Pullup ticket #4330 - requested by drochner

print/mupdf: security patch Revisions pulled up: - print/mupdf/Makefile 1.21 via patch - print/mupdf/distinfo 1.11 via patch - print/mupdf/patches/patch-ba 1.1 via patch - print/mupdf/patches/patch-bb 1.1 via patch - print/mupdf/patches/patch-bc 1.1 via patch - print/mupdf/patches/patch-bd 1.1 via patch --- Module Name: pkgsrc Committed By: drochner Date: Fri Feb 14 17:49:41 UTC 2014 Modified Files: pkgsrc/print/mupdf: Makefile distinfo Added Files: pkgsrc/print/mupdf/patches: patch-ba patch-bb patch-bc patch-bd Log Message: add patch from upstream to fix buffer overflow in xps_parse_color() bump PKGREV
author: tron <tron> 2014-02-20 12:23:28 +0000
committer: tron <tron> 2014-02-20 12:23:28 +0000
commit: 6e68f91e23cf1f6780bc5ff503599be5ddbef4d7 (patch)
tree: 3b39d164afee214d9a143938eaf6ef3742d5221d
parent: 009f5e642e7fcb03f66d0f11b8dc72a72db29519 (diff)
download: pkgsrc-6e68f91e23cf1f6780bc5ff503599be5ddbef4d7.tar.gz
6 files changed, 73 insertions, 3 deletions
diff --git a/print/mupdf/Makefile b/print/mupdf/Makefile
index a623a58dc1f..941f926aa30 100644
--- a/print/mupdf/Makefile
+++ b/print/mupdf/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.18 2013/06/04 22:16:59 tron Exp $
+# $NetBSD: Makefile,v 1.18.6.1 2014/02/20 12:23:28 tron Exp $
 
 DISTNAME=	mupdf-1.1-source
 PKGNAME=	${DISTNAME:S/-source//}
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	print
 MASTER_SITES=	http://ccxvii.net/mupdf/download/ \
 		http://ccxvii.net/mupdf/download/archive/
diff --git a/print/mupdf/distinfo b/print/mupdf/distinfo
index 6dfaf5b891d..1131c0a981c 100644
--- a/print/mupdf/distinfo
+++ b/print/mupdf/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.9 2012/12/08 23:09:39 adam Exp $
+$NetBSD: distinfo,v 1.9.10.1 2014/02/20 12:23:28 tron Exp $
 
