pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2009Q1]: pkgsrc/graphics/kdegraphics3 Pullup ticket #2784 - re...
details: https://anonhg.NetBSD.org/pkgsrc/rev/fff868459ac1
branches: pkgsrc-2009Q1
changeset: 556845:fff868459ac1
user: tron <tron%pkgsrc.org@localhost>
date: Thu Jun 04 16:49:29 2009 +0000
description:
Pullup ticket #2784 - requested by markd
kdegraphics3: security patch
Revisions pulled up:
- graphics/kdegraphics3/Makefile 1.81 via patch
- graphics/kdegraphics3/distinfo 1.51
- graphics/kdegraphics3/patches/patch-aa 1.14
- graphics/kdegraphics3/patches/patch-ab 1.11
- graphics/kdegraphics3/patches/patch-ac 1.8
---
Module Name: pkgsrc
Committed By: markd
Date: Wed Jun 3 12:29:43 UTC 2009
Modified Files:
pkgsrc/graphics/kdegraphics3: Makefile distinfo
Added Files:
pkgsrc/graphics/kdegraphics3/patches: patch-aa patch-ab patch-ac
Log Message:
Update kpdf to have the xpdf3.02pl patches for the vulnerabilities
reported in CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799,
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181,
CVE-2009-1182 and CVE-2009-1183.
also some patches from poppler for postscript output generation problems
seen here.
diffstat:
graphics/kdegraphics3/Makefile | 3 +-
graphics/kdegraphics3/distinfo | 5 +-
graphics/kdegraphics3/patches/patch-aa | 205 ++++++
graphics/kdegraphics3/patches/patch-ab | 17 +
graphics/kdegraphics3/patches/patch-ac | 1015 ++++++++++++++++++++++++++++++++
5 files changed, 1243 insertions(+), 2 deletions(-)
diffs (truncated from 1274 to 300 lines):
diff -r 1a3d087cb6ab -r fff868459ac1 graphics/kdegraphics3/Makefile
--- a/graphics/kdegraphics3/Makefile Thu Jun 04 08:57:21 2009 +0000
+++ b/graphics/kdegraphics3/Makefile Thu Jun 04 16:49:29 2009 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.79 2008/07/14 12:56:05 joerg Exp $
+# $NetBSD: Makefile,v 1.79.8.1 2009/06/04 16:49:29 tron Exp $
DISTNAME= kdegraphics-${_KDE_VERSION}
+PKGREVISION= 2
CATEGORIES= graphics
COMMENT= Graphics programs for the KDE integrated X11 desktop
diff -r 1a3d087cb6ab -r fff868459ac1 graphics/kdegraphics3/distinfo
--- a/graphics/kdegraphics3/distinfo Thu Jun 04 08:57:21 2009 +0000
+++ b/graphics/kdegraphics3/distinfo Thu Jun 04 16:49:29 2009 +0000
@@ -1,5 +1,8 @@
-$NetBSD: distinfo,v 1.50 2008/08/27 12:22:10 markd Exp $
+$NetBSD: distinfo,v 1.50.8.1 2009/06/04 16:49:29 tron Exp $
SHA1 (kdegraphics-3.5.10.tar.bz2) = 9634e3ab364d017152fb6d636efad8811aeec6c3
RMD160 (kdegraphics-3.5.10.tar.bz2) = 94278e4419ab99885fc9efae9b6ba5ba787f831e
Size (kdegraphics-3.5.10.tar.bz2) = 7440912 bytes
+SHA1 (patch-aa) = e5817f29b7857575dbb375db2388b37214f5d8c6
+SHA1 (patch-ab) = f2aa9e992904add4b95ecf2553a4e1bf9510913f
+SHA1 (patch-ac) = 3738313046fbb69ac527ae472fe5db24bdff3fff
diff -r 1a3d087cb6ab -r fff868459ac1 graphics/kdegraphics3/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/kdegraphics3/patches/patch-aa Thu Jun 04 16:49:29 2009 +0000
