graphics/giflib: Add patch to fix regression

There is a regression with the 5.1.2 update to giflib. This affects the
ability for applications to render gif images usually ocurring after the
first gif image is rendered. Upstream has been notified but has not yet
provided feedback.

giflib 5.1.2 was a security fix, so reverting is not reasonable.

"The removed check look redundant - I couldn't find a code path where
Private->RunningBits would exceed that limit after initialization.
(Currently Private->RunningBits is checked before it is initialized)."

PR:		207849
Submitted by:	Stefan Ehmann <shoesoft@gmx.net>
Approved by:	ports-secteam (with hat)
MFH:		2016Q1

2 files changed, 12 insertions, 1 deletions

diff --git a/graphics/giflib/Makefile b/graphics/giflib/Makefile
index 7f2e2ee91cc0..2fd96693ab7d 100644
--- a/graphics/giflib/Makefile
+++ b/graphics/giflib/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	giflib
 PORTVERSION=	5.1.2
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	graphics
 MASTER_SITES=	SF/${PORTNAME}
 
diff --git a/graphics/giflib/files/patch-lib_dgif__lib.c b/graphics/giflib/files/patch-lib_dgif__lib.c
new file mode 100644
index 000000000000..7e5060c8e9f8
--- /dev/null
+++ b/graphics/giflib/files/patch-lib_dgif__lib.c
@@ -0,0 +1,11 @@
+--- lib/dgif_lib.c.orig	2016-03-06 10:52:49.090426000 +0100
++++ lib/dgif_lib.c	2016-03-06 10:53:00.938584000 +0100
+@@ -764,7 +764,7 @@
+     BitsPerPixel = CodeSize;
+ 
+     /* this can only happen on a severely malformed GIF */
+-    if (BitsPerPixel > 8 || Private->RunningBits > 32) {
++    if (BitsPerPixel > 8) {
+ 	GifFile->Error = D_GIF_ERR_READ_FAILED;	/* somewhat bogus error code */
+ 	return GIF_ERROR;    /* Failed to read Code size. */
+     }