[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: Revert "gnu: gd: Update to 2.2.3 [fixes CVE-2016-6207]."
|
From: |
Leo Famulari |
|
Subject: |
01/01: Revert "gnu: gd: Update to 2.2.3 [fixes CVE-2016-6207]." |
|
Date: |
Thu, 28 Jul 2016 20:46:09 +0000 (UTC) |
lfam pushed a commit to branch master
in repository guix.
commit a1dfa0223329734d2cb4f9aa034183fb2573bb9c
Author: Leo Famulari <address@hidden>
Date: Thu Jul 28 16:43:53 2016 -0400
Revert "gnu: gd: Update to 2.2.3 [fixes CVE-2016-6207]."
This reverts commit ae46cd0e4cfb1f06d099b2cda1f9e702e86c90e9.
---
gnu/local.mk | 6 +-
gnu/packages/gd.scm | 10 +-
gnu/packages/patches/gd-CVE-2016-5766.patch | 81 ++++++++
gnu/packages/patches/gd-CVE-2016-6128.patch | 253 +++++++++++++++++++++++
gnu/packages/patches/gd-CVE-2016-6132.patch | 55 +++++
gnu/packages/patches/gd-CVE-2016-6214.patch | 66 ++++++
gnu/packages/patches/gd-fix-test-on-i686.patch | 34 +++
gnu/packages/patches/gd-fix-tests-on-i686.patch | 61 ------
8 files changed, 501 insertions(+), 65 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index b0c4415..c143dd7 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -512,7 +512,11 @@ dist_patch_DATA =
\
%D%/packages/patches/gcc-cross-environment-variables.patch \
%D%/packages/patches/gcc-libvtv-runpath.patch \
%D%/packages/patches/gcc-5.0-libvtv-runpath.patch \
- %D%/packages/patches/gd-fix-tests-on-i686.patch \
+ %D%/packages/patches/gd-CVE-2016-5766.patch \
+ %D%/packages/patches/gd-CVE-2016-6128.patch \
+ %D%/packages/patches/gd-CVE-2016-6132.patch \
+ %D%/packages/patches/gd-CVE-2016-6214.patch \
+ %D%/packages/patches/gd-fix-test-on-i686.patch \
%D%/packages/patches/gegl-CVE-2012-4433.patch \
%D%/packages/patches/geoclue-config.patch \
%D%/packages/patches/ghostscript-CVE-2015-3228.patch \
diff --git a/gnu/packages/gd.scm b/gnu/packages/gd.scm
index 153e1c7..3313ee6 100644
--- a/gnu/packages/gd.scm
+++ b/gnu/packages/gd.scm
@@ -40,17 +40,21 @@
;; Note: With libgd.org now pointing to github.com, genuine old
;; tarballs are no longer available. Notably, versions 2.0.x are
;; missing.
- (version "2.2.3")
+ (version "2.2.2")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/libgd/libgd/releases/download/gd-";
version "/libgd-" version ".tar.xz"))
+ (patches (search-patches "gd-fix-test-on-i686.patch"
+ "gd-CVE-2016-5766.patch"
+ "gd-CVE-2016-6128.patch"
+ "gd-CVE-2016-6132.patch"
+ "gd-CVE-2016-6214.patch"))
(sha256
(base32
- "0g3xz8jpz1pl2zzmssglrpa9nxiaa7rmcmvgpbrjz8k9cyynqsvl"))
- (patches (search-patches "gd-fix-tests-on-i686.patch"))))
+ "1311g5mva2xlzqv3rjqjc4jjkn5lzls4skvr395h633zw1n7b7s8"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
diff --git a/gnu/packages/patches/gd-CVE-2016-5766.patch
b/gnu/packages/patches/gd-CVE-2016-5766.patch
new file mode 100644
index 0000000..400cb0a
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-5766.patch
@@ -0,0 +1,81 @@
+Fix CVE-2016-5766 (Integer Overflow in _gd2GetHeader() resulting in heap
+overflow).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
+
+Adapted from upstream commits:
+https://github.com/libgd/libgd/commit/aba3db8ba159465ecec1089027a24835a6da9cc0
+https://github.com/libgd/libgd/commit/a6a0e7feabb2a9738086a5dc96348f233c87fa79
+
+Since `patch` cannot apply Git binary diffs, we omit the addition of
+'tests/gd2/php_bug_72339.c' and its associated binary data.
