From c7c7140b5529b8d0428768adda4ac413f2b69982 Mon Sep 17 00:00:00 2001
From: Fabian <inkane@chakra-project.org>
Date: Fri, 20 Dec 2013 23:44:34 +0000
Subject: [PATCH] synced lib32-libjpeg-turbo with non-lib32 version

---
 lib32-libjpeg-turbo/PKGBUILD            | 72 ++++++++++++++-----------
 lib32-libjpeg-turbo/cve-2013-6629.patch | 36 +++++++++++++
 2 files changed, 77 insertions(+), 31 deletions(-)
 create mode 100644 lib32-libjpeg-turbo/cve-2013-6629.patch

diff --git a/lib32-libjpeg-turbo/PKGBUILD b/lib32-libjpeg-turbo/PKGBUILD
index 860361d..5c01a67 100644
--- a/lib32-libjpeg-turbo/PKGBUILD
+++ b/lib32-libjpeg-turbo/PKGBUILD
@@ -5,55 +5,65 @@
 
 _pkgbasename=libjpeg-turbo
 pkgname=lib32-$_pkgbasename
-pkgver=1.2.1
-pkgrel=2
-pkgdesc="libjpeg derivative with accelerated baseline JPEG compression and decompression (32-bit)"
+pkgver=1.3.0
+pkgrel=1
+pkgdesc='JPEG image codec with accelerated baseline compression and decompression (lib32)'
 arch=('x86_64')
-url="http://libjpeg-turbo.virtualgl.org/"
-license=('GPL' 'custom')
+url='http://libjpeg-turbo.virtualgl.org/'
+license=('GPL'
+         'custom')
+makedepends=('nasm')
 depends=('lib32-glibc' $_pkgbasename=$pkgver)
 makedepends=('nasm' gcc-multilib)
 provides=('lib32-libjpeg=8.0.2')
 conflicts=('lib32-libjpeg')
 replaces=('lib32-libjpeg')
 options=('!libtool')
-source=(http://sourceforge.net/projects/$_pkgbasename/files/$pkgver/$_pkgbasename-$pkgver.tar.gz)
-md5sums=('f61e60ff01381ece4d2fe65eeb52669e')
+options=('!libtool')
+source=("http://sourceforge.net/projects/$_pkgbasename/files/$pkgver/$_pkgbasename-$pkgver.tar.gz"
+        'cve-2013-6629.patch')
+sha512sums=('4d34c3c5f2cdd70b2a3d1b55eeb4ce59cb3d4b8d22bb6d43c2ec844b7eb5685b55a9b1b46ad2bc5f2756b5f5535ccad032791c3b932af9c1efc502aa5e701053'
+            'c5f063f87305ab48cb40c243df9e7a307efedc02eef8eee65e9ca5006676d5257a6d1dc7a32ff77a2486c8be8792b4f5431d18e46759ad63c182b8332a736099')
+
+prepare() {
+    cd "${srcdir}/${_pkgbasename}-${pkgver}"
+    patch -i ../cve-2013-6629.patch # FS#38094
+}
 
 build() {
-  cd "$srcdir/$_pkgbasename-$pkgver"
+    cd "${srcdir}/${_pkgbasename}-${pkgver}"
 
-  export CC="gcc -m32"
-  export CXX="g++ -m32"
-  export PKG_CONFIG_PATH="/usr/lib32/pkgconfig"
 
-  sed -i "s|NAFLAGS='-felf64 -DELF -D__x86_64__'|NAFLAGS='-felf32 -DELF -D__x86_64__'|" configure
- 
-  # libjpeg6
-  ./configure --prefix=/usr \
-              --with-jpeg6 \
-              --mandir=/usr/share/man \
-              --libdir=/usr/lib32 \
-              --without-simd
-  make
+    export CC="gcc -m32"
+    export CXX="g++ -m32"
+    export PKG_CONFIG_PATH="/usr/lib32/pkgconfig"
 
-  mkdir -p $srcdir/libjpeg6
-  cp -d .libs/libjpeg.so.6* $srcdir/libjpeg6
-  rm -R .libs
+    sed -i "s|NAFLAGS='-felf64 -DELF -D__x86_64__'|NAFLAGS='-felf32 -DELF -D__x86_64__'|" configure
 
-  # libjpeg8
-  ./configure --prefix=/usr \
-              --with-jpeg8 \
-              --mandir=/usr/share/man \
-              --libdir=/usr/lib32 \
-              --without-simd
+    # Create libjpeg6
+    ./configure \
+        --prefix=/usr \
+        --with-jpeg6 \
+        --mandir=/usr/share/man \
+	--libdir=/usr/lib32 \
+	--without-simd
+    make
+    mkdir -p ${srcdir}/libjpeg6
+    cp -d .libs/libjpeg.so.6* ${srcdir}/libjpeg6
+    rm -R .libs
 
-  make
+    # Create libjpeg8
+    ./configure \
+        --prefix=/usr \
+        --with-jpeg8 \
+        --mandir=/usr/share/man \
+	--libdir=/usr/lib32 \
+	--without-simd
+    make
 }
 
 package() {
   cd "$srcdir/$_pkgbasename-$pkgver"
-
   make DESTDIR="$pkgdir/" install
   cp -vd $srcdir/libjpeg6/libjpeg.so.6* $pkgdir/usr/lib32
   rm -rf "${pkgdir}"/usr/{include,share,bin,sbin}
diff --git a/lib32-libjpeg-turbo/cve-2013-6629.patch b/lib32-libjpeg-turbo/cve-2013-6629.patch
new file mode 100644
index 0000000..7fb0273
--- /dev/null
+++ b/lib32-libjpeg-turbo/cve-2013-6629.patch
@@ -0,0 +1,36 @@
+Index: jdmarker.c
+===================================================================
+--- jdmarker.c	(revision 1088)
++++ jdmarker.c	(revision 1089)
+@@ -304,7 +304,7 @@
+ /* Process a SOS marker */
+ {
+   INT32 length;
+-  int i, ci, n, c, cc;
++  int i, ci, n, c, cc, pi;
+   jpeg_component_info * compptr;
+   INPUT_VARS(cinfo);
+ 
+@@ -348,6 +348,13 @@
+     
+     TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
+ 	     compptr->dc_tbl_no, compptr->ac_tbl_no);
++
++    /* This CSi (cc) should differ from the previous CSi */
++    for (pi = 0; pi < i; pi++) {
++      if (cinfo->cur_comp_info[pi] == compptr) {
++        ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
++      }
++    }
+   }
+ 
+   /* Collect the additional scan parameters Ss, Se, Ah/Al. */
+@@ -465,6 +472,8 @@
+     for (i = 0; i < count; i++)
+       INPUT_BYTE(cinfo, huffval[i], return FALSE);
+ 
++    MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));
++
+     length -= count;
+ 
+     if (index & 0x10) {		/* AC table definition */