uint-31.txt.
>> Checksum mismatch for libpng-patch05-pngpread-chunklength.txt.
>> Checksum mismatch for libpng-patch06-pngread-chunklength.txt.
>> Checksum mismatch for libpng-patch07-png-read-png-overflow.txt.
>> Checksum mismatch for libpng-patch08-splt-buffer-overflow.txt.
>> Checksum mismatch for libpng-patch09-null-iccp-profile.txt.
>> Checksum mismatch for libpng-patch10-find-duplicate-chunk.txt.
>> Checksum mismatch for libpng-patch11-limit-dimensions.txt.
===> Giving up on fetching files: libpng-patch00-pngrtran-filler-RRGGBB-overflow.txt libpng-patch01-pngrtran-filler-GG-overflow.txt libpng-patch02-pngerror-memcpy-overflow.txt libpng-patch03-trns-chunk-overflow.txt libpng-patch04-get-uint-31.txt libpng- patch05-pngpread-chunklength.txt libpng-patch06-pngread-chunklength.txt libpng-patch07-png-read-png-overflow.txt libpng-patch08-splt-buffer-overflow.txt libpng-patch09-null-iccp-profile.txt libpng-patch10-find-duplicate-chunk.txt libpng-patch11-limit-dim ensions.txt
More information about the freebsd-ports-bugs
mailing list