+
+From aba3db8ba159465ecec1089027a24835a6da9cc0 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Tue, 28 Jun 2016 16:23:42 +0700
+Subject: [PATCH] fix php bug 72339 (CVE-2016-5766), Integer Overflow in
+ _gd2GetHeader() resulting in heap overflow
+
+---
+ src/gd_gd2.c | 5 ++++-
+ tests/gd2/CMakeLists.txt | 1 +
+ tests/gd2/Makemodule.am | 6 ++++--
+ tests/gd2/php_bug_72339.c | 21 +++++++++++++++++++++
+ tests/gd2/php_bug_72339_exp.gd2 | Bin 0 -> 67108882 bytes
+ 5 files changed, 30 insertions(+), 3 deletions(-)
+ create mode 100644 tests/gd2/php_bug_72339.c
+ create mode 100644 tests/gd2/php_bug_72339_exp.gd2
+
+diff --git a/src/gd_gd2.c b/src/gd_gd2.c
+index fd1e0c9..bdbbecf 100644
+--- a/src/gd_gd2.c
++++ b/src/gd_gd2.c
+@@ -154,8 +154,11 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
+ nc = (*ncx) * (*ncy);
+ GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
+ sidx = sizeof (t_chunk_info) * nc;
++ if (overflow2(sidx, nc)) {
++ goto fail1;
++ }
+ cidx = gdCalloc (sidx, 1);
+- if (!cidx) {
++ if (cidx == NULL) {
+ goto fail1;
+ }
+ for (i = 0; i < nc; i++) {
+From a6a0e7feabb2a9738086a5dc96348f233c87fa79 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Wed, 29 Jun 2016 09:36:26 +0700
+Subject: [PATCH] fix php bug 72339 (CVE-2016-5766), Integer Overflow in
+ _gd2GetHeader() resulting in heap overflow. Sync with php's sync
+
+---
+ src/gd_gd2.c | 7 ++++++-
+ tests/gd2/php_bug_72339.c | 2 +-
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/gd_gd2.c b/src/gd_gd2.c
+index bdbbecf..2837456 100644
+--- a/src/gd_gd2.c
++++ b/src/gd_gd2.c
+@@ -152,11 +152,16 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
+
+ if (gd2_compressed (*fmt)) {
+ nc = (*ncx) * (*ncy);
++
+ GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
++ if (overflow2(sizeof(t_chunk_info), nc)) {
++ goto fail1;
++ }
+ sidx = sizeof (t_chunk_info) * nc;
+- if (overflow2(sidx, nc)) {
++ if (sidx <= 0) {
+ goto fail1;
+ }
++
+ cidx = gdCalloc (sidx, 1);
+ if (cidx == NULL) {
+ goto fail1;
+--
+2.9.1
+
diff --git a/gnu/packages/patches/gd-CVE-2016-6128.patch
b/gnu/packages/patches/gd-CVE-2016-6128.patch
new file mode 100644
index 0000000..45ee6b0
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-6128.patch
@@ -0,0 +1,253 @@
+Fix CVE-2016-6128 (invalid color index is not properly handled leading
+to denial of service).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6128
+
+Copied from upstream commits:
+https://github.com/libgd/libgd/compare/3fe0a7128bac5000fdcfab888bd2a75ec0c9447d...fd623025505e87bba7ec8555eeb72dae4fb0afd
+
+From 1ccfe21e14c4d18336f9da8515cd17db88c3de61 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:17:39 +0700
+Subject: [PATCH 1/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ src/gd_crop.c | 4 ++++
+ tests/CMakeLists.txt | 1 +
+ tests/Makefile.am | 1 +
+ 3 files changed, 6 insertions(+)
+
+diff --git a/src/gd_crop.c b/src/gd_crop.c
+index 0296633..532b49b 100644
+--- a/src/gd_crop.c
++++ b/src/gd_crop.c
+@@ -136,6 +136,10 @@ BGD_DECLARE(gdImagePtr) gdImageCropThreshold(gdImagePtr
im, const unsigned int c
+ return NULL;
+ }
+
++ if (color < 0 || (!gdImageTrueColor(im) && color >=
gdImageColorsTotal(im))) {
++ return NULL;
++ }
++
+ /* TODO: Add gdImageGetRowPtr and works with ptr at the row level
+ * for the true color and palette images
+ * new formats will simply work with ptr
+diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
+index 6f5c786..5093d52 100644
+--- a/tests/CMakeLists.txt
++++ b/tests/CMakeLists.txt
+@@ -31,6 +31,7 @@ if (BUILD_TEST)
+ gdimagecolortransparent
+ gdimagecopy
+ gdimagecopyrotated
++ gdimagecrop
+ gdimagefile
+ gdimagefill
+ gdimagefilledellipse
