From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:29:00 +0100
Subject: [PATCH] netpbm: Fix CVE-2017-2586.

Copied verbatim from Debian[0].

[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2586.patch

---
diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
--- old/converter/other/svgtopam.c	2017-02-08 12:11:02.593690917 +0100
+++ new/converter/other/svgtopam.c	2017-02-08 12:13:05.192846469 +0100
@@ -676,7 +676,7 @@ stringToUint(const char *   const string
 
     /* TODO: move this to nstring.c */
 
-    if (strlen(string) == 0)
+    if (string == NULL || strlen(string) == 0)
         pm_asprintf(errorP, "Value is a null string");
     else {
         char * tailptr;
 selected='selected'>koszko</option>
<option value='koszko-scripts'>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>refs</a><a class='active' href='/guix/log/gnu/system/mapped-devices.scm'>log</a><a href='/guix/tree/gnu/system/mapped-devices.scm?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>tree</a><a href='/guix/commit/gnu/system/mapped-devices.scm?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>commit</a><a href='/guix/diff/gnu/system/mapped-devices.scm?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/system/mapped-devices.scm'>
<input type='hidden' name='id' value='30ac5ff1635959a02b30a8a09646769f1423c0db'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>root</a>/<a href='/guix/log/gnu?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>gnu</a>/<a href='/guix/log/gnu/system?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>system</a>/<a href='/guix/log/gnu/system/mapped-devices.scm?id=30ac5ff1635959a02b30a8a09646769f1423c0db'>mapped-devices.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/system/mapped-devices.scm?id=30ac5ff1635959a02b30a8a09646769f1423c0db&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2024-05-27 19:30:22 +0200'>2024-05-27</span></td><td><a href='/guix/commit/gnu/system/mapped-devices.scm?id=ed5bf620ea6366d8468e5b7dad9874c6e0e8c661'>mapped-devices: lvm: Add missing module import.</a><span class='msg-avail'>...</span></td><td>Lars-Dominik Braun</td></tr>
<tr><td><span title='2024-04-08 00:17:57 +0200'>2024-04-08</span></td><td><a href='/guix/commit/gnu/system/mapped-devices.scm?id=49f82fca4130ffcfb16aa0cf89750ab56fb99ad7'>mapped-devices: luks: Specify modules needed at the top-level.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-04-08 00:13:25 +0200'>2024-04-08</span></td><td><a href='/guix/commit/gnu/system/mapped-devices.scm?id=6062339156ecc42cac59af0d34e22fcc7da3aa4a'>mapped-devices: &lt;mapped-device-type&gt; can specify modules to import.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-01-14 23:00:03 +0100'>2024-01-14</span></td><td><a href='/guix/commit/gnu/system/mapped-devices.scm?id=d082312ef7adfea69c79d30ef947817b39832161'>mapped-devices: Allow unlocking by a key file.</a><span class='msg-avail'>...</span></td><td>Tomas Volf</td></tr>
<tr><td><span title='2022-04-08 18:14:35 +0200'>2022-04-08</span></td><td><a href='/guix/commit/gnu/system/mapped-devices.scm?id=931f13840bad7bd3cb98b7806f09ca2b3cf7cd10'>mapped-devices: Ensure 'cryptsetup open' gets a tty.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-12-01 17:51:37 +0100'>2021-12-01</span></td><td><a href='/guix/commit/gnu/system/mapped-devices.scm?id=adce91a3ec0cb2912daa6eefe9324c15ff3126f7'>gnu: system: Add LUKS2 support for the root file system.</a><span class='msg-avail'>...</span></td><td>Josselin Poiret</td></tr>

Age	Commit message (Expand)	Author
2024-05-27	mapped-devices: lvm: Add missing module import....	Lars-Dominik Braun
2024-04-08	mapped-devices: luks: Specify modules needed at the top-level....	Ludovic Courtès
2024-04-08	mapped-devices: <mapped-device-type> can specify modules to import....	Ludovic Courtès
2024-01-14	mapped-devices: Allow unlocking by a key file....	Tomas Volf
2022-04-08	mapped-devices: Ensure 'cryptsetup open' gets a tty....	Ludovic Courtès
2021-12-01	gnu: system: Add LUKS2 support for the root file system....	Josselin Poiret