[pkgsrc/trunk]: pkgsrc/print/poppler -fix embedded font handling (CVE-2008-16...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/print/poppler -fix embedded font handling (CVE-2008-16...
From: drochner <drochner%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 06:02:12 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/f3caf78a0172
branches:  trunk
changeset: 541290:f3caf78a0172
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Fri Apr 18 14:03:54 2008 +0000

description:
-fix embedded font handling (CVE-2008-1693), patch from Ubuntu,
 bump PKGREVISION
-being here, add a patch from upstream CVS which fixes display
 of 16-bit colors

diffstat:

 print/poppler/Makefile         |    4 +-
 print/poppler/distinfo         |    5 +-
 print/poppler/patches/patch-aj |  136 +++++++++++++++++++++++++++++++++++++++++
 print/poppler/patches/patch-ak |   17 +++++
 print/poppler/patches/patch-al |   20 ++++++
 5 files changed, 180 insertions(+), 2 deletions(-)

diffs (216 lines):

diff -r a0434e13b68a -r f3caf78a0172 print/poppler/Makefile
--- a/print/poppler/Makefile    Fri Apr 18 14:01:22 2008 +0000
+++ b/print/poppler/Makefile    Fri Apr 18 14:03:54 2008 +0000
@@ -1,8 +1,10 @@
-# $NetBSD: Makefile,v 1.25 2007/11/28 20:54:36 drochner Exp $
+# $NetBSD: Makefile,v 1.26 2008/04/18 14:03:54 drochner Exp $
 #
 
 .include "../../print/poppler/Makefile.common"
 
+PKGREVISION=   1
+
 COMMENT=               PDF rendering library
 
 USE_TOOLS+=            gmake
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/distinfo
--- a/print/poppler/distinfo    Fri Apr 18 14:01:22 2008 +0000
+++ b/print/poppler/distinfo    Fri Apr 18 14:03:54 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.23 2008/04/15 19:57:00 drochner Exp $
+$NetBSD: distinfo,v 1.24 2008/04/18 14:03:54 drochner Exp $
 