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index 4f6e756..5a0ebe8 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -25,6 +25,7 @@ include gdimagecolorresolve/Makemodule.am
+ include gdimagecolortransparent/Makemodule.am
+ include gdimagecopy/Makemodule.am
+ include gdimagecopyrotated/Makemodule.am
++include gdimagecrop/Makemodule.am
+ include gdimagefile/Makemodule.am
+ include gdimagefill/Makemodule.am
+ include gdimagefilledellipse/Makemodule.am
+--
+2.9.1
+
+From 8c9f39c7cb1f62ea00bc7a48aff64d3811c2d6d0 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:20:07 +0700
+Subject: [PATCH 2/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/.gitignore | 1 +
+ 1 file changed, 1 insertion(+)
+ create mode 100644 tests/gdimagecrop/.gitignore
+
+diff --git a/tests/gdimagecrop/.gitignore b/tests/gdimagecrop/.gitignore
+new file mode 100644
+index 0000000..8e8c9c3
+--- /dev/null
++++ b/tests/gdimagecrop/.gitignore
+@@ -0,0 +1 @@
++/php_bug_72494
+--
+2.9.1
+
+From 8de370b7b6263a02268037a7cd13ddd991b43ea9 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:24:50 +0700
+Subject: [PATCH 3/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/CMakeLists.txt | 5 +++++
+ 1 file changed, 5 insertions(+)
+ create mode 100644 tests/gdimagecrop/CMakeLists.txt
+
+diff --git a/tests/gdimagecrop/CMakeLists.txt
b/tests/gdimagecrop/CMakeLists.txt
+new file mode 100644
+index 0000000..f7e4c7e
+--- /dev/null
++++ b/tests/gdimagecrop/CMakeLists.txt
+@@ -0,0 +1,5 @@
++SET(TESTS_FILES
++ php_bug_72494
++)
++
++ADD_GD_TESTS()
+--
+2.9.1
+
+From bca12e4e11ecda8a0ea719472700ad5c2b36a0d6 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:25:12 +0700
+Subject: [PATCH 4/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/Makemodule.am | 5 +++++
+ 1 file changed, 5 insertions(+)
+ create mode 100644 tests/gdimagecrop/Makemodule.am
+
+diff --git a/tests/gdimagecrop/Makemodule.am b/tests/gdimagecrop/Makemodule.am
+new file mode 100644
+index 0000000..210888b
+--- /dev/null
++++ b/tests/gdimagecrop/Makemodule.am
+@@ -0,0 +1,5 @@
++libgd_test_programs += \
++ gdimagecrop/php_bug_72494
++
++EXTRA_DIST += \
++ gdimagecrop/CMakeLists.txt
+--
+2.9.1
+
+From 6ff72ae40c7c20ece939afb362d98cc37f4a1c96 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:25:40 +0700
+Subject: [PATCH 5/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/php_bug_72494.c | 23 +++++++++++++++++++++++
+ 1 file changed, 23 insertions(+)
+ create mode 100644 tests/gdimagecrop/php_bug_72494.c
+
+diff --git a/tests/gdimagecrop/php_bug_72494.c
b/tests/gdimagecrop/php_bug_72494.c
+new file mode 100644
+index 0000000..adaa379
+--- /dev/null
++++ b/tests/gdimagecrop/php_bug_72494.c
+@@ -0,0 +1,23 @@
++#include <stdio.h>
++#include <stdlib.h>
++#include "gd.h"
++
++#include "gdtest.h"
++
++int main()
++{
++ gdImagePtr im, exp;
++ int error = 0;
++
++ im = gdImageCreate(50, 50);
++
++ if (!im) {
++ gdTestErrorMsg("gdImageCreate failed.\n");
++ return 1;
++ }
++
++ gdImageCropThreshold(im, 1337, 0);
++ gdImageDestroy(im);
++ /* this bug tests a crash, it never reaches this point if the bug
exists*/
++ return 0;
++}
+--
+2.9.1
+
+From a0f9f8f7bd0d3a6c6afd6d180b8e75d93aadddfa Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:38:07 +0700
+Subject: [PATCH 6/8] fix php 72494, CID 149753, color is unsigned int, remove
+ useless <0 comparison
+
+---
+ src/gd_crop.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/gd_crop.c b/src/gd_crop.c
+index 532b49b..d51ad67 100644
+--- a/src/gd_crop.c
++++ b/src/gd_crop.c
+@@ -136,7 +136,7 @@ BGD_DECLARE(gdImagePtr) gdImageCropThreshold(gdImagePtr
im, const unsigned int c
+ return NULL;
+ }
+
+- if (color < 0 || (!gdImageTrueColor(im) && color >=
gdImageColorsTotal(im))) {
++ if (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im)) {
+ return NULL;
+ }
+
+--
+2.9.1
+
