From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:29:00 +0100
Subject: [PATCH] netpbm: Fix CVE-2017-2586.

Copied verbatim from Debian[0].

[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2586.patch

---
diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
--- old/converter/other/svgtopam.c	2017-02-08 12:11:02.593690917 +0100
+++ new/converter/other/svgtopam.c	2017-02-08 12:13:05.192846469 +0100
@@ -676,7 +676,7 @@ stringToUint(const char *   const string
 
     /* TODO: move this to nstring.c */
 
-    if (strlen(string) == 0)
+    if (string == NULL || strlen(string) == 0)
         pm_asprintf(errorP, "Value is a null string");
     else {
         char * tailptr;
o' selected='selected'>koszko</option>
<option value='koszko-scripts'>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>refs</a><a class='active' href='/guix/log/gnu/packages/accessibility.scm'>log</a><a href='/guix/tree/gnu/packages/accessibility.scm?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>tree</a><a href='/guix/commit/gnu/packages/accessibility.scm?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>commit</a><a href='/guix/diff/gnu/packages/accessibility.scm?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/accessibility.scm'>
<input type='hidden' name='id' value='fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>root</a>/<a href='/guix/log/gnu?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>gnu</a>/<a href='/guix/log/gnu/packages?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>packages</a>/<a href='/guix/log/gnu/packages/accessibility.scm?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738'>accessibility.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/accessibility.scm?id=fb2347f6d161db0c0ec5fd8fd952ab8cdb7c2738&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2024-05-23 20:39:13 +0300'>2024-05-23</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=4ab8657b23ed951c6a95d18b4574e39f3aceca32'>gnu: libbraille: Fix build on some architectures.</a><span class='msg-avail'>...</span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2024-05-23 20:39:13 +0300'>2024-05-23</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=36942212908164381231f96a76fcbbf86ac2856a'>gnu: brltty: Build with java only on some architectures.</a><span class='msg-avail'>...</span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2024-05-06 23:16:55 +0300'>2024-05-06</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=3053c40995675c4b7a0c92c001e98de432326766'>gnu: mouseloupe: Update the package style.</a><span class='msg-avail'>...</span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2024-05-06 23:16:54 +0300'>2024-05-06</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=2d5b779b451dc1f6ca244d7760287c9d5f6f2f7e'>gnu: mouseloupe: Don't hardcode building for i686.</a><span class='msg-avail'>...</span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2024-02-10 11:04:35 +0000'>2024-02-10</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=ce302c99bdc7b2df69577faf2abecf72f0ec3234'>gnu: brltty: Fix python package install.</a><span class='msg-avail'>...</span></td><td>Dariqq</td></tr>
<tr><td><span title='2023-08-15 05:45:46 +0300'>2023-08-15</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=561c8851162441d2d997804cf4afb69ced2edb07'>gnu: florence: Build with librsvg-for-system.</a><span class='msg-avail'>...</span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2023-07-16 02:00:04 +0200'>2023-07-16</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=fdfea4c4ed0d31494fcb3633c26290f4eba9d2af'>gnu: brltty: Use G-expressions.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2023-07-16 02:00:04 +0200'>2023-07-16</span></td><td><a href='/guix/commit/gnu/packages/accessibility.scm?id=448e75ff9b7b605c4d9b7f73258ad31b8bd3904a'>gnu: brltty: Update to 6.6.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>

Age	Commit message (Expand)	Author
2024-05-23	gnu: libbraille: Fix build on some architectures....	Efraim Flashner
2024-05-23	gnu: brltty: Build with java only on some architectures....	Efraim Flashner
2024-05-06	gnu: mouseloupe: Update the package style....	Efraim Flashner
2024-05-06	gnu: mouseloupe: Don't hardcode building for i686....	Efraim Flashner
2024-02-10	gnu: brltty: Fix python package install....	Dariqq
2023-08-15	gnu: florence: Build with librsvg-for-system....	Efraim Flashner
2023-07-16	gnu: brltty: Use G-expressions....	Tobias Geerinckx-Rice
2023-07-16	gnu: brltty: Update to 6.6....	Tobias Geerinckx-Rice