pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/print/poppler apply a patch from poppler CVS (derived ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6828cd735ebb
branches: trunk
changeset: 535126:6828cd735ebb
user: drochner <drochner%pkgsrc.org@localhost>
date: Thu Nov 08 12:06:12 2007 +0000
description:
apply a patch from poppler CVS (derived from xpdf) to fix a couple
of memory corruption / buffer overflows
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)
bump PKGREVISION
diffstat:
print/poppler/Makefile | 4 +-
print/poppler/distinfo | 4 +-
print/poppler/patches/patch-ac | 618 +++++++++++++++++++++++++++++++++++++++++
print/poppler/patches/patch-ad | 24 +
4 files changed, 648 insertions(+), 2 deletions(-)
diffs (truncated from 679 to 300 lines):
diff -r 0667a6077257 -r 6828cd735ebb print/poppler/Makefile
--- a/print/poppler/Makefile Thu Nov 08 09:56:03 2007 +0000
+++ b/print/poppler/Makefile Thu Nov 08 12:06:12 2007 +0000
@@ -1,8 +1,10 @@
-# $NetBSD: Makefile,v 1.23 2007/11/03 16:10:38 drochner Exp $
+# $NetBSD: Makefile,v 1.24 2007/11/08 12:06:12 drochner Exp $
#
.include "../../print/poppler/Makefile.common"
+PKGREVISION= 1
+
COMMENT= PDF rendering library
USE_TOOLS+= gmake
diff -r 0667a6077257 -r 6828cd735ebb print/poppler/distinfo
--- a/print/poppler/distinfo Thu Nov 08 09:56:03 2007 +0000
+++ b/print/poppler/distinfo Thu Nov 08 12:06:12 2007 +0000
@@ -1,7 +1,9 @@
-$NetBSD: distinfo,v 1.18 2007/11/03 16:10:38 drochner Exp $
+$NetBSD: distinfo,v 1.19 2007/11/08 12:06:12 drochner Exp $
SHA1 (poppler-0.6.1.tar.gz) = f28184df94fe6312db0a11e285d7832c3cfd0797
RMD160 (poppler-0.6.1.tar.gz) = 19496a6b3a5aeb7eca2f7edc2e957868880a90f4
Size (poppler-0.6.1.tar.gz) = 1286501 bytes
SHA1 (patch-aa) = 8172f8e6a176a20579c83be77c18c55d73559313
SHA1 (patch-ab) = 8cb260eb13eba003f5b0ecb825bdb1a4785f042b
+SHA1 (patch-ac) = a5b153c761430a51298ddbabd6c36c94184ebe2d
+SHA1 (patch-ad) = 41ec2c67ab493bdd46215d6a9f4c735334283f9b
diff -r 0667a6077257 -r 6828cd735ebb print/poppler/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-ac Thu Nov 08 12:06:12 2007 +0000
@@ -0,0 +1,618 @@
+$NetBSD: patch-ac,v 1.6 2007/11/08 12:06:12 drochner Exp $
+
+--- poppler/Stream.cc.orig 2007-09-17 20:37:58.000000000 +0200
++++ poppler/Stream.cc
+@@ -1251,23 +1251,26 @@ CCITTFaxStream::CCITTFaxStream(Stream *s
+ columns = columnsA;
+ if (columns < 1) {
+ columns = 1;
+- }
+- if (columns + 4 <= 0) {
+- columns = INT_MAX - 4;
++ } else if (columns > INT_MAX - 2) {
++ columns = INT_MAX - 2;
+ }
+ rows = rowsA;
+ endOfBlock = endOfBlockA;
+ black = blackA;
+- refLine = (short *)gmallocn(columns + 3, sizeof(short));
+- codingLine = (short *)gmallocn(columns + 2, sizeof(short));
++ // 0 <= codingLine[0] < codingLine[1] < ... < codingLine[n] = columns
++ // ---> max codingLine size = columns + 1
