Add patches to address the latest xpdf security issue in the PDF import

filter. Bump PKGREVISION.
author: markd <markd@pkgsrc.org> 2004-12-30 21:49:14 +0000
committer: markd <markd@pkgsrc.org> 2004-12-30 21:49:14 +0000
commit: c3348ee423c398b00799da4c8851bfdb49b838f5 (patch)
tree: f9c11b80fed865ed44e3f8b248302d158a94c87b /misc
parent: 7d9a3a257f9edc90f6ee04490b68b5bbf9d8cb57 (diff)
download: pkgsrc-c3348ee423c398b00799da4c8851bfdb49b838f5.tar.gz
4 files changed, 48 insertions, 3 deletions
diff --git a/misc/koffice/Makefile b/misc/koffice/Makefile
index e787bccab90..3c899495190 100644
--- a/misc/koffice/Makefile
+++ b/misc/koffice/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.50 2004/12/28 23:18:21 reed Exp $
+# $NetBSD: Makefile,v 1.51 2004/12/30 21:49:14 markd Exp $
 
 DISTNAME=	koffice-1.3.5
-PKGREVISION=	2
+PKGREVISION=	3
 CATEGORIES=	misc kde
 MASTER_SITES=	ftp://ftp.kde.org/pub/kde/stable/koffice-1.3.5/src/ \
 		ftp://ftp.us.kde.org/pub/kde/stable/koffice-1.3.5/src/ \
diff --git a/misc/koffice/distinfo b/misc/koffice/distinfo
index f9aa17a355a..6ba9408e770 100644
--- a/misc/koffice/distinfo
+++ b/misc/koffice/distinfo
@@ -1,6 +1,8 @@
-$NetBSD: distinfo,v 1.18 2004/11/23 20:24:08 markd Exp $
+$NetBSD: distinfo,v 1.19 2004/12/30 21:49:14 markd Exp $
 
 SHA1 (koffice-1.3.5.tar.bz2) = feccb391be8039514f23f0f9cde9b01e22625769
 Size (koffice-1.3.5.tar.bz2) = 10778584 bytes
 SHA1 (patch-aa) = 64f32eaaa0f6e29f6ec3c9b92ecf4599cd11f178
 SHA1 (patch-ab) = 6f253484f6c09877cca6b1d1d7610725c895e13a
+SHA1 (patch-ac) = bd83be082e58c09630d97e26f21eacbc0ae028f9
+SHA1 (patch-ad) = 83f18c3d073027df62614f7e60035c13100682cf
diff --git a/misc/koffice/patches/patch-ac b/misc/koffice/patches/patch-ac
new file mode 100644
index 00000000000..ba5dfddf964
--- /dev/null
+++ b/misc/koffice/patches/patch-ac
@@ -0,0 +1,15 @@
+$NetBSD: patch-ac,v 1.8 2004/12/30 21:49:14 markd Exp $
+
+--- filters/kword/pdf/xpdf/xpdf/Gfx.cc.orig	2003-01-26 12:17:44.000000000 +1300
++++ filters/kword/pdf/xpdf/xpdf/Gfx.cc
+@@ -2379,7 +2379,9 @@ void Gfx::doImage(Object *ref, Stream *s
+     haveMask = gFalse;
+     dict->lookup("Mask", &maskObj);
+     if (maskObj.isArray()) {
+-      for (i = 0; i < maskObj.arrayGetLength(); ++i) {
++      for (i = 0;
++	   i < maskObj.arrayGetLength() && i < 2*gfxColorMaxComps;
++	   ++i) {
+ 	maskObj.arrayGet(i, &obj1);
+ 	maskColors[i] = obj1.getInt();
+ 	obj1.free();
diff --git a/misc/koffice/patches/patch-ad b/misc/koffice/patches/patch-ad
new file mode 100644
index 00000000000..a21c4fe539f
--- /dev/null
+++ b/misc/koffice/patches/patch-ad
@@ -0,0 +1,28 @@
+$NetBSD: patch-ad,v 1.9 2004/12/30 21:49:14 markd Exp $
+
+--- filters/kword/pdf/xpdf/xpdf/GfxState.cc.orig	2003-01-26 12:17:44.000000000 +1300
++++ filters/kword/pdf/xpdf/xpdf/GfxState.cc
+@@ -682,6 +682,11 @@ GfxColorSpace *GfxICCBasedColorSpace::pa
+   }
+   nCompsA = obj2.getInt();
+   obj2.free();
++  if (nCompsA > gfxColorMaxComps) {
++    error(-1, "ICCBased color space with too many (%d > %d) components",
++	  nCompsA, gfxColorMaxComps);
++    nCompsA = gfxColorMaxComps;
++  }
+   if (dict->lookup("Alternate", &obj2)->isNull() ||
+       !(altA = GfxColorSpace::parse(&obj2))) {
+     switch (nCompsA) {
+@@ -1023,6 +1028,11 @@ GfxColorSpace *GfxDeviceNColorSpace::par
+     goto err2;
+   }
+   nCompsA = obj1.arrayGetLength();
++  if (nCompsA > gfxColorMaxComps) {
++    error(-1, "DeviceN color space with too many (%d > %d) components",
++        nCompsA, gfxColorMaxComps);
++    nCompsA = gfxColorMaxComps;
++  }
+   for (i = 0; i < nCompsA; ++i) {
+     if (!obj1.arrayGet(i, &obj2)->isName()) {
+       error(-1, "Bad DeviceN color space (names)");
author	markd <markd@pkgsrc.org>	2004-12-30 21:49:14 +0000
committer	markd <markd@pkgsrc.org>	2004-12-30 21:49:14 +0000
commit	c3348ee423c398b00799da4c8851bfdb49b838f5 (patch)
tree	f9c11b80fed865ed44e3f8b248302d158a94c87b /misc
parent	7d9a3a257f9edc90f6ee04490b68b5bbf9d8cb57 (diff)
download	pkgsrc-c3348ee423c398b00799da4c8851bfdb49b838f5.tar.gz