diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/Makefile /usr/local/poudriere/ports/experimental/graphics/libwmf/Makefile
--- /usr/local/poudriere/ports/official/graphics/libwmf/Makefile	2018-01-05 00:25:04.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/Makefile	2019-02-17 12:04:49.324421000 +0100
@@ -7,7 +7,7 @@
 CATEGORIES=	graphics
 MASTER_SITES=	SF/wvware/${PORTNAME}/${PORTVERSION}
 
-MAINTAINER=	ports@FreeBSD.org
+MAINTAINER=	phascolarctos@protonmail.ch
 COMMENT=	Tools and library for converting Microsoft WMF (windows metafile)
 
 LICENSE=	GPLv2+
@@ -16,18 +16,19 @@
 LIB_DEPENDS=	libpng.so:graphics/png \
 		libfreetype.so:print/freetype2
 
-CONFLICTS?=	libwmf-nox11-[0-9]*
+USES=		gnome jpeg libtool
+USE_GNOME=	libxml2
+USE_LDCONFIG=	yes
 
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--with-sys-gd=no \
 		--with-png=${LOCALBASE} --with-jpeg=${LOCALBASE} \
 		--with-gsfontdir=${LOCALBASE}/share/ghostscript/fonts
 INSTALL_TARGET=	install-strip
-USES=		jpeg libtool
-USE_GNOME=	libxml2
-USE_LDCONFIG=	yes
 
 PORTDOCS=	*
+
+CONFLICTS?=	libwmf-nox11-[0-9]*
 
 OPTIONS_DEFINE=	X11 DOCS
 OPTIONS_DEFAULT=X11
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CAN-2004-0941 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CAN-2004-0941
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CAN-2004-0941	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CAN-2004-0941	1970-01-01 01:00:00.000000000 +0100
@@ -1,17 +0,0 @@
---- src/extra/gd/gd_png.c	2004-11-11 14:02:37.407589824 -0500
-+++ src/extra/gd/gd_png.c	2004-11-11 14:04:29.672522960 -0500
-@@ -188,6 +188,14 @@
- 
-   png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
- 		&interlace_type, NULL, NULL);
-+  if (overflow2(sizeof (int), width)) 
-+    {
-+      return NULL;
-+    }
-+  if (overflow2(sizeof (int) * width, height)) 
-+    {
-+      return NULL;
-+    }  
-   if ((color_type == PNG_COLOR_TYPE_RGB) ||
-       (color_type == PNG_COLOR_TYPE_RGB_ALPHA))
-     {
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-0455 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-0455
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-0455	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-0455	1970-01-01 01:00:00.000000000 +0100
@@ -1,11 +0,0 @@
---- src/extra/gd/gdft.c	2010-12-06 11:18:26.000000000 +0000
-+++ src/extra/gd/gdft.c	2010-12-06 11:21:09.000000000 +0000
-@@ -811,7 +811,7 @@
- 	    {
- 	      ch = c & 0xFF;	/* don't extend sign */
- 	    }
--	  next++;
-+	  if (*next) next++;
- 	}
-       else
- 	{
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-2756 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-2756
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-2756	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-2756	1970-01-01 01:00:00.000000000 +0100
@@ -1,16 +0,0 @@
---- src/extra/gd/gd_png.c	1 Apr 2007 20:41:01 -0000	1.21.2.1
-+++ src/extra/gd/gd_png.c	16 May 2007 19:06:11 -0000
-@@ -78,8 +78,11 @@
- gdPngReadData (png_structp png_ptr,
- 	       png_bytep data, png_size_t length)
- {
--  gdGetBuf (data, length, (gdIOCtx *)
--	    png_get_io_ptr (png_ptr));
-+  int check;
-+  check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
-+  if (check != length) {
-+    png_error(png_ptr, "Read Error: truncated data");
-+  }
- }
- 
- static void
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-3472 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-3472
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-3472	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-3472	1970-01-01 01:00:00.000000000 +0100
@@ -1,61 +0,0 @@
-Patch modified slightly from upstream CentOS version
-