@@ -0,0 +1,205 @@
+$NetBSD: patch-aa,v 1.14.2.2 2009/06/04 16:49:30 tron Exp $
+
+poppler git patch f86514c3fbc867fc6457feacba23451e89993524
+poppler git patch ac16174da1d6f19445f78e7cd7c4a18cb9524dde
+
+--- kpdf/xpdf/xpdf/PSOutputDev.cc.orig 2007-10-08 22:48:37.000000000 +1300
++++ kpdf/xpdf/xpdf/PSOutputDev.cc
+@@ -2547,6 +2547,7 @@ void PSOutputDev::setupImage(Ref id, Str
+ GString *s;
+ int c;
+ int size, line, col, i;
++ int outerSize, outer;
+
+ // check if image is already setup
+ for (i = 0; i < imgIDLen; ++i) {
+@@ -2633,56 +2634,72 @@ void PSOutputDev::setupImage(Ref id, Str
+ if (useRLE) {
+ ++size;
+ }
++ outerSize = size/65535 + 1;
++
+ writePSFmt("{0:d} array dup /ImData_{1:d}_{2:d} exch def\n",
+- size, id.num, id.gen);
++ outerSize, id.num, id.gen);
+ str->close();
+
+ // write the data into the array
+ str->reset();
+- line = col = 0;
+- writePS((char *)(useASCIIHex ? "dup 0 <" : "dup 0 <~"));
+- do {
+- do {
+- c = str->getChar();
+- } while (c == '\n' || c == '\r');
+- if (c == (useASCIIHex ? '>' : '~') || c == EOF) {
+- break;
+- }
+- if (c == 'z') {
+- writePSChar(c);
+- ++col;
+- } else {
+- writePSChar(c);
+- ++col;
+- for (i = 1; i <= (useASCIIHex ? 1 : 4); ++i) {
+- do {
+- c = str->getChar();
+- } while (c == '\n' || c == '\r');
+- if (c == (useASCIIHex ? '>' : '~') || c == EOF) {
+- break;
+- }
++ for (outer = 0;outer < outerSize;outer++) {
++ int innerSize = size > 65535 ? 65535 : size;
++
++ // put the inner array into the outer array
++ writePSFmt("{0:d} array 1 index {1:d} 2 index put\n",
++ innerSize, outer);
++ line = col = 0;
++ writePS((char *)(useASCIIHex ? "dup 0 <" : "dup 0 <~"));
++ for (;;) {
++ do {
++ c = str->getChar();
++ } while (c == '\n' || c == '\r');
++ if (c == (useASCIIHex ? '>' : '~') || c == EOF) {
++ break;
++ }
++ if (c == 'z') {
+ writePSChar(c);
+ ++col;
++ } else {
++ writePSChar(c);
++ ++col;
++ for (i = 1; i <= (useASCIIHex ? 1 : 4); ++i) {
++ do {
++ c = str->getChar();
++ } while (c == '\n' || c == '\r');
++ if (c == (useASCIIHex ? '>' : '~') || c == EOF) {
++ break;
++ }
++ writePSChar(c);
++ ++col;
++ }
++ }
++ // each line is: "dup nnnnn <~...data...~> put<eol>"
++ // so max data length = 255 - 20 = 235
++ // chunks are 1 or 4 bytes each, so we have to stop at 232
++ // but make it 225 just to be safe
++ if (col > 225) {
++ writePS((char *)(useASCIIHex ? "> put\n" : "~> put\n"));
++ ++line;
++ if (line >= innerSize) break;
++ writePSFmt((char *)(useASCIIHex ? "dup {0:d} <" : "dup {0:d} <~"), line);
++ col = 0;
+ }
+ }
+- // each line is: "dup nnnnn <~...data...~> put<eol>"
+- // so max data length = 255 - 20 = 235
+- // chunks are 1 or 4 bytes each, so we have to stop at 232
+- // but make it 225 just to be safe
+- if (col > 225) {
++ if (c == (useASCIIHex ? '>' : '~') || c == EOF) {