++ // refLine has one extra guard entry at the end
++ // ---> max refLine size = columns + 2
++ codingLine = (int *)gmallocn(columns + 1, sizeof(int));
++ refLine = (int *)gmallocn(columns + 2, sizeof(int));
+
+ eof = gFalse;
+ row = 0;
+ nextLine2D = encoding < 0;
+ inputBits = 0;
+- codingLine[0] = 0;
+- codingLine[1] = refLine[2] = columns;
+- a0 = 1;
++ codingLine[0] = columns;
++ a0i = 0;
++ outputBits = 0;
+
+ buf = EOF;
+ }
+@@ -1286,9 +1289,9 @@ void CCITTFaxStream::reset() {
+ row = 0;
+ nextLine2D = encoding < 0;
+ inputBits = 0;
+- codingLine[0] = 0;
+- codingLine[1] = columns;
+- a0 = 1;
++ codingLine[0] = columns;
++ a0i = 0;
++ outputBits = 0;
+ buf = EOF;
+
+ // skip any initial zero bits and end-of-line marker, and get the 2D
+@@ -1305,211 +1308,230 @@ void CCITTFaxStream::reset() {
+ }
+ }
+
++inline void CCITTFaxStream::addPixels(int a1, int blackPixels) {
++ if (a1 > codingLine[a0i]) {
++ if (a1 > columns) {
++ error(getPos(), "CCITTFax row is wrong length (%d)", a1);
++ err = gTrue;
++ a1 = columns;
++ }
++ if ((a0i & 1) ^ blackPixels) {
++ ++a0i;
++ }
++ codingLine[a0i] = a1;
++ }
++}
++
++inline void CCITTFaxStream::addPixelsNeg(int a1, int blackPixels) {
++ if (a1 > codingLine[a0i]) {
++ if (a1 > columns) {
++ error(getPos(), "CCITTFax row is wrong length (%d)", a1);
++ err = gTrue;
++ a1 = columns;
++ }
++ if ((a0i & 1) ^ blackPixels) {
++ ++a0i;
++ }
++ codingLine[a0i] = a1;
++ } else if (a1 < codingLine[a0i]) {
++ if (a1 < 0) {
++ error(getPos(), "Invalid CCITTFax code");
++ err = gTrue;
++ a1 = 0;
++ }
++ while (a0i > 0 && a1 <= codingLine[a0i - 1]) {
++ --a0i;
++ }
++ codingLine[a0i] = a1;
++ }
++}
++
+ int CCITTFaxStream::lookChar() {
+ short code1, code2, code3;
+- int a0New;
+- GBool err, gotEOL;
+- int ret;
+- int bits, i;
++ int b1i, blackPixels, i, bits;
++ GBool gotEOL;
+
+- // if at eof just return EOF
+- if (eof && codingLine[a0] >= columns) {
+- return EOF;
++ if (buf != EOF) {
++ return buf;
+ }
+
+ // read the next row
+- err = gFalse;
+- if (codingLine[a0] >= columns) {
++ if (outputBits == 0) {
++
++ // if at eof just return EOF
++ if (eof) {
++ return EOF;
++ }
++
++ err = gFalse;
+
+ // 2-D encoding
+ if (nextLine2D) {
+- // state:
+- // a0New = current position in coding line (0 <= a0New <= columns)
+- // codingLine[a0] = last change in coding line
+- // (black-to-white if a0 is even,
+- // white-to-black if a0 is odd)
+- // refLine[b1] = next change in reference line of opposite color
+- // to a0
+- // invariants:
+- // 0 <= codingLine[a0] <= a0New
+- // <= refLine[b1] <= refLine[b1+1] <= columns
+- // 0 <= a0 <= columns+1
+- // refLine[0] = 0
+- // refLine[n] = refLine[n+1] = columns
+- // -- for some 1 <= n <= columns+1
+- // end condition:
+- // 0 = codingLine[0] <= codingLine[1] < codingLine[2] < ...