---- src/extra/gd/gd.c
-+++ src/extra/gd/gd.c
-@@ -106,6 +106,18 @@
-   gdImagePtr im;
-   unsigned long cpa_size;
- 
-+  if (overflow2(sx, sy)) {
-+    return NULL;
-+  }
-+
-+  if (overflow2(sizeof (int *), sy)) {
-+    return NULL;
-+  }
-+
-+  if (overflow2(sizeof(int), sx)) {
-+    return NULL;
-+  }
-+
-   im = (gdImage *) gdMalloc (sizeof (gdImage));
-   if (im == 0) return 0;
-   memset (im, 0, sizeof (gdImage));
---- src/extra/gd/gdhelpers.c	2010-12-06 11:47:31.000000000 +0000
-+++ src/extra/gd/gdhelpers.c	2010-12-06 11:48:04.000000000 +0000
-@@ -2,6 +2,7 @@
- #include "gdhelpers.h"
- #include <stdlib.h>
- #include <string.h>
-+#include <limits.h>
- 
- /* TBB: gd_strtok_r is not portable; provide an implementation */
- 
-@@ -94,3 +95,18 @@
- {
-   free (ptr);
- }
-+
-+int overflow2(int a, int b)
-+{
-+	if(a < 0 || b < 0) {
-+		fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n");
-+		return 1;
-+	}
-+	if(b == 0)
-+		return 0;
-+	if(a > INT_MAX / b) {
-+		fprintf(stderr, "gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n");
-+		return 1;
-+	}
-+	return 0;
-+}
---- src/extra/gd/gdhelpers.h	2010-12-06 11:47:17.000000000 +0000
-+++ src/extra/gd/gdhelpers.h	2010-12-06 11:48:36.000000000 +0000
-@@ -15,4 +15,6 @@
- void *gdMalloc(size_t size);
- void *gdRealloc(void *ptr, size_t size);
- 
-+int overflow2(int a, int b);
-+
- #endif /* GDHELPERS_H */
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-3473 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-3473
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-3473	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-3473	1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
---- src/extra/gd/gd.c
-+++ src/extra/gd/gd.c
-@@ -2483,6 +2483,10 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXbm (FILE * fd)
-     }
-   bytes = (w * h / 8) + 1;
-   im = gdImageCreate (w, h);
-+  if (!im) {
-+    return 0;
-+  }
-+
-   gdImageColorAllocate (im, 255, 255, 255);
-   gdImageColorAllocate (im, 0, 0, 0);
-   x = 0;
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-3477 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-3477
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2007-3477	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2007-3477	1970-01-01 01:00:00.000000000 +0100
@@ -1,38 +0,0 @@
---- src/extra/gd/gd.c
-+++ src/extra/gd/gd.c
-@@ -1335,10 +1335,31 @@
-   int w2, h2;
-   w2 = w / 2;
-   h2 = h / 2;
--  while (e < s)
--    {
--      e += 360;
--    }
-+
-+  if ((s % 360)  == (e % 360)) {
-+         s = 0; e = 360;
-+  } else {
-+         if (s > 360) {
-+                 s = s % 360;
-+         }
-+
-+         if (e > 360) {
-+                 e = e % 360;
-+         }
-+
-+         while (s < 0) {
-+                 s += 360;
-+         }
-+
-+         while (e < s) {
-+                 e += 360;
-+         }
-+
-+         if (s == e) {
-+                 s = 0; e = 360;
-+         }
-+  }
-+
-   for (i = s; (i <= e); i++)
-     {
-       int x, y;
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2009-3546 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2009-3546
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-CVE-2009-3546	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-CVE-2009-3546	1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
---- src/extra/gd/gd_gd.c	2010-12-06 14:56:06.000000000 +0000
-+++ src/extra/gd/gd_gd.c	2010-12-06 14:57:04.000000000 +0000
-@@ -42,6 +42,10 @@
- 	    {
- 	      goto fail1;
- 	    }
-+	  if (&im->colorsTotal > gdMaxColors)
-+	    {
-+	      goto fail1;
-+	    }
- 	}
-       /* Int to accommodate truecolor single-color transparency */
-       if (!gdGetInt (&im->transparent, in))