+From 907115fbb980862934d0de91af4977a216745039 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 11:51:40 +0700
+Subject: [PATCH 7/8] fix php 72494, CID 149753, color is unsigned int, remove
+ useless <0 comparison
+
+---
+ tests/gdimagecrop/php_bug_72494.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/gdimagecrop/php_bug_72494.c
b/tests/gdimagecrop/php_bug_72494.c
+index adaa379..5cb589b 100644
+--- a/tests/gdimagecrop/php_bug_72494.c
++++ b/tests/gdimagecrop/php_bug_72494.c
+@@ -6,7 +6,7 @@
+
+ int main()
+ {
+- gdImagePtr im, exp;
++ gdImagePtr im;
+ int error = 0;
+
+ im = gdImageCreate(50, 50);
+--
+2.9.1
+
+From fd623025505e87bba7ec8555eeb72dae4fb0afdc Mon Sep 17 00:00:00 2001
+From: Pierre Joye <address@hidden>
+Date: Mon, 27 Jun 2016 12:04:25 +0700
+Subject: [PATCH 8/8] fix php 72494, CID 149753, color is unsigned int, remove
+ useless <0 comparison
+
+---
+ tests/gdimagecrop/php_bug_72494.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/tests/gdimagecrop/php_bug_72494.c
b/tests/gdimagecrop/php_bug_72494.c
+index 5cb589b..3bd19be 100644
+--- a/tests/gdimagecrop/php_bug_72494.c
++++ b/tests/gdimagecrop/php_bug_72494.c
+@@ -7,7 +7,6 @@
+ int main()
+ {
+ gdImagePtr im;
+- int error = 0;
+
+ im = gdImageCreate(50, 50);
+
+--
+2.9.1
+
diff --git a/gnu/packages/patches/gd-CVE-2016-6132.patch
b/gnu/packages/patches/gd-CVE-2016-6132.patch
new file mode 100644
index 0000000..4c475b7
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-6132.patch
@@ -0,0 +1,55 @@
+Fix CVE-2016-6132 (read out-of-bounds when parsing TGA files).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6132
+
+Copied from upstream commit:
+https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
+
+From ead349e99868303b37f5e6e9d9d680c9dc71ff8d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <address@hidden>
+Date: Tue, 12 Jul 2016 11:24:09 +0200
+Subject: [PATCH] Fix #247, A read out-of-bands was found in the parsing of TGA
+ files (CVE-2016-6132)
+
+---
+ src/gd_tga.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/src/gd_tga.c b/src/gd_tga.c
+index ef20f86..20fe2d2 100644
+--- a/src/gd_tga.c
++++ b/src/gd_tga.c
+@@ -237,7 +237,11 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga )
+ return -1;
+ }
+
+- gdGetBuf(conversion_buffer, image_block_size, ctx);
++ if (gdGetBuf(conversion_buffer, image_block_size, ctx) !=
image_block_size) {
++ gd_error("gd-tga: premature end of image data\n");
++ gdFree(conversion_buffer);
++ return -1;
++ }
+
+ while (buffer_caret < image_block_size) {
+ tga->bitmap[buffer_caret] = (int)
conversion_buffer[buffer_caret];
+@@ -257,11 +261,16 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga )
+ }
+ conversion_buffer = (unsigned char *) gdMalloc(image_block_size
* sizeof(unsigned char));
+ if (conversion_buffer == NULL) {
++ gd_error("gd-tga: premature end of image data\n");
+ gdFree( decompression_buffer );
+ return -1;
+ }
+
+- gdGetBuf( conversion_buffer, image_block_size, ctx );
++ if (gdGetBuf(conversion_buffer, image_block_size, ctx) !=
image_block_size) {
++ gdFree(conversion_buffer);
++ gdFree(decompression_buffer);
++ return -1;
++ }
+
+ buffer_caret = 0;
+
+--
+2.9.1
+
diff --git a/gnu/packages/patches/gd-CVE-2016-6214.patch
b/gnu/packages/patches/gd-CVE-2016-6214.patch
new file mode 100644
index 0000000..7894a32
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-6214.patch
@@ -0,0 +1,66 @@
+Fix CVE-2016-6214 (read out-of-bounds when parsing TGA files).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214
+
+Adapted from upstream commit:
+https://github.com/libgd/libgd/commit/341aa68843ceceae9ba6e083431f14a07bd92308
+
+Since `patch` cannot apply Git binary diffs, we omit the addition of
+'tests/tga/bug00247a.c' and its associated binary data.