+ writePS((char *)(useASCIIHex ? "> put\n" : "~> put\n"));
+- ++line;
+- writePSFmt((char *)(useASCIIHex ? "dup {0:d} <" : "dup {0:d} <~"), line);
+- col = 0;
++ if (useRLE) {
++ ++line;
++ writePSFmt("{0:d} <> put\n", line);
++ } else {
++ writePS("pop\n");
++ }
++ break;
+ }
+- } while (c != (useASCIIHex ? '>' : '~') && c != EOF);
+- writePS((char *)(useASCIIHex ? "> put\n" : "~> put\n"));
+- if (useRLE) {
+- ++line;
+- writePSFmt("{0:d} <> put\n", line);
+- } else {
+ writePS("pop\n");
++ size -= innerSize;
+ }
++ writePS("pop\n");
+ str->close();
+
+ delete str;
+@@ -4299,8 +4316,10 @@ void PSOutputDev::doImageL1(Object *ref,
+ str->close();
+ delete str;
+ } else {
++ // make sure the image is setup, it sometimes is not like on bug #17645
++ setupImage(ref->getRef(), str);
+ // set up to use the array already created by setupImages()
+- writePSFmt("ImData_{0:d}_{1:d} 0\n", ref->getRefNum(), ref->getRefGen());
++ writePSFmt("ImData_{0:d}_{1:d} 0 0\n", ref->getRefNum(), ref->getRefGen());
+ }
+ }
+
+@@ -4760,8 +4779,10 @@ void PSOutputDev::doImageL2(Object *ref,
+ str2->close();
+ delete str2;
+ } else {
++ // make sure the image is setup, it sometimes is not like on bug #17645
++ setupImage(ref->getRef(), str);
+ // set up to use the array already created by setupImages()
+- writePSFmt("ImData_{0:d}_{1:d} 0\n", ref->getRefNum(), ref->getRefGen());
++ writePSFmt("ImData_{0:d}_{1:d} 0 0\n",ref->getRefNum(), ref->getRefGen());
+ }
+ }
+
+@@ -4815,7 +4836,12 @@ void PSOutputDev::doImageL2(Object *ref,
+
+ // data source
+ if (mode == psModeForm || inType3Char || preload) {
+- writePS(" /DataSource { 2 copy get exch 1 add exch }\n");
++ if (inlineImg) {
++ writePS(" /DataSource { 2 copy get exch 1 add exch }\n");
++ } else {
++ writePS(" /DataSource { dup 65535 ge { pop 1 add 0 } if 2 index 2"
++ " index get 1 index get exch 1 add exch }\n");
++ }
+ } else {
+ writePS(" /DataSource currentfile\n");
+ }
+@@ -4854,6 +4880,7 @@ void PSOutputDev::doImageL2(Object *ref,
+ writePSFmt(">>\n{0:s}\n", colorMap ? "image" : "imagemask");
+
+ // get rid of the array and index
++ if (!inlineImg) writePS("pop ");
+ writePS("pop pop\n");
+
+ } else {
+@@ -5028,8 +5055,10 @@ void PSOutputDev::doImageL3(Object *ref,
+ str2->close();
+ delete str2;
+ } else {
++ // make sure the image is setup, it sometimes is not like on bug #17645
++ setupImage(ref->getRef(), str);
+ // set up to use the array already created by setupImages()
+- writePSFmt("ImData_{0:d}_{1:d} 0\n", ref->getRefNum(), ref->getRefGen());
++ writePSFmt("ImData_{0:d}_{1:d} 0 0\n", ref->getRefNum(), ref->getRefGen());
+ }
+ }
+
+@@ -5100,7 +5129,12 @@ void PSOutputDev::doImageL3(Object *ref,
+
+ // data source
+ if (mode == psModeForm || inType3Char || preload) {
+- writePS(" /DataSource { 2 copy get exch 1 add exch }\n");
++ if (inlineImg) {
++ writePS(" /DataSource { 2 copy get exch 1 add exch }\n");