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-cve-2006-3376 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-cve-2006-3376
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-cve-2006-3376	2014-01-22 18:40:44.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-cve-2006-3376	1970-01-01 01:00:00.000000000 +0100
@@ -1,27 +0,0 @@
---- src/player.c
-+++ src/player.c
-@@ -23,6 +23,7 @@
- 
- #include <stdio.h>
- #include <stdlib.h>
-+#include <stdint.h>
- #include <string.h>
- #include <math.h>
- 
-@@ -132,8 +133,14 @@
- 		}
- 	}
- 
--/*	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
-- */	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
-+	if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
-+	{
-+		API->err = wmf_E_InsMem;
-+		WMF_DEBUG (API,"bailing...");
-+		return (API->err);
-+	}
-+
-+ 	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
- 
- 	if (ERR (API))
- 	{	WMF_DEBUG (API,"bailing...");
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-cve-2009-1364 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-cve-2009-1364
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-cve-2009-1364	2014-01-22 18:40:44.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-cve-2009-1364	1970-01-01 01:00:00.000000000 +0100
@@ -1,10 +0,0 @@
---- src/extra/gd/gd_clip.c
-+++ src/extra/gd/gd_clip.c
-@@ -70,6 +70,7 @@
- 	{	more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle));
- 		if (more == 0) return;
- 		im->clip->max += 8;
-+		im->clip->list = more;
- 	}
- 	im->clip->list[im->clip->count] = (*rect);
- 	im->clip->count++;
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-deb784192-CVE-2015-4696 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-deb784192-CVE-2015-4696
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-deb784192-CVE-2015-4696	2015-09-07 13:50:19.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-deb784192-CVE-2015-4696	1970-01-01 01:00:00.000000000 +0100
@@ -1,23 +0,0 @@
---- src/player/meta.h
-+++ src/player/meta.h
-@@ -2585,6 +2585,8 @@
- 			polyrect.BR[i] = clip->rects[i].BR;
- 		}
- 
-+		if (FR->region_clip) FR->region_clip (API,&polyrect);
-+
- 		wmf_free (API,polyrect.TL);
- 		wmf_free (API,polyrect.BR);
- 	}
-@@ -2593,9 +2595,10 @@
- 		polyrect.BR = 0;
- 
- 		polyrect.count = 0;
-+	
-+		if (FR->region_clip) FR->region_clip (API,&polyrect);
- 	}
- 
--	if (FR->region_clip) FR->region_clip (API,&polyrect);
- 
- 	return (changed);
- }
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-deb784205-CVE-2015-4695 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-deb784205-CVE-2015-4695
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-deb784205-CVE-2015-4695	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-deb784205-CVE-2015-4695	1970-01-01 01:00:00.000000000 +0100
@@ -1,58 +0,0 @@
-Index: src/player/meta.h
-===================================================================
---- libwmf-0.2.8.4.orig/src/player/meta.h
-+++ src/player/meta.h
-@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API,
- 	objects = P->objects;
- 
- 	i = 0;
--	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
- 
- 	if (i == NUM_OBJECTS (API))
- 	{	WMF_ERROR (API,"Object out of range!");
-@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,w
- 	objects = P->objects;
- 
- 	i = 0;
--	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
- 
- 	if (i == NUM_OBJECTS (API))
- 	{	WMF_ERROR (API,"Object out of range!");
-@@ -3067,7 +3067,7 @@ static int meta_pen_create (wmfAPI* API,
- 	objects = P->objects;
- 
- 	i = 0;
--	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
- 
- 	if (i == NUM_OBJECTS (API))
- 	{	WMF_ERROR (API,"Object out of range!");