+
+From 341aa68843ceceae9ba6e083431f14a07bd92308 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <address@hidden>
+Date: Tue, 12 Jul 2016 19:23:13 +0200
+Subject: [PATCH] Unsupported TGA bpp/alphabit combinations should error
+ gracefully
+
+Currently, only 24bpp without alphabits and 32bpp with 8 alphabits are
+really supported. All other combinations will be rejected with a warning.
+
+(cherry picked from commit cb1a0b7e54e9aa118270c23a4a6fe560e4590dc9)
+---
+ src/gd_tga.c | 16 ++++++----------
+ tests/tga/.gitignore | 1 +
+ tests/tga/CMakeLists.txt | 1 +
+ tests/tga/Makemodule.am | 4 +++-
+ tests/tga/bug00247a.c | 19 +++++++++++++++++++
+ tests/tga/bug00247a.tga | Bin 0 -> 36 bytes
+ 6 files changed, 30 insertions(+), 11 deletions(-)
+ create mode 100644 tests/tga/bug00247a.c
+ create mode 100644 tests/tga/bug00247a.tga
+
+diff --git a/src/gd_tga.c b/src/gd_tga.c
+index 20fe2d2..b4f8fa6 100644
+--- a/src/gd_tga.c
++++ b/src/gd_tga.c
+@@ -99,7 +99,7 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromTgaCtx(gdIOCtx* ctx)
+ if (tga->bits == TGA_BPP_24) {
+ *tpix = gdTrueColor(tga->bitmap[bitmap_caret +
2], tga->bitmap[bitmap_caret + 1], tga->bitmap[bitmap_caret]);
+ bitmap_caret += 3;
+- } else if (tga->bits == TGA_BPP_32 || tga->alphabits) {
++ } else if (tga->bits == TGA_BPP_32 && tga->alphabits) {
+ register int a = tga->bitmap[bitmap_caret + 3];
+
+ *tpix =
gdTrueColorAlpha(tga->bitmap[bitmap_caret + 2], tga->bitmap[bitmap_caret + 1],
tga->bitmap[bitmap_caret], gdAlphaMax - (a >> 1));
+@@ -159,16 +159,12 @@ int read_header_tga(gdIOCtx *ctx, oTga *tga)
+ printf("wxh: %i %i\n", tga->width, tga->height);
+ #endif
+
+- switch(tga->bits) {
+- case 8:
+- case 16:
+- case 24:
+- case 32:
+- break;
+- default:
+- gd_error("bps %i not supported", tga->bits);
++ if (!((tga->bits == TGA_BPP_24 && tga->alphabits == 0)
++ || (tga->bits == TGA_BPP_32 && tga->alphabits == 8)))
++ {
++ gd_error_ex(GD_WARNING, "gd-tga: %u bits per pixel with %u
alpha bits not supported\n",
++ tga->bits, tga->alphabits);
+ return -1;
+- break;
+ }
+
+ tga->ident = NULL;
diff --git a/gnu/packages/patches/gd-fix-test-on-i686.patch
b/gnu/packages/patches/gd-fix-test-on-i686.patch
new file mode 100644
index 0000000..6dd2e0f
--- /dev/null
+++ b/gnu/packages/patches/gd-fix-test-on-i686.patch
@@ -0,0 +1,34 @@
+Disable part of the gdimagerotate test on architectures such as i686
+where intermediate floating-point operations are done with 80-bit long
+doubles, and typically later rounded to 64-bit doubles. This double
+rounding causes small differences in the resulting pixel values
+compared with other architectures, causing the image comparison to
+fail.