 SHA1 (poppler-0.8.0.tar.gz) = 4f1ac5daca63b1a119d3e7446b296b0990246cf4
 RMD160 (poppler-0.8.0.tar.gz) = 390b870fca46f6651a0d41c5fc0994661daa3b55
@@ -8,3 +8,6 @@
 SHA1 (patch-ag) = d1581a1ca40bba34146a4a6f4ee7d38b8f6ff3b7
 SHA1 (patch-ah) = b1a1d0eec0906ea1182ea059ae41422494984c7c
 SHA1 (patch-ai) = b93a6bf6fb67f601f45d2f11417ac0702e5ea37e
+SHA1 (patch-aj) = 23dce02ff51c75174bfb426b22407cbac8093a31
+SHA1 (patch-ak) = 938c0dd4403782b2fdfd6224fb66511f045dd461
+SHA1 (patch-al) = 25841a15f4adc34cbcbb117c47af77f4c6d6d5d5
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/patches/patch-aj
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-aj    Fri Apr 18 14:03:54 2008 +0000
@@ -0,0 +1,136 @@
+$NetBSD: patch-aj,v 1.1 2008/04/18 14:03:54 drochner Exp $
+
+--- poppler/Object.h.orig      2007-12-20 19:40:06.000000000 +0100
++++ poppler/Object.h
+@@ -66,17 +66,18 @@ enum ObjType {
+ //------------------------------------------------------------------------
+ 
+ #ifdef DEBUG_MEM
+-#define initObj(t) ++numAlloc[type = t]
++#define initObj(t) zeroUnion(); ++numAlloc[type = t]
+ #else
+-#define initObj(t) type = t
++#define initObj(t) zeroUnion(); type = t
+ #endif
+ 
+ class Object {
+ public:
+-
++  // attempt to clear the anonymous union
++  void zeroUnion() { this->name = NULL; }
+   // Default constructor.
+   Object():
+-    type(objNone) {}
++    type(objNone) { zeroUnion(); }
+ 
+   // Initialize an object.
+   Object *initBool(GBool boolnA)
+@@ -223,16 +224,16 @@ private:
+ #include "Array.h"
+ 
+ inline int Object::arrayGetLength()
+-  { return array->getLength(); }
++  { if (type != objArray) return 0; return array->getLength(); }
+ 
+ inline void Object::arrayAdd(Object *elem)
+-  { array->add(elem); }
++  { if (type == objArray) array->add(elem); }
+ 
+ inline Object *Object::arrayGet(int i, Object *obj)
+-  { return array->get(i, obj); }
++  { if (type != objArray) return obj->initNull(); return array->get(i, obj); }
+ 
+ inline Object *Object::arrayGetNF(int i, Object *obj)
+-  { return array->getNF(i, obj); }
++  { if (type != objArray) return obj->initNull(); return array->getNF(i, obj); }
+ 
+ //------------------------------------------------------------------------
+ // Dict accessors.
+@@ -241,34 +242,34 @@ inline Object *Object::arrayGetNF(int i,
+ #include "Dict.h"
+ 
+ inline int Object::dictGetLength()
+-  { return dict->getLength(); }
++  { if (type != objDict) return 0; return dict->getLength(); }
+ 
+ inline void Object::dictAdd(char *key, Object *val)
+-  { dict->add(key, val); }
++  { if (type == objDict) dict->add(key, val); }
+ 
+ inline void Object::dictSet(char *key, Object *val)
+-      { dict->set(key, val); }
++      { if (type == objDict) dict->set(key, val); }
+ 
+ inline GBool Object::dictIs(char *dictType)
+-  { return dict->is(dictType); }
++  { return (type == objDict) && dict->is(dictType); }
+ 
+ inline GBool Object::isDict(char *dictType)
+   { return type == objDict && dictIs(dictType); }
+ 
+ inline Object *Object::dictLookup(char *key, Object *obj)
+-  { return dict->lookup(key, obj); }
++  { if (type != objDict) return obj->initNull(); return dict->lookup(key, obj); }
+ 
+ inline Object *Object::dictLookupNF(char *key, Object *obj)
+-  { return dict->lookupNF(key, obj); }
++  { if (type != objDict) return obj->initNull(); return dict->lookupNF(key, obj); }
+ 
+ inline char *Object::dictGetKey(int i)
+-  { return dict->getKey(i); }
++  { if (type != objDict) return NULL; return dict->getKey(i); }
+ 
+ inline Object *Object::dictGetVal(int i, Object *obj)
+-  { return dict->getVal(i, obj); }
++  { if (type != objDict) return obj->initNull(); return dict->getVal(i, obj); }
+ 
+ inline Object *Object::dictGetValNF(int i, Object *obj)
+-  { return dict->getValNF(i, obj); }
++  { if (type != objDict) return obj->initNull(); return dict->getValNF(i, obj); }
+ 
+ //------------------------------------------------------------------------
+ // Stream accessors.
+@@ -277,33 +278,33 @@ inline Object *Object::dictGetValNF(int 
+ #include "Stream.h"
+ 
+ inline GBool Object::streamIs(char *dictType)
+-  { return stream->getDict()->is(dictType); }
++  { return (type == objStream) && stream->getDict()->is(dictType); }
+ 
+ inline GBool Object::isStream(char *dictType)
+-  { return type == objStream && streamIs(dictType); }
++  { return (type == objStream) && streamIs(dictType); }
+ 
+ inline void Object::streamReset()
+-  { stream->reset(); }
++  { if (type == objStream) stream->reset(); }
+ 
+ inline void Object::streamClose()
+-  { stream->close(); }
++  { if (type == objStream) stream->close(); }
+ 
+ inline int Object::streamGetChar()
+-  { return stream->getChar(); }
++  { if (type != objStream) return EOF; return stream->getChar(); }
+ 
+ inline int Object::streamLookChar()
+-  { return stream->lookChar(); }
++  { if (type != objStream) return EOF; return stream->lookChar(); }
+ 
+ inline char *Object::streamGetLine(char *buf, int size)
+-  { return stream->getLine(buf, size); }
++  { if (type != objStream) return NULL; return stream->getLine(buf, size); }
+ 
+ inline Guint Object::streamGetPos()
+-  { return stream->getPos(); }
++  { if (type != objStream) return 0; return stream->getPos(); }
+ 
+ inline void Object::streamSetPos(Guint pos, int dir)
+-  { stream->setPos(pos, dir); }
++  { if (type == objStream) stream->setPos(pos, dir); }
+ 
+ inline Dict *Object::streamGetDict()
+-  { return stream->getDict(); }
++  { if (type != objStream) return NULL; return stream->getDict(); }
+ 
+ #endif
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/patches/patch-ak
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-ak    Fri Apr 18 14:03:54 2008 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-ak,v 1.1 2008/04/18 14:03:54 drochner Exp $
+
+--- poppler/GfxState.cc.orig   2008-02-09 12:46:17.000000000 +0100
++++ poppler/GfxState.cc
+@@ -3349,6 +3349,12 @@ GfxImageColorMap::GfxImageColorMap(int b
+   maxPixel = (1 << bits) - 1;
+   colorSpace = colorSpaceA;
+ 
++  // this is a hack to support 16 bits images, everywhere
++  // we assume a component fits in 8 bits, with this hack
++  // we treat 16 bit images as 8 bit ones until it's fixed correctly.
++  // The hack has another part on ImageStream::getLine
++  if (maxPixel > 255) maxPixel = 255;
++
+   // initialize
+   for (k = 0; k < gfxColorMaxComps; ++k) {
+     lookup[k] = NULL;
diff -r a0434e13b68a -r f3caf78a0172 print/poppler/patches/patch-al
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/print/poppler/patches/patch-al    Fri Apr 18 14:03:54 2008 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-al,v 1.1 2008/04/18 14:03:54 drochner Exp $
+
+--- poppler/Stream.cc.orig     2008-03-22 14:57:24.000000000 +0100
++++ poppler/Stream.cc
+@@ -428,6 +428,15 @@ Guchar *ImageStream::getLine() {
+     for (i = 0; i < nVals; ++i) {
+       imgLine[i] = str->getChar();
+     }
++  } else if (nBits == 16) {
++    // this is a hack to support 16 bits images, everywhere
++    // we assume a component fits in 8 bits, with this hack
++    // we treat 16 bit images as 8 bit ones until it's fixed correctly.
++    // The hack has another part on GfxImageColorMap::GfxImageColorMap
++    for (i = 0; i < nVals; ++i) {
++      imgLine[i] = str->getChar();
++      str->getChar();
++    }
+   } else {
+     bitMask = (1 << nBits) - 1;
+     buf = 0;
Prev by Date: [pkgsrc/trunk]: pkgsrc/mail/qcheck Update MASTER_SITES.
Next by Date: [pkgsrc/trunk]: pkgsrc/pkgtools/pkg_install/files/lib Nuke unused macros.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/mail/qcheck Update MASTER_SITES.
Next by Thread: [pkgsrc/trunk]: pkgsrc/pkgtools/pkg_install/files/lib Nuke unused macros.
Indexes:
Home | Main Index | Thread Index | Old Index