 SHA1 (mupdf-1.1-source.tar.gz) = e2c2cd555d790ed97bd6507accf29817945dfe81
 RMD160 (mupdf-1.1-source.tar.gz) = 7ebdbd3a1cc64a4de1de920d7b149a3682ba1431
@@ -6,4 +6,8 @@ Size (mupdf-1.1-source.tar.gz) = 4281735 bytes
 SHA1 (patch-ab) = fa8d1acb5ff8cf3562e0f27f0b2a0d27408d2542
 SHA1 (patch-ac) = dbda8ee49ac4cfe43b09329d25a7d7e6b45ef164
 SHA1 (patch-ae) = 792df3bea1f8c13230bfdce5495eaaf99c62cc12
+SHA1 (patch-ba) = 3f32975b0bbe280ae307778f4f6b52ec396dcdc3
+SHA1 (patch-bb) = fb2127cdd73c9652e76a0dfe9486f3eccfbf35ec
+SHA1 (patch-bc) = bdf7f9a686336867136c6868a6d2579762baaf6a
+SHA1 (patch-bd) = 1ceb59e7f6de3b44dffa8443fcfde92820c17f9a
 SHA1 (patch-fitz_image_jpx.c) = 6ca57a09c527b11f1b1bcf5364a5a2dfbe39f79d
diff --git a/print/mupdf/patches/patch-ba b/print/mupdf/patches/patch-ba
new file mode 100644
index 00000000000..d71e027f081
--- /dev/null
+++ b/print/mupdf/patches/patch-ba
@@ -0,0 +1,27 @@
+$NetBSD: patch-ba,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+http://bugs.ghostscript.com/show_bug.cgi?id=694957
+
+--- xps/xps_common.c.orig	2012-08-16 13:55:20.000000000 +0000
++++ xps/xps_common.c
+@@ -89,7 +89,7 @@ xps_begin_opacity(xps_document *doc, fz_
+ 		if (scb_color_att)
+ 		{
+ 			fz_colorspace *colorspace;
+-			float samples[32];
++			float samples[FZ_MAX_COLORS];
+ 			xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples);
+ 			opacity = opacity * samples[0];
+ 		}
+@@ -273,6 +273,11 @@ xps_parse_color(xps_document *doc, char 
+ 
+ 		*p++ = 0;
+ 		n = count_commas(p) + 1;
++		if (n > FZ_MAX_COLORS)
++		{
++			fz_warn(doc->ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS);
++			n = FZ_MAX_COLORS;
++		}
+ 		i = 0;
+ 		while (i < n)
+ 		{
diff --git a/print/mupdf/patches/patch-bb b/print/mupdf/patches/patch-bb
new file mode 100644
index 00000000000..f33dd3270b6
--- /dev/null
+++ b/print/mupdf/patches/patch-bb
@@ -0,0 +1,13 @@
+$NetBSD: patch-bb,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+--- xps/xps_glyphs.c.orig	2013-08-14 12:41:20.000000000 +0000
++++ xps/xps_glyphs.c
+@@ -591,7 +591,7 @@ xps_parse_glyphs(xps_document *doc, cons
+ 
+ 	if (fill_att)
+ 	{
+-		float samples[32];
++		float samples[FZ_MAX_COLORS];
+ 		fz_colorspace *colorspace;
+ 
+ 		xps_parse_color(doc, base_uri, fill_att, &colorspace, samples);
diff --git a/print/mupdf/patches/patch-bc b/print/mupdf/patches/patch-bc
new file mode 100644
index 00000000000..57840160351
--- /dev/null
+++ b/print/mupdf/patches/patch-bc
@@ -0,0 +1,13 @@
+$NetBSD: patch-bc,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+--- xps/xps_gradient.c.orig	2013-08-14 12:41:20.000000000 +0000
++++ xps/xps_gradient.c
+@@ -38,7 +38,7 @@ xps_parse_gradient_stops(xps_document *d
+ 	struct stop *stops, int maxcount)
+ {
+ 	fz_colorspace *colorspace;
+-	float sample[8];
++	float sample[FZ_MAX_COLORS];
+ 	float rgb[3];
+ 	int before, after;
+ 	int count;
diff --git a/print/mupdf/patches/patch-bd b/print/mupdf/patches/patch-bd
new file mode 100644
index 00000000000..4f446afa68a
--- /dev/null
+++ b/print/mupdf/patches/patch-bd
@@ -0,0 +1,13 @@
+$NetBSD: patch-bd,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $
+
+--- xps/xps_path.c.orig	2012-08-16 13:55:20.000000000 +0000
++++ xps/xps_path.c
+@@ -825,7 +825,7 @@ xps_parse_path(xps_document *doc, fz_mat
+ 
+ 	fz_stroke_state *stroke = NULL;
+ 	fz_matrix transform;
+-	float samples[32];
++	float samples[FZ_MAX_COLORS];
+ 	fz_colorspace *colorspace;
+ 	fz_path *path;
+ 	fz_path *stroke_path = NULL;
author	tron <tron>	2014-02-20 12:23:28 +0000
committer	tron <tron>	2014-02-20 12:23:28 +0000
commit	6e68f91e23cf1f6780bc5ff503599be5ddbef4d7 (patch)
tree	3b39d164afee214d9a143938eaf6ef3742d5221d
parent	009f5e642e7fcb03f66d0f11b8dc72a72db29519 (diff)
download	pkgsrc-6e68f91e23cf1f6780bc5ff503599be5ddbef4d7.tar.gz