pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/print/mupdf mupdf: Fix possible segfaults when calling...
details: https://anonhg.NetBSD.org/pkgsrc/rev/2696d6a25e38
branches: trunk
changeset: 370575:2696d6a25e38
user: leot <leot%pkgsrc.org@localhost>
date: Thu Oct 19 20:32:07 2017 +0000
description:
mupdf: Fix possible segfaults when calling opj_free()
With graphics/openjpeg (at least 2.2.0 and 2.3.0) mupdf can crashes when
calling opj_free().
Adapt a patch from OpenBSD ports
textproc/mupdf/patch-source_fitz_load-jpx_c,v 1.5 that fixes this issue.
Bump PKGREVISION
diffstat:
print/mupdf/Makefile | 4 +-
print/mupdf/distinfo | 4 +-
print/mupdf/patches/patch-source_fitz_load-jpx.c | 55 ++++++++++++++++++++++-
3 files changed, 55 insertions(+), 8 deletions(-)
diffs (99 lines):
diff -r 8609fc67cd81 -r 2696d6a25e38 print/mupdf/Makefile
--- a/print/mupdf/Makefile Thu Oct 19 15:59:22 2017 +0000
+++ b/print/mupdf/Makefile Thu Oct 19 20:32:07 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.52 2017/09/03 08:53:13 wiz Exp $
+# $NetBSD: Makefile,v 1.53 2017/10/19 20:32:07 leot Exp $
DISTNAME= mupdf-1.11-source
PKGNAME= ${DISTNAME:S/-source//}
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= print
MASTER_SITES= https://mupdf.com/downloads/archive/
diff -r 8609fc67cd81 -r 2696d6a25e38 print/mupdf/distinfo
--- a/print/mupdf/distinfo Thu Oct 19 15:59:22 2017 +0000
+++ b/print/mupdf/distinfo Thu Oct 19 20:32:07 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.36 2017/07/16 08:29:53 leot Exp $
+$NetBSD: distinfo,v 1.37 2017/10/19 20:32:07 leot Exp $
SHA1 (mupdf-1.11-source.tar.gz) = f782d36aaa896319207e81953e5a622201477b5b
RMD160 (mupdf-1.11-source.tar.gz) = 573307473a1ac81aca4519b0e57a7111aae7803f
@@ -9,5 +9,5 @@
SHA1 (patch-ac) = c2decf6eae4c6343636439c7d7f6621826fc4e3c
SHA1 (patch-ae) = c6b113818b32cb4470e8549c00a16e0b2f364ede
SHA1 (patch-scripts_hexdump.c) = 65a029086f429a1f8568066a712c1d8e0106c867
-SHA1 (patch-source_fitz_load-jpx.c) = 773ec1ef6b1632a10ff7c8ff76081e89bdcad593
+SHA1 (patch-source_fitz_load-jpx.c) = 57f22296a519d9e0ab9247fd5e742e2390a63fd5
SHA1 (patch-thirdparty_mujs_Makefile) = cd6a20d56020ae5028f95e24e75f5e4a62127f9f
diff -r 8609fc67cd81 -r 2696d6a25e38 print/mupdf/patches/patch-source_fitz_load-jpx.c
--- a/print/mupdf/patches/patch-source_fitz_load-jpx.c Thu Oct 19 15:59:22 2017 +0000
+++ b/print/mupdf/patches/patch-source_fitz_load-jpx.c Thu Oct 19 20:32:07 2017 +0000
@@ -1,10 +1,23 @@
-$NetBSD: patch-source_fitz_load-jpx.c,v 1.5 2017/04/12 13:03:08 leot Exp $
+$NetBSD: patch-source_fitz_load-jpx.c,v 1.6 2017/10/19 20:32:07 leot Exp $
+
+- Restrict OPJ_STATIC to Windows (avoid linking errors due to hidden symbols)
-Restrict OPJ_STATIC to Windows (avoid linking errors due to hidden symbols)
+- MuPDF does some locking around its allocation calls; it overrides openjpeg's
+ allocators to do this locking too. However mupdf tries to manually align things
+ in a way that doesn't match what openjpeg does, which we noticed when frees
+ were segfaulting because the addresses didn't match up.
---- source/fitz/load-jpx.c.orig 2017-03-31 14:23:45.000000000 +0000
+ In the case of the openjpeg port it's relying on malloc(3)'s guarantee
+ "The allocated space is suitably aligned (after possible pointer coercion)
+ for storage of any type of object" so patch mupdf to do the same.
+
+ Fixes crash noticed by jca@ in https://www.broadband-forum.org/technical/download/TR-177.pdf
+
+ From OpenBSD ports textproc/mupdf/patch-source_fitz_load-jpx_c,v 1.5.
+
+--- source/fitz/load-jpx.c.orig 2017-04-05 11:02:21.000000000 +0000
+++ source/fitz/load-jpx.c
-@@ -443,7 +443,9 @@ fz_load_jpx_info(fz_context *ctx, unsign
+@@ -444,7 +444,9 @@ fz_load_jpx_info(fz_context *ctx, unsign
#else /* HAVE_LURATECH */
@@ -14,3 +27,37 @@
#define OPJ_HAVE_INTTYPES_H
#if !defined(_WIN32) && !defined(_WIN64)
#define OPJ_HAVE_STDINT_H
+@@ -554,30 +556,14 @@ void opj_free(void *ptr)
+
+ void * opj_aligned_malloc(size_t size)
+ {
+- uint8_t *ptr;
+- int off;
+-
+- if (size == 0)
+- return NULL;
+
+- size += 16 + sizeof(uint8_t);
+- ptr = opj_malloc(size);
+- if (ptr == NULL)
+- return NULL;
+- off = 16-(((int)(intptr_t)ptr) & 15);
+- ptr[off-1] = off;
+- return ptr + off;
++ return opj_malloc(size);
+ }
+
+ void opj_aligned_free(void* ptr_)
+ {
+- uint8_t *ptr = (uint8_t *)ptr_;
+- uint8_t off;
+- if (ptr == NULL)
+- return;
+-
+- off = ptr[-1];
+- opj_free((void *)(((unsigned char *)ptr) - off));
++
++ opj_free(ptr_);
+ }
+
+ #if 0
Home |
Main Index |
Thread Index |
Old Index