++ } else {
++ writePS(" /DataSource { dup 65535 ge { pop 1 add 0 } if 2 index 2"
++ " index get 1 index get exch 1 add exch }\n");
++ }
+ } else {
+ writePS(" /DataSource currentfile\n");
+ }
+@@ -5236,6 +5270,7 @@ void PSOutputDev::doImageL3(Object *ref,
+
+ // get rid of the array and index
+ if (mode == psModeForm || inType3Char || preload) {
++ if (!inlineImg) writePS("pop ");
+ writePS("pop pop\n");
+
+ // image data
diff -r 1a3d087cb6ab -r fff868459ac1 graphics/kdegraphics3/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/kdegraphics3/patches/patch-ab Thu Jun 04 16:49:29 2009 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-ab,v 1.11.2.2 2009/06/04 16:49:30 tron Exp $
+
+xpdf 3.02pl3 by way of poppler git 9f1312f3d7dfa7e536606a7c7296b7c876b11c00
+
+--- kpdf/xpdf/xpdf/JBIG2Stream.h.orig 2007-05-14 19:39:30.000000000 +1200
++++ kpdf/xpdf/xpdf/JBIG2Stream.h
+@@ -78,6 +78,10 @@ private:
+ Guint *refSegs, Guint nRefSegs);
+ void readGenericRegionSeg(Guint segNum, GBool imm,
+ GBool lossless, Guint length);
++ void mmrAddPixels(int a1, int blackPixels,
++ int *codingLine, int *a0i, int w);
++ void mmrAddPixelsNeg(int a1, int blackPixels,
++ int *codingLine, int *a0i, int w);
+ JBIG2Bitmap *readGenericBitmap(GBool mmr, int w, int h,
+ int templ, GBool tpgdOn,
+ GBool useSkip, JBIG2Bitmap *skip,
diff -r 1a3d087cb6ab -r fff868459ac1 graphics/kdegraphics3/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/kdegraphics3/patches/patch-ac Thu Jun 04 16:49:29 2009 +0000
@@ -0,0 +1,1015 @@
+$NetBSD: patch-ac,v 1.8.2.2 2009/06/04 16:49:30 tron Exp $
+
+xpdf 3.02pl3 by way of poppler git 9f1312f3d7dfa7e536606a7c7296b7c876b11c00
+also poppler git 305af8cdb6822858e152e1f930bba2ce3904bf1b
+
+--- kpdf/xpdf/xpdf/JBIG2Stream.cc.orig 2008-08-20 06:12:37.000000000 +1200
++++ kpdf/xpdf/xpdf/JBIG2Stream.cc
+@@ -422,12 +422,14 @@ void JBIG2HuffmanDecoder::buildTable(JBI
+ table[i] = table[len];
+
+ // assign prefixes
+- i = 0;
+- prefix = 0;
+- table[i++].prefix = prefix++;
+- for (; table[i].rangeLen != jbig2HuffmanEOT; ++i) {
+- prefix <<= table[i].prefixLen - table[i-1].prefixLen;
+- table[i].prefix = prefix++;
++ if (table[0].rangeLen != jbig2HuffmanEOT) {
++ i = 0;
++ prefix = 0;
++ table[i++].prefix = prefix++;
++ for (; table[i].rangeLen != jbig2HuffmanEOT; ++i) {
++ prefix <<= table[i].prefixLen - table[i-1].prefixLen;
++ table[i].prefix = prefix++;
++ }
+ }
+ }
+
+@@ -491,7 +493,7 @@ int JBIG2MMRDecoder::get2DCode() {
+ }
+ if (p->bits < 0) {
+ error(str->getPos(), "Bad two dim code in JBIG2 MMR stream");
+- return 0;
++ return EOF;
+ }
+ bufLen -= p->bits;
+ return p->n;
+@@ -668,6 +670,7 @@ public:
+ void combine(JBIG2Bitmap *bitmap, int x, int y, Guint combOp);
+ Guchar *getDataPtr() { return data; }
+ int getDataSize() { return h * line; }
Home |
Main Index |
Thread Index |
Old Index