pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/print/poppler -fix embedded font handling (CVE-2008-16...
details: https://anonhg.NetBSD.org/pkgsrc/rev/f3caf78a0172
branches: trunk
changeset: 541290:f3caf78a0172
user: drochner <drochner%pkgsrc.org@localhost>
date: Fri Apr 18 14:03:54 2008 +0000
description:
-fix embedded font handling (CVE-2008-1693), patch from Ubuntu,
bump PKGREVISION
-being here, add a patch from upstream CVS which fixes display
of 16-bit colors
diffstat:
print/poppler/Makefile | 4 +-
print/poppler/distinfo | 5 +-
print/poppler/patches/patch-aj | 136 +++++++++++++++++++++++++++++++++++++++++
print/poppler/patches/patch-ak | 17 +++++
print/poppler/patches/patch-al | 20 ++++++
5 files changed, 180 insertions(+), 2 deletions(-)
diffs (216 lines):
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/Makefile
--- a/print/poppler/Makefile Fri Apr 18 14:01:22 2008 +0000
+++ b/print/poppler/Makefile Fri Apr 18 14:03:54 2008 +0000
@@ -1,8 +1,10 @@
-# $NetBSD: Makefile,v 1.25 2007/11/28 20:54:36 drochner Exp $
+# $NetBSD: Makefile,v 1.26 2008/04/18 14:03:54 drochner Exp $
#
.include "../../print/poppler/Makefile.common"
+PKGREVISION= 1
+
COMMENT= PDF rendering library
USE_TOOLS+= gmake
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/distinfo
--- a/print/poppler/distinfo Fri Apr 18 14:01:22 2008 +0000
+++ b/print/poppler/distinfo Fri Apr 18 14:03:54 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.23 2008/04/15 19:57:00 drochner Exp $
+$NetBSD: distinfo,v 1.24 2008/04/18 14:03:54 drochner Exp $
SHA1 (poppler-0.8.0.tar.gz) = 4f1ac5daca63b1a119d3e7446b296b0990246cf4
RMD160 (poppler-0.8.0.tar.gz) = 390b870fca46f6651a0d41c5fc0994661daa3b55
@@ -8,3 +8,6 @@
SHA1 (patch-ag) = d1581a1ca40bba34146a4a6f4ee7d38b8f6ff3b7
SHA1 (patch-ah) = b1a1d0eec0906ea1182ea059ae41422494984c7c
SHA1 (patch-ai) = b93a6bf6fb67f601f45d2f11417ac0702e5ea37e
+SHA1 (patch-aj) = 23dce02ff51c75174bfb426b22407cbac8093a31
+SHA1 (patch-ak) = 938c0dd4403782b2fdfd6224fb66511f045dd461
+SHA1 (patch-al) = 25841a15f4adc34cbcbb117c47af77f4c6d6d5d5
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/patches/patch-aj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-aj Fri Apr 18 14:03:54 2008 +0000
@@ -0,0 +1,136 @@
+$NetBSD: patch-aj,v 1.1 2008/04/18 14:03:54 drochner Exp $
+
+--- poppler/Object.h.orig 2007-12-20 19:40:06.000000000 +0100
++++ poppler/Object.h
+@@ -66,17 +66,18 @@ enum ObjType {
+ //------------------------------------------------------------------------
+
+ #ifdef DEBUG_MEM
+-#define initObj(t) ++numAlloc[type = t]
++#define initObj(t) zeroUnion(); ++numAlloc[type = t]
+ #else
+-#define initObj(t) type = t
++#define initObj(t) zeroUnion(); type = t
+ #endif
+
+ class Object {
+ public:
+-
++ // attempt to clear the anonymous union
++ void zeroUnion() { this->name = NULL; }
+ // Default constructor.
+ Object():
+- type(objNone) {}
++ type(objNone) { zeroUnion(); }
+
+ // Initialize an object.
+ Object *initBool(GBool boolnA)
+@@ -223,16 +224,16 @@ private:
+ #include "Array.h"
+
+ inline int Object::arrayGetLength()
+- { return array->getLength(); }
++ { if (type != objArray) return 0; return array->getLength(); }
+
+ inline void Object::arrayAdd(Object *elem)
+- { array->add(elem); }
++ { if (type == objArray) array->add(elem); }
+
+ inline Object *Object::arrayGet(int i, Object *obj)
+- { return array->get(i, obj); }
++ { if (type != objArray) return obj->initNull(); return array->get(i, obj); }
+
+ inline Object *Object::arrayGetNF(int i, Object *obj)
+- { return array->getNF(i, obj); }
++ { if (type != objArray) return obj->initNull(); return array->getNF(i, obj); }
+
+ //------------------------------------------------------------------------
+ // Dict accessors.