-@@ -3181,7 +3181,7 @@ static int meta_brush_create (wmfAPI* AP
- 	objects = P->objects;
- 
- 	i = 0;
--	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
- 
- 	if (i == NUM_OBJECTS (API))
- 	{	WMF_ERROR (API,"Object out of range!");
-@@ -3288,7 +3288,7 @@ static int meta_font_create (wmfAPI* API
- 	objects = P->objects;
- 
- 	i = 0;
--	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
- 
- 	if (i == NUM_OBJECTS (API))
- 	{	WMF_ERROR (API,"Object out of range!");
-@@ -3396,7 +3396,7 @@ static int meta_palette_create (wmfAPI*
- 	objects = P->objects;
- 
- 	i = 0;
--	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
-+	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
- 
- 	if (i == NUM_OBJECTS (API))
- 	{	WMF_ERROR (API,"Object out of range!");
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-gd_png.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-gd_png.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-gd_png.c	2014-01-22 18:40:44.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-gd_png.c	1970-01-01 01:00:00.000000000 +0100
@@ -1,11 +0,0 @@
---- src/extra/gd/gd_png.c.orig	2010-03-28 12:44:53.000000000 +0200
-+++ src/extra/gd/gd_png.c	2010-03-28 12:45:16.000000000 +0200
-@@ -136,7 +136,7 @@
-   /* first do a quick check that the file really is a PNG image; could
-    * have used slightly more general png_sig_cmp() function instead */
-   gdGetBuf (sig, 8, infile);
--  if (!png_check_sig (sig, 8))
-+  if (png_sig_cmp (sig, 0, 8))
-     return NULL;		/* bad signature */
- 
- #ifndef PNG_SETJMP_NOT_SUPPORTED
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-rh1227243-CVE-2015-0848 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-rh1227243-CVE-2015-0848
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-rh1227243-CVE-2015-0848	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-rh1227243-CVE-2015-0848	1970-01-01 01:00:00.000000000 +0100
@@ -1,20 +0,0 @@
---- src/ipa/ipa/bmp.h	2015-06-02 11:35:04.072201795 +0100
-+++ src/ipa/ipa/bmp.h	2015-06-02 11:35:20.647406414 +0100
-@@ -1145,8 +1143,15 @@
- 		}
- 	}
- 	else
--	{	/* Convert run-length encoded raster pixels. */
--		DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
-+	{
-+		if (bmp_info.bits_per_pixel == 8)	/* Convert run-length encoded raster pixels. */
-+		{
-+			DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
-+		}
-+		else
-+		{	WMF_ERROR (API,"Unexpected pixel depth");
-+			API->err = wmf_E_BadFormat;
-+		}
- 	}
- 
- 	if (ERR (API))
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-rh1227243-CVE-2015-4588 /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-rh1227243-CVE-2015-4588
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-rh1227243-CVE-2015-4588	2015-07-16 18:47:21.000000000 +0200
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-rh1227243-CVE-2015-4588	1970-01-01 01:00:00.000000000 +0100
@@ -1,111 +0,0 @@
-diff -ru src/ipa/ipa/bmp.h src/ipa/ipa/bmp.h
---- src/ipa/ipa/bmp.h	2015-06-03 09:30:59.410501271 +0100
-+++ src/ipa/ipa/bmp.h	2015-06-03 09:31:05.775572630 +0100
-@@ -859,7 +859,7 @@
- %
- %
- */
--static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels)
-+static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels)
- {	int byte;
- 	int count;
- 	int i;
-@@ -870,12 +870,14 @@
- 	U32 u;
- 
- 	unsigned char* q;
-+	unsigned char* end;
- 
- 	for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0;
- 
- 	byte = 0;
- 	x = 0;
- 	q = pixels;
-+	end = pixels + bmp->width * bmp->height;
- 
- 	for (y = 0; y < bmp->height; )
- 	{	count = ReadBlobByte (src);
-@@ -884,7 +886,10 @@
- 		{	/* Encoded mode. */
- 			byte = ReadBlobByte (src);
