pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/print/mupdf mupdf: Fix possible segfaults when calling...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/2696d6a25e38
branches:  trunk
changeset: 370575:2696d6a25e38
user:      leot <leot%pkgsrc.org@localhost>
date:      Thu Oct 19 20:32:07 2017 +0000

description:
mupdf: Fix possible segfaults when calling opj_free()

With graphics/openjpeg (at least 2.2.0 and 2.3.0) mupdf can crashes when
calling opj_free().
Adapt a patch from OpenBSD ports
textproc/mupdf/patch-source_fitz_load-jpx_c,v 1.5 that fixes this issue.

Bump PKGREVISION

diffstat:

 print/mupdf/Makefile                             |   4 +-
 print/mupdf/distinfo                             |   4 +-
 print/mupdf/patches/patch-source_fitz_load-jpx.c |  55 ++++++++++++++++++++++-
 3 files changed, 55 insertions(+), 8 deletions(-)

diffs (99 lines):

diff -r 8609fc67cd81 -r 2696d6a25e38 print/mupdf/Makefile
--- a/print/mupdf/Makefile      Thu Oct 19 15:59:22 2017 +0000
+++ b/print/mupdf/Makefile      Thu Oct 19 20:32:07 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.52 2017/09/03 08:53:13 wiz Exp $
+# $NetBSD: Makefile,v 1.53 2017/10/19 20:32:07 leot Exp $
 
 DISTNAME=      mupdf-1.11-source
 PKGNAME=       ${DISTNAME:S/-source//}
-PKGREVISION=   3
+PKGREVISION=   4
 CATEGORIES=    print
 MASTER_SITES=  https://mupdf.com/downloads/archive/
 
diff -r 8609fc67cd81 -r 2696d6a25e38 print/mupdf/distinfo
--- a/print/mupdf/distinfo      Thu Oct 19 15:59:22 2017 +0000
+++ b/print/mupdf/distinfo      Thu Oct 19 20:32:07 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.36 2017/07/16 08:29:53 leot Exp $
+$NetBSD: distinfo,v 1.37 2017/10/19 20:32:07 leot Exp $
 
 SHA1 (mupdf-1.11-source.tar.gz) = f782d36aaa896319207e81953e5a622201477b5b
 RMD160 (mupdf-1.11-source.tar.gz) = 573307473a1ac81aca4519b0e57a7111aae7803f
@@ -9,5 +9,5 @@
 SHA1 (patch-ac) = c2decf6eae4c6343636439c7d7f6621826fc4e3c
 SHA1 (patch-ae) = c6b113818b32cb4470e8549c00a16e0b2f364ede
 SHA1 (patch-scripts_hexdump.c) = 65a029086f429a1f8568066a712c1d8e0106c867
-SHA1 (patch-source_fitz_load-jpx.c) = 773ec1ef6b1632a10ff7c8ff76081e89bdcad593
+SHA1 (patch-source_fitz_load-jpx.c) = 57f22296a519d9e0ab9247fd5e742e2390a63fd5
 SHA1 (patch-thirdparty_mujs_Makefile) = cd6a20d56020ae5028f95e24e75f5e4a62127f9f
diff -r 8609fc67cd81 -r 2696d6a25e38 print/mupdf/patches/patch-source_fitz_load-jpx.c
--- a/print/mupdf/patches/patch-source_fitz_load-jpx.c  Thu Oct 19 15:59:22 2017 +0000
+++ b/print/mupdf/patches/patch-source_fitz_load-jpx.c  Thu Oct 19 20:32:07 2017 +0000
@@ -1,10 +1,23 @@
-$NetBSD: patch-source_fitz_load-jpx.c,v 1.5 2017/04/12 13:03:08 leot Exp $
+$NetBSD: patch-source_fitz_load-jpx.c,v 1.6 2017/10/19 20:32:07 leot Exp $
+
+- Restrict OPJ_STATIC to Windows (avoid linking errors due to hidden symbols)
 
-Restrict OPJ_STATIC to Windows (avoid linking errors due to hidden symbols)
+- MuPDF does some locking around its allocation calls; it overrides openjpeg's
+  allocators to do this locking too. However mupdf tries to manually align things
+  in a way that doesn't match what openjpeg does, which we noticed when frees
+  were segfaulting because the addresses didn't match up.
 
---- source/fitz/load-jpx.c.orig        2017-03-31 14:23:45.000000000 +0000
+  In the case of the openjpeg port it's relying on malloc(3)'s guarantee
+  "The allocated space is suitably aligned (after possible pointer coercion)
+  for storage of any type of object" so patch mupdf to do the same.
+
+  Fixes crash noticed by jca@ in https://www.broadband-forum.org/technical/download/TR-177.pdf
+
+  From OpenBSD ports textproc/mupdf/patch-source_fitz_load-jpx_c,v 1.5.
+
+--- source/fitz/load-jpx.c.orig        2017-04-05 11:02:21.000000000 +0000
 +++ source/fitz/load-jpx.c
-@@ -443,7 +443,9 @@ fz_load_jpx_info(fz_context *ctx, unsign
+@@ -444,7 +444,9 @@ fz_load_jpx_info(fz_context *ctx, unsign
  
  #else /* HAVE_LURATECH */
  
@@ -14,3 +27,37 @@
  #define OPJ_HAVE_INTTYPES_H
  #if !defined(_WIN32) && !defined(_WIN64)
  #define OPJ_HAVE_STDINT_H
+@@ -554,30 +556,14 @@ void opj_free(void *ptr)
+ 
+ void * opj_aligned_malloc(size_t size)
+ {
+-      uint8_t *ptr;
+-      int off;
+-
+-      if (size == 0)
+-              return NULL;
+ 
+-      size += 16 + sizeof(uint8_t);
+-      ptr = opj_malloc(size);
+-      if (ptr == NULL)
+-              return NULL;
+-      off = 16-(((int)(intptr_t)ptr) & 15);
+-      ptr[off-1] = off;
+-      return ptr + off;
++      return opj_malloc(size);
+ }
+ 
+ void opj_aligned_free(void* ptr_)
+ {
+-      uint8_t *ptr = (uint8_t *)ptr_;
+-      uint8_t off;
+-      if (ptr == NULL)
+-              return;
+-
+-      off = ptr[-1];
+-      opj_free((void *)(((unsigned char *)ptr) - off));
++      
++      opj_free(ptr_);
+ }
+ 
+ #if 0



Home | Main Index | Thread Index | Old Index