+@@ -241,34 +242,34 @@ inline Object *Object::arrayGetNF(int i,
+ #include "Dict.h"
+
+ inline int Object::dictGetLength()
+- { return dict->getLength(); }
++ { if (type != objDict) return 0; return dict->getLength(); }
+
+ inline void Object::dictAdd(char *key, Object *val)
+- { dict->add(key, val); }
++ { if (type == objDict) dict->add(key, val); }
+
+ inline void Object::dictSet(char *key, Object *val)
+- { dict->set(key, val); }
++ { if (type == objDict) dict->set(key, val); }
+
+ inline GBool Object::dictIs(char *dictType)
+- { return dict->is(dictType); }
++ { return (type == objDict) && dict->is(dictType); }
+
+ inline GBool Object::isDict(char *dictType)
+ { return type == objDict && dictIs(dictType); }
+
+ inline Object *Object::dictLookup(char *key, Object *obj)
+- { return dict->lookup(key, obj); }
++ { if (type != objDict) return obj->initNull(); return dict->lookup(key, obj); }
+
+ inline Object *Object::dictLookupNF(char *key, Object *obj)
+- { return dict->lookupNF(key, obj); }
++ { if (type != objDict) return obj->initNull(); return dict->lookupNF(key, obj); }
+
+ inline char *Object::dictGetKey(int i)
+- { return dict->getKey(i); }
++ { if (type != objDict) return NULL; return dict->getKey(i); }
+
+ inline Object *Object::dictGetVal(int i, Object *obj)
+- { return dict->getVal(i, obj); }
++ { if (type != objDict) return obj->initNull(); return dict->getVal(i, obj); }
+
+ inline Object *Object::dictGetValNF(int i, Object *obj)
+- { return dict->getValNF(i, obj); }
++ { if (type != objDict) return obj->initNull(); return dict->getValNF(i, obj); }
+
+ //------------------------------------------------------------------------
+ // Stream accessors.
+@@ -277,33 +278,33 @@ inline Object *Object::dictGetValNF(int
+ #include "Stream.h"
+
+ inline GBool Object::streamIs(char *dictType)
+- { return stream->getDict()->is(dictType); }
++ { return (type == objStream) && stream->getDict()->is(dictType); }
+
+ inline GBool Object::isStream(char *dictType)
+- { return type == objStream && streamIs(dictType); }
++ { return (type == objStream) && streamIs(dictType); }
+
+ inline void Object::streamReset()
+- { stream->reset(); }
++ { if (type == objStream) stream->reset(); }
+
+ inline void Object::streamClose()
+- { stream->close(); }
++ { if (type == objStream) stream->close(); }
+
+ inline int Object::streamGetChar()
+- { return stream->getChar(); }
++ { if (type != objStream) return EOF; return stream->getChar(); }
+
+ inline int Object::streamLookChar()
+- { return stream->lookChar(); }
++ { if (type != objStream) return EOF; return stream->lookChar(); }
+
+ inline char *Object::streamGetLine(char *buf, int size)
+- { return stream->getLine(buf, size); }
++ { if (type != objStream) return NULL; return stream->getLine(buf, size); }
+
+ inline Guint Object::streamGetPos()
+- { return stream->getPos(); }
++ { if (type != objStream) return 0; return stream->getPos(); }
+
+ inline void Object::streamSetPos(Guint pos, int dir)
+- { stream->setPos(pos, dir); }
++ { if (type == objStream) stream->setPos(pos, dir); }
+
+ inline Dict *Object::streamGetDict()
+- { return stream->getDict(); }
++ { if (type != objStream) return NULL; return stream->getDict(); }
+
+ #endif
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/patches/patch-ak
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-ak Fri Apr 18 14:03:54 2008 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-ak,v 1.1 2008/04/18 14:03:54 drochner Exp $
+
+--- poppler/GfxState.cc.orig 2008-02-09 12:46:17.000000000 +0100
++++ poppler/GfxState.cc
+@@ -3349,6 +3349,12 @@ GfxImageColorMap::GfxImageColorMap(int b
+ maxPixel = (1 << bits) - 1;
+ colorSpace = colorSpaceA;
+
++ // this is a hack to support 16 bits images, everywhere
++ // we assume a component fits in 8 bits, with this hack
++ // we treat 16 bit images as 8 bit ones until it's fixed correctly.
++ // The hack has another part on ImageStream::getLine
++ if (maxPixel > 255) maxPixel = 255;
++
+ // initialize
+ for (k = 0; k < gfxColorMaxComps; ++k) {
+ lookup[k] = NULL;
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/patches/patch-al
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-al Fri Apr 18 14:03:54 2008 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-al,v 1.1 2008/04/18 14:03:54 drochner Exp $
+
+--- poppler/Stream.cc.orig 2008-03-22 14:57:24.000000000 +0100
++++ poppler/Stream.cc
+@@ -428,6 +428,15 @@ Guchar *ImageStream::getLine() {
+ for (i = 0; i < nVals; ++i) {
+ imgLine[i] = str->getChar();
+ }
++ } else if (nBits == 16) {
++ // this is a hack to support 16 bits images, everywhere
++ // we assume a component fits in 8 bits, with this hack
++ // we treat 16 bit images as 8 bit ones until it's fixed correctly.
++ // The hack has another part on GfxImageColorMap::GfxImageColorMap
++ for (i = 0; i < nVals; ++i) {
++ imgLine[i] = str->getChar();
++ str->getChar();
++ }
+ } else {
+ bitMask = (1 << nBits) - 1;
+ buf = 0;
Home |
Main Index |
Thread Index |
Old Index