- 			for (i = 0; i < count; i++)
--			{	if (compression == 1)
-+			{	
-+				if (q == end)
-+					return 0;
-+			 	if (compression == 1)
- 				{	(*(q++)) = (unsigned char) byte;
- 				}
- 				else
-@@ -896,13 +901,15 @@
- 		else
- 		{	/* Escape mode. */
- 			count = ReadBlobByte (src);
--			if (count == 0x01) return;
-+			if (count == 0x01) return 1;
- 			switch (count)
- 			{
- 			case 0x00:
- 			 {	/* End of line. */
- 				x = 0;
- 				y++;
-+				if (y >= bmp->height)
-+					return 0;
- 				q = pixels + y * bmp->width;
- 				break;
- 			 }
-@@ -910,13 +917,20 @@
- 			 {	/* Delta mode. */
- 				x += ReadBlobByte (src);
- 				y += ReadBlobByte (src);
-+				if (y >= bmp->height)
-+					return 0;
-+				if (x >= bmp->width)
-+					return 0;
- 				q = pixels + y * bmp->width + x;
- 				break;
- 			 }
- 			default:
- 			 {	/* Absolute mode. */
- 				for (i = 0; i < count; i++)
--				{	if (compression == 1)
-+				{
-+					if (q == end)
-+						return 0;
-+					if (compression == 1)
- 					{	(*(q++)) = ReadBlobByte (src);
- 					}
- 					else
-@@ -943,7 +957,7 @@
- 	byte = ReadBlobByte (src);  /* end of line */
- 	byte = ReadBlobByte (src);
- 
--	return;
-+	return 1;
- }
- 
- /*
-@@ -1146,7 +1160,10 @@
- 	{
- 		if (bmp_info.bits_per_pixel == 8)	/* Convert run-length encoded raster pixels. */
- 		{
--			DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
-+			if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image))
-+			{	WMF_ERROR (API,"corrupt bmp");
-+				API->err = wmf_E_BadFormat;
-+			}
- 		}
- 		else
- 		{	WMF_ERROR (API,"Unexpected pixel depth");
-diff -ru src/ipa/ipa.h src/ipa/ipa.h
---- src/ipa/ipa.h	2015-06-03 09:30:59.410501271 +0100
-+++ src/ipa/ipa.h	2015-06-03 09:31:08.687605277 +0100
-@@ -48,7 +48,7 @@
- static unsigned short ReadBlobLSBShort (BMPSource*);
- static unsigned long  ReadBlobLSBLong (BMPSource*);
- static long           TellBlob (BMPSource*);
--static void           DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*);
-+static int            DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*);
- static void           ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*);
- static int            ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int);
- static void           SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int);
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd.c	2019-02-17 11:48:36.596597000 +0100
@@ -0,0 +1,38 @@
+--- src/extra/gd/gd.c.orig	2019-02-17 10:47:58 UTC
++++ src/extra/gd/gd.c
+@@ -1333,10 +1333,31 @@ gdImageFilledArc (gdImagePtr im, int cx, int cy, int w
+   int w2, h2;
+   w2 = w / 2;
+   h2 = h / 2;
+-  while (e < s)
+-    {
+-      e += 360;
+-    }
++
++  if ((s % 360)  == (e % 360)) {
++         s = 0; e = 360;
++  } else {
++         if (s > 360) {
++                 s = s % 360;
++         }
++
++         if (e > 360) {
++                 e = e % 360;
++         }
++
++         while (s < 0) {
++                 s += 360;
++         }
++
++         while (e < s) {
++                 e += 360;
++         }
++
++         if (s == e) {
++                 s = 0; e = 360;
++         }
++  }
++
+   for (i = s; (i <= e); i++)
+     {
+       int x, y;
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd__clip.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd__clip.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd__clip.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd__clip.c	2019-02-17 11:48:36.600225000 +0100
@@ -0,0 +1,10 @@
+--- src/extra/gd/gd_clip.c.orig	2001-03-28 09:37:29 UTC
++++ src/extra/gd/gd_clip.c
+@@ -70,6 +70,7 @@ void gdClipSetAdd(gdImagePtr im,gdClipRectanglePtr rec
