From eb3e3920894ede87f7515b816d8364b52220ec57 Mon Sep 17 00:00:00 2001
From: Jaroslav Škarvada <jskarvad@redhat.com>
Date: Jan 20 2017 17:18:18 +0000
Subject: Enabled pstoedit backend

Fixed out of bounds write when using pstoedit backend
  Resolves: CVE-2016-7392
Fixed hardcoded version on source URL
Fixed bogus date in changelog (best effort)

---

diff --git a/autotrace-0.31.1-CVE-2016-7392.patch b/autotrace-0.31.1-CVE-2016-7392.patch
new file mode 100644
index 0000000..183320d
--- /dev/null
+++ b/autotrace-0.31.1-CVE-2016-7392.patch
@@ -0,0 +1,16 @@
+Subject: Fix heap-based buffer overflow in pstoedit_suffix_table_init
+ID: CVE-2016-7392
+Author: unknown (taken from DLA-621-1)
+Bug-Debian: https://bugs.debian.org/837599
+
+--- a/output-pstoedit.c
++++ b/output-pstoedit.c
+@@ -84,7 +84,7 @@
+       dd_tmp   = dd_start;
+       while (dd_tmp->symbolicname)
+ 	dd_tmp++;
+-      XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
++      XMALLOC(pstoedit_suffix_table, sizeof(char *) * (2 * (dd_tmp - dd_start) + 1));
+ 
+ #if defined (OUTPUT_PSTOEDIT_DEBUG) && defined(__GNUC__)
+   fprintf(stderr, "OUTPUT PSTOEDIT BACKEND DEBUG(%s)\n", __FUNCTION__);
diff --git a/autotrace-0.31.1-pstoedit-detection-fix.patch b/autotrace-0.31.1-pstoedit-detection-fix.patch
new file mode 100644
index 0000000..2ff1ce9
--- /dev/null
+++ b/autotrace-0.31.1-pstoedit-detection-fix.patch
@@ -0,0 +1,33 @@
+--- autotrace-0.31.1.orig/configure.in
++++ autotrace-0.31.1/configure.in
+@@ -282,8 +300,12 @@ AC_CHECK_LIB(dl,main,[LIBLD_LDFLAGS=-ldl
+ if test "x${LIBLD_LDFLAGS}" != x; then
+    LIBPSTOEDIT_EXTRA_LIBS="${LIBPSTOEDIT_EXTRA_LIBS} ${LIBLD_LDFLAGS}"
+ fi
+-
+-echo '*** Checking pstoedit existence TWICE(if needed) ***'
++        
++echo '*** Checking pstoedit existence THRICE(if needed)***'
++echo '*** This is the 0th check                        ***'
++PKG_CHECK_MODULES(LIBPSTOEDIT,[pstoedit >= 3.32.1],HAVE_LIBPSTOEDIT_321=yes)
++if test ${HAVE_LIBPSTOEDIT_321} != yes; then
++   echo '*** The 0th check failed                         ***'
+ echo '*** This is the 1st check                        ***'
+ AM_PATH_PSTOEDIT(3.32.1,HAVE_LIBPSTOEDIT_321=yes)
+ if test ${HAVE_LIBPSTOEDIT_321} != yes; then
+@@ -310,6 +332,15 @@ else
+ 	LIBPSTOEDIT_LIBS="${PSTOEDIT_LIBS} ${LIBPSTOEDIT_EXTRA_LIBS}"	
+ 	LIBPSTOEDIT_CFLAGS="${PSTOEDIT_CFLAGS}"
+ fi
++else
++        echo '*** The 0th check is passed.                     ***'
++	HAVE_LIBPSTOEDIT=yes
++
++       # Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1415258
++       LIBPSTOEDIT_LIBS="${LIBPSTOEDIT_LIBS/@LIBPNG_LDFLAGS@/-lpng}"
++
++	AC_DEFINE(HAVE_LIBPSTOEDIT)
++fi
+ 
+ if test ${HAVE_LIBPSTOEDIT} = yes; then
+ 	AC_CHECK_FUNCS([mkstemp])
diff --git a/autotrace.spec b/autotrace.spec
index 2a34c21..8281292 100644
--- a/autotrace.spec
+++ b/autotrace.spec
@@ -1,17 +1,19 @@
 Name:           autotrace
 Version:        0.31.1
-Release:        42%{?dist}
+Release:        43%{?dist}
 Summary:        Utility for converting bitmaps to vector graphics
 Group:          Applications/Multimedia
 License:        GPLv2+ and LGPLv2+
 URL:            http://autotrace.sourceforge.net/
-Source0:        http://download.sf.net/autotrace/autotrace-0.31.1.tar.gz
+Source0:        http://download.sf.net/autotrace/%{name}-%{version}.tar.gz
 Patch1:         autotrace-0001-Modify-GetOnePixel-usage-to-build-against-current-Im.patch
 Patch2:         autotrace-0002-Fixed-underquoted-AM_PATH_AUTOTRACE-definition.patch
 Patch3:         autotrace-0003-libpng-fix.patch
 # Sent upstream
 Patch4:         autotrace-0.31.1-CVE-2013-1953.patch
 Patch5:         autotrace-0.31.1-multilib-fix.patch
+Patch6:         autotrace-0.31.1-pstoedit-detection-fix.patch
+Patch7:         autotrace-0.31.1-CVE-2016-7392.patch
 BuildRequires:  ImageMagick-devel
 BuildRequires:  libpng-devel > 2:1.2
 BuildRequires:  libexif-devel
@@ -25,6 +27,7 @@ BuildRequires:  pstoedit-devel
 BuildRequires:	autoconf
 BuildRequires:	automake
 BuildRequires:	libtool
+BuildRequires:	pstoedit-devel
 
 
 %description
@@ -54,6 +57,8 @@ This package contains header files and development libraries for autotrace.
 %patch3 -p1 -b .libpng15
 %patch4 -p1 -b .CVE-2013-1953
 %patch5 -p1 -b .multilib-fix
+%patch6 -p1 -b .pstoedit-detection-fix
+%patch7 -p1 -b .CVE-2016-7392
 autoreconf -ivf
 
 %build
@@ -94,6 +99,13 @@ find $RPM_BUILD_ROOT -type f -name "*.a" -exec rm -f {} ';'
 
 
 %changelog
+* Fri Jan 20 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 0.31.1-43
+- Enabled pstoedit backend
+- Fixed out of bounds write when using pstoedit backend
+  Resolves: CVE-2016-7392
+- Fixed hardcoded version on source URL
+- Fixed bogus date in changelog (best effort)
+
 * Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-42
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
 
@@ -218,7 +230,7 @@ find $RPM_BUILD_ROOT -type f -name "*.a" -exec rm -f {} ';'
 * Wed May 25 2005 Jeremy Katz <katzj@redhat.com> - 0.31.1-5
 - rebuild
 
-* Fri Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
+* Thu Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
 - rebuilt
 
 * Sat Aug 21 2004 Marius L. Jøhndal <mariuslj at ifi.uio.no> - 0:0.31.1-3