+
+Patch by Mark H Weaver <address@hidden>.
+
+--- libgd-2.2.2/tests/gdimagerotate/bug00067.c 1969-12-31 19:00:00.000000000
-0500
++++ libgd-2.2.2/tests/gdimagerotate/bug00067.c 2016-07-18 12:19:19.885423132
-0400
+@@ -1,5 +1,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <float.h>
+ #include "gd.h"
+
+ #include "gdtest.h"
+@@ -41,6 +42,7 @@
+ return 1;
+ }
+
++#if FLT_EVAL_METHOD != 2
+ sprintf(filename, "bug00067_%03d_exp.png", angle);
+ path = gdTestFilePath2("gdimagerotate", filename);
+ if (!gdAssertImageEqualsToFile(path, exp)) {
+@@ -48,6 +50,7 @@
+ error += 1;
+ }
+ free(path);
++#endif
+
+ gdImageDestroy(exp);
+ }
diff --git a/gnu/packages/patches/gd-fix-tests-on-i686.patch
b/gnu/packages/patches/gd-fix-tests-on-i686.patch
deleted file mode 100644
index 8db64e6..0000000
--- a/gnu/packages/patches/gd-fix-tests-on-i686.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-Disable some image comparison tests on architectures such as i686
-where intermediate floating-point operations are done with 80-bit long
-doubles, and typically later rounded to 64-bit doubles. This double
-rounding causes small differences in the resulting pixel values
-compared with other architectures, causing the image comparisons to
-fail.
-
-Patch by Mark H Weaver <address@hidden>.
-
---- libgd-2.2.3/tests/gdimagerotate/bug00067.c 2016-06-18 05:42:16.000000000
-0400
-+++ libgd-2.2.3/tests/gdimagerotate/bug00067.c 2016-07-28 13:43:48.470767178
-0400
-@@ -1,5 +1,6 @@
- #include <stdio.h>
- #include <stdlib.h>
-+#include <float.h>
- #include "gd.h"
-
- #include "gdtest.h"
-@@ -43,7 +44,7 @@
-
- sprintf(filename, "bug00067_%03d_exp.png", angle);
- path = gdTestFilePath2("gdimagerotate", filename);
-- if (!gdAssertImageEqualsToFile(path, exp)) {
-+ if (FLT_EVAL_METHOD != 2 && !gdAssertImageEqualsToFile(path,
exp)) {
- gdTestErrorMsg("comparing rotated image to %s
failed.\n", path);
- error += 1;
- }
---- libgd-2.2.3/tests/gdimagecopyresampled/bug00201.c 2016-07-21
04:06:42.000000000 -0400
-+++ libgd-2.2.3/tests/gdimagecopyresampled/bug00201.c 2016-07-28
13:56:46.021447064 -0400
-@@ -1,3 +1,4 @@
-+#include <float.h>
- #include "gd.h"
- #include "gdtest.h"
-
-@@ -65,7 +66,7 @@
- gdImageDestroy(background);
- gdImageDestroy(scaled_logo);
-
-- gdAssertImageEqualsToFile("gdimagecopyresampled/bug00201_exp.png", img);
-+ FLT_EVAL_METHOD != 2 &&
gdAssertImageEqualsToFile("gdimagecopyresampled/bug00201_exp.png", img);
- gdImageDestroy(img);
- return gdNumFailures();
- }
---- libgd-2.2.3/tests/gdimagecopyresampled/basic_alpha.c 2016-07-21
04:06:42.000000000 -0400
-+++ libgd-2.2.3/tests/gdimagecopyresampled/basic_alpha.c 2016-07-28
13:57:18.857831608 -0400
-@@ -1,5 +1,6 @@
- /* Testing basic gdImageCopyResampled() functionality with alpha channel */
-
-+#include <float.h>
- #include "gd.h"
- #include "gdtest.h"
-
-@@ -33,7 +34,7 @@
- gdImageCopyResampled(copy, im, 0,0, 0,0, 200,200, 400,300);
- gdImageDestroy(im);
-
-- gdAssertImageEqualsToFile("gdimagecopyresampled/basic_alpha_exp.png",
copy);
-+ FLT_EVAL_METHOD != 2 &&
gdAssertImageEqualsToFile("gdimagecopyresampled/basic_alpha_exp.png", copy);
-
- gdImageDestroy(copy);
- return gdNumFailures();