+ 	{	more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle));
+ 		if (more == 0) return;
+ 		im->clip->max += 8;
++		im->clip->list = more;
+ 	}
+ 	im->clip->list[im->clip->count] = (*rect);
+ 	im->clip->count++;
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd__gd.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd__gd.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd__gd.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd__gd.c	2019-02-17 11:48:36.604246000 +0100
@@ -0,0 +1,13 @@
+--- src/extra/gd/gd_gd.c.orig	2005-07-27 20:35:05 UTC
++++ src/extra/gd/gd_gd.c
+@@ -37,6 +37,10 @@ _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFla
+ 	    {
+ 	      goto fail1;
+ 	    }
++	  if (&im->colorsTotal > gdMaxColors)
++	    {
++	      goto fail1;
++	    }
+ 	}
+       /* Int to accommodate truecolor single-color transparency */
+       if (!gdGetInt (&im->transparent, in))
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd__png.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd__png.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gd__png.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gd__png.c	2019-02-17 11:48:36.607680000 +0100
@@ -0,0 +1,11 @@
+--- src/extra/gd/gd_png.c.orig	2019-02-17 10:47:58 UTC
++++ src/extra/gd/gd_png.c
+@@ -139,7 +139,7 @@ gdImageCreateFromPngCtx (gdIOCtx * infile)
+   /* first do a quick check that the file really is a PNG image; could
+    * have used slightly more general png_sig_cmp() function instead */
+   gdGetBuf (sig, 8, infile);
+-  if (!png_check_sig (sig, 8))
++  if (png_sig_cmp (sig, 0, 8))
+     return NULL;		/* bad signature */
+ 
+ #ifndef PNG_SETJMP_NOT_SUPPORTED
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gdft.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gdft.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gdft.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gdft.c	2019-02-17 11:48:36.611223000 +0100
@@ -0,0 +1,11 @@
+--- src/extra/gd/gdft.c.orig	2005-07-27 20:35:05 UTC
++++ src/extra/gd/gdft.c
+@@ -809,7 +809,7 @@ gdImageStringFT (gdImage * im, int *brect, int fg, cha
+ 	    {
+ 	      ch = c & 0xFF;	/* don't extend sign */
+ 	    }
+-	  next++;
++	  if (*next) next++;
+ 	}
+       else
+ 	{
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.c	2019-02-17 11:48:36.614794000 +0100
@@ -0,0 +1,30 @@
+--- src/extra/gd/gdhelpers.c.orig	2005-07-27 20:35:05 UTC
++++ src/extra/gd/gdhelpers.c
+@@ -2,6 +2,7 @@
+ #include "gdhelpers.h"
+ #include <stdlib.h>
+ #include <string.h>
++#include <limits.h>
+ 
+ /* TBB: gd_strtok_r is not portable; provide an implementation */
+ 
+@@ -93,4 +94,19 @@ void
+ gdFree (void *ptr)
+ {
+   free (ptr);
++}
++
++int overflow2(int a, int b)
++{
++	if(a < 0 || b < 0) {
++		fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n");
++		return 1;
++	}
++	if(b == 0)
++		return 0;
++	if(a > INT_MAX / b) {
++		fprintf(stderr, "gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n");
++		return 1;
++	}
++	return 0;
+ }
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.h /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.h
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.h	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_extra_gd_gdhelpers.h	2019-02-17 11:48:36.618501000 +0100
@@ -0,0 +1,10 @@
+--- src/extra/gd/gdhelpers.h.orig	2001-03-28 09:37:31 UTC
++++ src/extra/gd/gdhelpers.h
+@@ -13,5 +13,7 @@ void *gdCalloc(size_t nmemb, size_t size);
+ void *gdMalloc(size_t size);
+ void *gdRealloc(void *ptr, size_t size);
+ 
++int overflow2(int a, int b);
++
+ #endif /* GDHELPERS_H */
+ 
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_ipa_ipa.h /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_ipa_ipa.h
