summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortron <tron>2014-02-20 12:23:28 +0000
committertron <tron>2014-02-20 12:23:28 +0000
commit85d2c357f7c45f3e7aa1f98d87e6931700a5c2a6 (patch)
tree3b39d164afee214d9a143938eaf6ef3742d5221d
parent7e4492b1256a5fb09fb652cdb889018bb44850a8 (diff)
downloadpkgsrc-85d2c357f7c45f3e7aa1f98d87e6931700a5c2a6.tar.gz
Pullup ticket #4330 - requested by drochner
print/mupdf: security patch Revisions pulled up: - print/mupdf/Makefile 1.21 via patch - print/mupdf/distinfo 1.11 via patch - print/mupdf/patches/patch-ba 1.1 via patch - print/mupdf/patches/patch-bb 1.1 via patch - print/mupdf/patches/patch-bc 1.1 via patch - print/mupdf/patches/patch-bd 1.1 via patch --- Module Name: pkgsrc Committed By: drochner Date: Fri Feb 14 17:49:41 UTC 2014 Modified Files: pkgsrc/print/mupdf: Makefile distinfo Added Files: pkgsrc/print/mupdf/patches: patch-ba patch-bb patch-bc patch-bd Log Message: add patch from upstream to fix buffer overflow in xps_parse_color() bump PKGREV
-rw-r--r--print/mupdf/Makefile4
-rw-r--r--print/mupdf/distinfo6
-rw-r--r--print/mupdf/patches/patch-ba27
-rw-r--r--print/mupdf/patches/patch-bb13
-rw-r--r--print/mupdf/patches/patch-bc13
-rw-r--r--print/mupdf/patches/patch-bd13
6 files changed, 73 insertions, 3 deletions
diff --git a/print/mupdf/Makefile b/print/mupdf/Makefile
index a623a58dc1f..941f926aa30 100644
--- a/print/mupdf/Makefile
+++ b/print/mupdf/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.18 2013/06/04 22:16:59 tron Exp $
+# $NetBSD: Makefile,v 1.18.6.1 2014/02/20 12:23:28 tron Exp $
DISTNAME= mupdf-1.1-source
PKGNAME= ${DISTNAME:S/-source//}
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= print
MASTER_SITES= http://ccxvii.net/mupdf/download/ \
http://ccxvii.net/mupdf/download/archive/
diff --git a/print/mupdf/distinfo b/print/mupdf/distinfo
index 6dfaf5b891d..1131c0a981c 100644
--- a/print/mupdf/distinfo
+++ b/print/mupdf/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.9 2012/12/08 23:09:39 adam Exp $
+$NetBSD: distinfo,v 1.9.10.1 2014/02/20 12:23:28 tron Exp $
SHA1 (mupdf-1.1-source.tar.gz) = e2c2cd555d790ed97bd6507accf29817945dfe81
RMD160 (mupdf-1.1-source.tar.gz) = 7ebdbd3a1cc64a4de1de920d7b149a3682ba1431
@@ -6,4 +6,8 @@ Size (mupdf-1.1-source.tar.gz) = 4281735 bytes
SHA1 (patch-ab) = fa8d1acb5ff8cf3562e0f27f0b2a0d27408d2542
SHA1 (patch-ac) = dbda8ee49ac4cfe43b09329d25a7d7e6b45ef164
SHA1 (patch-ae) = 792df3bea1f8c13230bfdce5495eaaf99c62cc12
+SHA1 (patch-ba) = 3f32975b0bbe280ae307778f4f6b52ec396dcdc3
+SHA1 (patch-bb) = fb2127cdd73c9652e76a0dfe9486f3eccfbf35ec
+SHA1 (patch-bc) = bdf7f9a686336867136c6868a6d2579762baaf6a
+SHA1 (patch-bd) = 1ceb59e7f6de3b44dffa8443fcfde92820c17f9a
SHA1 (patch-fitz_image_jpx.c) = 6ca57a09c527b11f1b1bcf5364a5a2dfbe39f79d
diff --git a/print/mupdf/patches/patch-ba b/print/mupdf/patches/patch-ba
new file mode 100644
index 00000000000..d71e027f081
--- /dev/null
+++ b/print/mupdf/patches/patch-ba
@@ -0,0 +1,27 @@
+$NetBSD: patch-ba,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+http://bugs.ghostscript.com/show_bug.cgi?id=694957
+
+--- xps/xps_common.c.orig 2012-08-16 13:55:20.000000000 +0000
++++ xps/xps_common.c
+@@ -89,7 +89,7 @@ xps_begin_opacity(xps_document *doc, fz_
+ if (scb_color_att)
+ {
+ fz_colorspace *colorspace;
+- float samples[32];
++ float samples[FZ_MAX_COLORS];
+ xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples);
+ opacity = opacity * samples[0];
+ }
+@@ -273,6 +273,11 @@ xps_parse_color(xps_document *doc, char
+
+ *p++ = 0;
+ n = count_commas(p) + 1;
++ if (n > FZ_MAX_COLORS)
++ {
++ fz_warn(doc->ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS);
++ n = FZ_MAX_COLORS;
++ }
+ i = 0;
+ while (i < n)
+ {
diff --git a/print/mupdf/patches/patch-bb b/print/mupdf/patches/patch-bb
new file mode 100644
index 00000000000..f33dd3270b6
--- /dev/null
+++ b/print/mupdf/patches/patch-bb
@@ -0,0 +1,13 @@
+$NetBSD: patch-bb,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+--- xps/xps_glyphs.c.orig 2013-08-14 12:41:20.000000000 +0000
++++ xps/xps_glyphs.c
+@@ -591,7 +591,7 @@ xps_parse_glyphs(xps_document *doc, cons
+
+ if (fill_att)
+ {
+- float samples[32];
++ float samples[FZ_MAX_COLORS];
+ fz_colorspace *colorspace;
+
+ xps_parse_color(doc, base_uri, fill_att, &colorspace, samples);
diff --git a/print/mupdf/patches/patch-bc b/print/mupdf/patches/patch-bc
new file mode 100644
index 00000000000..57840160351
--- /dev/null
+++ b/print/mupdf/patches/patch-bc
@@ -0,0 +1,13 @@
+$NetBSD: patch-bc,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+--- xps/xps_gradient.c.orig 2013-08-14 12:41:20.000000000 +0000
++++ xps/xps_gradient.c
+@@ -38,7 +38,7 @@ xps_parse_gradient_stops(xps_document *d
+ struct stop *stops, int maxcount)
+ {
+ fz_colorspace *colorspace;
+- float sample[8];
++ float sample[FZ_MAX_COLORS];
+ float rgb[3];
+ int before, after;
+ int count;
diff --git a/print/mupdf/patches/patch-bd b/print/mupdf/patches/patch-bd
new file mode 100644
index 00000000000..4f446afa68a
--- /dev/null
+++ b/print/mupdf/patches/patch-bd
@@ -0,0 +1,13 @@
+$NetBSD: patch-bd,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+--- xps/xps_path.c.orig 2012-08-16 13:55:20.000000000 +0000
++++ xps/xps_path.c
+@@ -825,7 +825,7 @@ xps_parse_path(xps_document *doc, fz_mat
+
+ fz_stroke_state *stroke = NULL;
+ fz_matrix transform;
+- float samples[32];
++ float samples[FZ_MAX_COLORS];
+ fz_colorspace *colorspace;
+ fz_path *path;
+ fz_path *stroke_path = NULL;