+- // < codingLine[n-1] < codingLine[n] = columns
+- // -- where 1 <= n <= columns+1
+ for (i = 0; codingLine[i] < columns; ++i) {
+ refLine[i] = codingLine[i];
+ }
+- refLine[i] = refLine[i + 1] = columns;
+- b1 = 1;
+- a0New = codingLine[a0 = 0] = 0;
+- do {
++ refLine[i++] = columns;
++ refLine[i] = columns;
++ codingLine[0] = 0;
++ a0i = 0;
++ b1i = 0;
++ blackPixels = 0;
++ // invariant:
++ // refLine[b1i-1] <= codingLine[a0i] < refLine[b1i] < refLine[b1i+1]
++ // <= columns
++ // exception at left edge:
++ // codingLine[a0i = 0] = refLine[b1i = 0] = 0 is possible
++ // exception at right edge:
++ // refLine[b1i] = refLine[b1i+1] = columns is possible
++ while (codingLine[a0i] < columns) {
+ code1 = getTwoDimCode();
+ switch (code1) {
+ case twoDimPass:
+- if (refLine[b1] < columns) {
+- a0New = refLine[b1 + 1];
+- b1 += 2;
++ addPixels(refLine[b1i + 1], blackPixels);
++ if (refLine[b1i + 1] < columns) {
++ b1i += 2;
+ }
+ break;
+ case twoDimHoriz:
+- if ((a0 & 1) == 0) {
+ code1 = code2 = 0;
++ if (blackPixels) {
+ do {
+- code1 += code3 = getWhiteCode();
++ code1 += code3 = getBlackCode();
+ } while (code3 >= 64);
+ do {
+- code2 += code3 = getBlackCode();
++ code2 += code3 = getWhiteCode();
+ } while (code3 >= 64);
+ } else {
+- code1 = code2 = 0;
+ do {
+- code1 += code3 = getBlackCode();
++ code1 += code3 = getWhiteCode();
+ } while (code3 >= 64);
+ do {
+- code2 += code3 = getWhiteCode();
++ code2 += code3 = getBlackCode();
+ } while (code3 >= 64);
+ }
+- if (code1 > 0 || code2 > 0) {
+- if (a0New + code1 <= columns) {
+- codingLine[a0 + 1] = a0New + code1;
+- } else {
+- codingLine[a0 + 1] = columns;
+- }
+- ++a0;
+- if (codingLine[a0] + code2 <= columns) {
+- codingLine[a0 + 1] = codingLine[a0] + code2;
+- } else {
+- codingLine[a0 + 1] = columns;
+- }
+- ++a0;
+- a0New = codingLine[a0];
+- while (refLine[b1] <= a0New && refLine[b1] < columns) {
+- b1 += 2;
++ addPixels(codingLine[a0i] + code1, blackPixels);
++ if (codingLine[a0i] < columns) {
++ addPixels(codingLine[a0i] + code2, blackPixels ^ 1);
++ }
++ while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++ b1i += 2;
++ }
++ break;
++ case twoDimVertR3:
++ addPixels(refLine[b1i] + 3, blackPixels);
++ blackPixels ^= 1;
++ if (codingLine[a0i] < columns) {
++ ++b1i;
++ while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++ b1i += 2;
+ }
+ }
+ break;
+- case twoDimVert0:
+- if (refLine[b1] < columns) {
+- a0New = codingLine[++a0] = refLine[b1];
+- ++b1;
+- while (refLine[b1] <= a0New && refLine[b1] < columns) {
+- b1 += 2;
++ case twoDimVertR2:
++ addPixels(refLine[b1i] + 2, blackPixels);
++ blackPixels ^= 1;
++ if (codingLine[a0i] < columns) {
++ ++b1i;
++ while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++ b1i += 2;
+ }
+- } else {
+- a0New = codingLine[++a0] = columns;
+ }
+ break;
+ case twoDimVertR1:
+- if (refLine[b1] + 1 < columns) {
+- a0New = codingLine[++a0] = refLine[b1] + 1;
+- ++b1;
+- while (refLine[b1] <= a0New && refLine[b1] < columns) {
+- b1 += 2;
++ addPixels(refLine[b1i] + 1, blackPixels);
++ blackPixels ^= 1;
++ if (codingLine[a0i] < columns) {
++ ++b1i;
++ while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++ b1i += 2;
+ }
+- } else {
+- a0New = codingLine[++a0] = columns;
+ }
+ break;
+- case twoDimVertL1:
Home |
Main Index |
Thread Index |
Old Index