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_ipa_ipa.h	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_ipa_ipa.h	2019-02-17 11:48:36.622009000 +0100
@@ -0,0 +1,11 @@
+--- src/ipa/ipa.h.orig	2001-10-28 14:07:20 UTC
++++ src/ipa/ipa.h
+@@ -48,7 +48,7 @@ static int            ReadBlobByte (BMPSource*);
+ static unsigned short ReadBlobLSBShort (BMPSource*);
+ static unsigned long  ReadBlobLSBLong (BMPSource*);
+ static long           TellBlob (BMPSource*);
+-static void           DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*);
++static int            DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*);
+ static void           ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*);
+ static int            ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int);
+ static void           SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int);
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_ipa_ipa_bmp.h /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_ipa_ipa_bmp.h
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_ipa_ipa_bmp.h	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_ipa_ipa_bmp.h	2019-02-17 11:48:36.625662000 +0100
@@ -0,0 +1,107 @@
+--- src/ipa/ipa/bmp.h.orig	2019-02-17 10:48:16 UTC
++++ src/ipa/ipa/bmp.h
+@@ -859,7 +859,7 @@ static long TellBlob (BMPSource* src)
+ %
+ %
+ */
+-static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels)
++static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels)
+ {	int byte;
+ 	int count;
+ 	int i;
+@@ -870,12 +870,14 @@ static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSo
+ 	U32 u;
+ 
+ 	unsigned char* q;
++	unsigned char* end;
+ 
+ 	for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0;
+ 
+ 	byte = 0;
+ 	x = 0;
+ 	q = pixels;
++	end = pixels + bmp->width * bmp->height;
+ 
+ 	for (y = 0; y < bmp->height; )
+ 	{	count = ReadBlobByte (src);
+@@ -884,7 +886,10 @@ static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSo
+ 		{	/* Encoded mode. */
+ 			byte = ReadBlobByte (src);
+ 			for (i = 0; i < count; i++)
+-			{	if (compression == 1)
++			{	
++				if (q == end)
++					return 0;
++			 	if (compression == 1)
+ 				{	(*(q++)) = (unsigned char) byte;
+ 				}
+ 				else
+@@ -896,13 +901,15 @@ static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSo
+ 		else
+ 		{	/* Escape mode. */
+ 			count = ReadBlobByte (src);
+-			if (count == 0x01) return;
++			if (count == 0x01) return 1;
+ 			switch (count)
+ 			{
+ 			case 0x00:
+ 			 {	/* End of line. */
+ 				x = 0;
+ 				y++;
++				if (y >= bmp->height)
++					return 0;
+ 				q = pixels + y * bmp->width;
+ 				break;
+ 			 }
+@@ -910,13 +917,20 @@ static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSo
+ 			 {	/* Delta mode. */
+ 				x += ReadBlobByte (src);
+ 				y += ReadBlobByte (src);
++				if (y >= bmp->height)
++					return 0;
++				if (x >= bmp->width)
++					return 0;
+ 				q = pixels + y * bmp->width + x;
+ 				break;
+ 			 }
+ 			default:
+ 			 {	/* Absolute mode. */
+ 				for (i = 0; i < count; i++)
+-				{	if (compression == 1)
++				{
++					if (q == end)
++						return 0;
++					if (compression == 1)
+ 					{	(*(q++)) = ReadBlobByte (src);
+ 					}
+ 					else
+@@ -943,7 +957,7 @@ static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSo
+ 	byte = ReadBlobByte (src);  /* end of line */
+ 	byte = ReadBlobByte (src);
+ 
+-	return;
++	return 1;
+ }
+ 
+ /*
+@@ -1143,8 +1157,18 @@ static void ReadBMPImage (wmfAPI* API,wmfBMP* bmp,BMPS
+ 		}
+ 	}
+ 	else
+-	{	/* Convert run-length encoded raster pixels. */
+-		DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
++	{
