summaryrefslogtreecommitdiff
path: root/misc/koffice
diff options
context:
space:
mode:
authormarkd <markd@pkgsrc.org>2004-12-30 21:49:14 +0000
committermarkd <markd@pkgsrc.org>2004-12-30 21:49:14 +0000
commitc3348ee423c398b00799da4c8851bfdb49b838f5 (patch)
treef9c11b80fed865ed44e3f8b248302d158a94c87b /misc/koffice
parent7d9a3a257f9edc90f6ee04490b68b5bbf9d8cb57 (diff)
downloadpkgsrc-c3348ee423c398b00799da4c8851bfdb49b838f5.tar.gz
Add patches to address the latest xpdf security issue in the PDF import
filter. Bump PKGREVISION.
Diffstat (limited to 'misc/koffice')
-rw-r--r--misc/koffice/Makefile4
-rw-r--r--misc/koffice/distinfo4
-rw-r--r--misc/koffice/patches/patch-ac15
-rw-r--r--misc/koffice/patches/patch-ad28
4 files changed, 48 insertions, 3 deletions
diff --git a/misc/koffice/Makefile b/misc/koffice/Makefile
index e787bccab90..3c899495190 100644
--- a/misc/koffice/Makefile
+++ b/misc/koffice/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.50 2004/12/28 23:18:21 reed Exp $
+# $NetBSD: Makefile,v 1.51 2004/12/30 21:49:14 markd Exp $
DISTNAME= koffice-1.3.5
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= misc kde
MASTER_SITES= ftp://ftp.kde.org/pub/kde/stable/koffice-1.3.5/src/ \
ftp://ftp.us.kde.org/pub/kde/stable/koffice-1.3.5/src/ \
diff --git a/misc/koffice/distinfo b/misc/koffice/distinfo
index f9aa17a355a..6ba9408e770 100644
--- a/misc/koffice/distinfo
+++ b/misc/koffice/distinfo
@@ -1,6 +1,8 @@
-$NetBSD: distinfo,v 1.18 2004/11/23 20:24:08 markd Exp $
+$NetBSD: distinfo,v 1.19 2004/12/30 21:49:14 markd Exp $
SHA1 (koffice-1.3.5.tar.bz2) = feccb391be8039514f23f0f9cde9b01e22625769
Size (koffice-1.3.5.tar.bz2) = 10778584 bytes
SHA1 (patch-aa) = 64f32eaaa0f6e29f6ec3c9b92ecf4599cd11f178
SHA1 (patch-ab) = 6f253484f6c09877cca6b1d1d7610725c895e13a
+SHA1 (patch-ac) = bd83be082e58c09630d97e26f21eacbc0ae028f9
+SHA1 (patch-ad) = 83f18c3d073027df62614f7e60035c13100682cf
diff --git a/misc/koffice/patches/patch-ac b/misc/koffice/patches/patch-ac
new file mode 100644
index 00000000000..ba5dfddf964
--- /dev/null
+++ b/misc/koffice/patches/patch-ac
@@ -0,0 +1,15 @@
+$NetBSD: patch-ac,v 1.8 2004/12/30 21:49:14 markd Exp $
+
+--- filters/kword/pdf/xpdf/xpdf/Gfx.cc.orig 2003-01-26 12:17:44.000000000 +1300
++++ filters/kword/pdf/xpdf/xpdf/Gfx.cc
+@@ -2379,7 +2379,9 @@ void Gfx::doImage(Object *ref, Stream *s
+ haveMask = gFalse;
+ dict->lookup("Mask", &maskObj);
+ if (maskObj.isArray()) {
+- for (i = 0; i < maskObj.arrayGetLength(); ++i) {
++ for (i = 0;
++ i < maskObj.arrayGetLength() && i < 2*gfxColorMaxComps;
++ ++i) {
+ maskObj.arrayGet(i, &obj1);
+ maskColors[i] = obj1.getInt();
+ obj1.free();
diff --git a/misc/koffice/patches/patch-ad b/misc/koffice/patches/patch-ad
new file mode 100644
index 00000000000..a21c4fe539f
--- /dev/null
+++ b/misc/koffice/patches/patch-ad
@@ -0,0 +1,28 @@
+$NetBSD: patch-ad,v 1.9 2004/12/30 21:49:14 markd Exp $
+
+--- filters/kword/pdf/xpdf/xpdf/GfxState.cc.orig 2003-01-26 12:17:44.000000000 +1300
++++ filters/kword/pdf/xpdf/xpdf/GfxState.cc
+@@ -682,6 +682,11 @@ GfxColorSpace *GfxICCBasedColorSpace::pa
+ }
+ nCompsA = obj2.getInt();
+ obj2.free();
++ if (nCompsA > gfxColorMaxComps) {
++ error(-1, "ICCBased color space with too many (%d > %d) components",
++ nCompsA, gfxColorMaxComps);
++ nCompsA = gfxColorMaxComps;
++ }
+ if (dict->lookup("Alternate", &obj2)->isNull() ||
+ !(altA = GfxColorSpace::parse(&obj2))) {
+ switch (nCompsA) {
+@@ -1023,6 +1028,11 @@ GfxColorSpace *GfxDeviceNColorSpace::par
+ goto err2;
+ }
+ nCompsA = obj1.arrayGetLength();
++ if (nCompsA > gfxColorMaxComps) {
++ error(-1, "DeviceN color space with too many (%d > %d) components",
++ nCompsA, gfxColorMaxComps);
++ nCompsA = gfxColorMaxComps;
++ }
+ for (i = 0; i < nCompsA; ++i) {
+ if (!obj1.arrayGet(i, &obj2)->isName()) {
+ error(-1, "Bad DeviceN color space (names)");