++		if (bmp_info.bits_per_pixel == 8)	/* Convert run-length encoded raster pixels. */
++		{
++			if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image))
++			{	WMF_ERROR (API,"corrupt bmp");
++				API->err = wmf_E_BadFormat;
++			}
++		}
++		else
++		{	WMF_ERROR (API,"Unexpected pixel depth");
++			API->err = wmf_E_BadFormat;
++		}
+ 	}
+ 
+ 	if (ERR (API))
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_player.c /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_player.c
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_player.c	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_player.c	2019-02-17 11:48:36.629216000 +0100
@@ -0,0 +1,27 @@
+--- src/player.c.orig	2002-12-10 19:30:26 UTC
++++ src/player.c
+@@ -23,6 +23,7 @@
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <stdint.h>
+ #include <string.h>
+ #include <math.h>
+ 
+@@ -132,8 +133,14 @@ wmf_error_t wmf_scan (wmfAPI* API,unsigned long flags,
+ 		}
+ 	}
+ 
+-/*	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
+- */	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
++	if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
++	{
++		API->err = wmf_E_InsMem;
++		WMF_DEBUG (API,"bailing...");
++		return (API->err);
++	}
++
++ 	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
+ 
+ 	if (ERR (API))
+ 	{	WMF_DEBUG (API,"bailing...");
diff -Nru /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_player_meta.h /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_player_meta.h
--- /usr/local/poudriere/ports/official/graphics/libwmf/files/patch-src_player_meta.h	1970-01-01 01:00:00.000000000 +0100
+++ /usr/local/poudriere/ports/experimental/graphics/libwmf/files/patch-src_player_meta.h	2019-02-17 11:48:36.632898000 +0100
@@ -0,0 +1,56 @@
+--- src/player/meta.h.orig	2019-02-17 10:47:58 UTC
++++ src/player/meta.h
+@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API,wmfRecord* Rec
+ 	objects = P->objects;
+ 
+ 	i = 0;
+-	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
++	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
+ 
+ 	if (i == NUM_OBJECTS (API))
+ 	{	WMF_ERROR (API,"Object out of range!");
+@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,wmfRecord* Reco
+ 	objects = P->objects;
+ 
+ 	i = 0;
+-	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
++	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
+ 
+ 	if (i == NUM_OBJECTS (API))
+ 	{	WMF_ERROR (API,"Object out of range!");
+@@ -3070,7 +3070,7 @@ static int meta_pen_create (wmfAPI* API,wmfRecord* Rec
+ 	objects = P->objects;
+ 
+ 	i = 0;
+-	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
++	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
+ 
+ 	if (i == NUM_OBJECTS (API))
+ 	{	WMF_ERROR (API,"Object out of range!");
+@@ -3184,7 +3184,7 @@ static int meta_brush_create (wmfAPI* API,wmfRecord* R
+ 	objects = P->objects;
+ 
+ 	i = 0;
+-	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
++	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
+ 
+ 	if (i == NUM_OBJECTS (API))
+ 	{	WMF_ERROR (API,"Object out of range!");
+@@ -3291,7 +3291,7 @@ static int meta_font_create (wmfAPI* API,wmfRecord* Re
+ 	objects = P->objects;
+ 
+ 	i = 0;
+-	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
++	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
+ 
+ 	if (i == NUM_OBJECTS (API))
+ 	{	WMF_ERROR (API,"Object out of range!");
+@@ -3399,7 +3399,7 @@ static int meta_palette_create (wmfAPI* API,wmfRecord*
+ 	objects = P->objects;
+ 
+ 	i = 0;
+-	while (objects[i].type && (i < NUM_OBJECTS (API))) i++;
++	while ((i < NUM_OBJECTS (API)) && objects[i].type) i++;
+ 
+ 	if (i == NUM_OBJECTS (API))
+ 	{	WMF_ERROR (API,"Object out of range!");