Update to 0.4.3:

- Fix selection crasher (Nickolay V. Shmyrev, #4402). - Fix printing problem for single page output (#4555). - Fix miscellaneous compile problems/warnings. - CVE-2005-3191 and CAN-2005-2097 security fixes.
author: wiz <wiz@pkgsrc.org> 2005-12-31 00:35:55 +0000
committer: wiz <wiz@pkgsrc.org> 2005-12-31 00:35:55 +0000
commit: 28e0535bae4865e9b74f514057572f3732b81851 (patch)
tree: db55580fcf7399d53c768f6697c5f24d1192ccb2 /print/poppler/patches
parent: 0445cbe3605f6ff2f68781a3c09c10beb2e1323b (diff)
download: pkgsrc-28e0535bae4865e9b74f514057572f3732b81851.tar.gz
3 files changed, 0 insertions, 132 deletions
diff --git a/print/poppler/patches/patch-aa b/print/poppler/patches/patch-aa
deleted file mode 100644
index b22536acc49..00000000000
--- a/print/poppler/patches/patch-aa
+++ /dev/null
@@ -1,31 +0,0 @@
-$NetBSD: patch-aa,v 1.3 2005/12/11 05:08:50 salo Exp $
-
-Security fix for CVE-2005-3193.
-
---- poppler/JPXStream.cc.orig	2005-03-03 20:46:03.000000000 +0100
-+++ poppler/JPXStream.cc	2005-12-11 05:58:51.000000000 +0100
-@@ -666,7 +666,7 @@
-   int segType;
-   GBool haveSIZ, haveCOD, haveQCD, haveSOT;
-   Guint precinctSize, style;
--  Guint segLen, capabilities, comp, i, j, r;
-+  Guint segLen, capabilities, nTiles, comp, i, j, r;
- 
-   //----- main header
-   haveSIZ = haveCOD = haveQCD = haveSOT = gFalse;
-@@ -701,8 +701,13 @@
- 	            / img.xTileSize;
-       img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1)
- 	            / img.yTileSize;
--      img.tiles = (JPXTile *)gmalloc(img.nXTiles * img.nYTiles *
--				     sizeof(JPXTile));
-+      nTiles = img.nXTiles * img.nYTiles;
-+      // check for overflow before allocating memory
-+      if (nTiles == 0 || nTiles / img.nXTiles != img.nYTiles) {
-+        error(getPos(), "Bad tile count in JPX SIZ marker segment");
-+        return gFalse;
-+      }
-+      img.tiles = (JPXTile *)gmalloc(nTiles * sizeof(JPXTile));
-       for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
- 	img.tiles[i].tileComps = (JPXTileComp *)gmalloc(img.nComps *
- 							sizeof(JPXTileComp));
diff --git a/print/poppler/patches/patch-ab b/print/poppler/patches/patch-ab
deleted file mode 100644
index 57c4c116bba..00000000000
--- a/print/poppler/patches/patch-ab
+++ /dev/null
@@ -1,78 +0,0 @@
-$NetBSD: patch-ab,v 1.1 2005/12/11 05:08:50 salo Exp $
-
-Security fix for CVE-2005-3191 and CVE-2005-3192.
-
---- poppler/Stream.cc.orig	2005-04-27 22:56:18.000000000 +0200
-+++ poppler/Stream.cc	2005-12-11 05:51:36.000000000 +0100
-@@ -415,18 +415,33 @@ void ImageStream::skipLine() {
- 
- StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
- 				 int widthA, int nCompsA, int nBitsA) {
-+  int totalBits;
-+
-   str = strA;
-   predictor = predictorA;
-   width = widthA;
-   nComps = nCompsA;
-   nBits = nBitsA;
-+  predLine = NULL;
-+  ok = gFalse;
- 
-   nVals = width * nComps;
-+  totalBits = nVals * nBits;
-+  if (totalBits == 0 ||
-+      (totalBits / nBits) / nComps != width ||
-+      totalBits + 7 < 0) {
-+    return;
-+  }
-   pixBytes = (nComps * nBits + 7) >> 3;
--  rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-+  rowBytes = ((totalBits + 7) >> 3) + pixBytes;
-+  if (rowBytes < 0) {
-+    return;
-+  }
-   predLine = (Guchar *)gmalloc(rowBytes);
-   memset(predLine, 0, rowBytes);
-   predIdx = rowBytes;
-+
-+  ok = gTrue;
- }
- 
- StreamPredictor::~StreamPredictor() {
-@@ -1020,6 +1035,10 @@ LZWStream::LZWStream(Stream *strA, int p
-     FilterStream(strA) {
-   if (predictor != 1) {
-     pred = new StreamPredictor(this, predictor, columns, colors, bits);
-+    if (!pred->isOk()) {
-+      delete pred;
-+      pred = NULL;
-+    }
-   } else {
-     pred = NULL;
-   }
-@@ -2907,6 +2926,14 @@ GBool DCTStream::readBaselineSOF() {
-   height = read16();
-   width = read16();
-   numComps = str->getChar();
-+  if (numComps <= 0 || numComps > 4) {
-+    error(getPos(), "Bad number of components in DCT stream", prec);
-+    return gFalse;
-+  }
-+  if (numComps <= 0 || numComps > 4) {
-+    error(getPos(), "Bad number of components in DCT stream", prec);
-+    return gFalse;
-+  }
-   if (prec != 8) {
-     error(getPos(), "Bad DCT precision %d", prec);
-     return gFalse;
-@@ -3268,6 +3295,10 @@ FlateStream::FlateStream(Stream *strA, i
-     FilterStream(strA) {
-   if (predictor != 1) {
-     pred = new StreamPredictor(this, predictor, columns, colors, bits);
-+    if (!pred->isOk()) {
-+      delete pred;
-+      pred = NULL;
-+    }
-   } else {
-     pred = NULL;
-   }
diff --git a/print/poppler/patches/patch-ac b/print/poppler/patches/patch-ac
deleted file mode 100644
index e09dba96cfa..00000000000
--- a/print/poppler/patches/patch-ac
+++ /dev/null
@@ -1,23 +0,0 @@
-$NetBSD: patch-ac,v 1.1 2005/12/11 05:08:50 salo Exp $
-
-Security fix for CVE-2005-3192.
-
---- poppler/Stream.h.orig	2005-04-27 22:56:18.000000000 +0200
-+++ poppler/Stream.h	2005-12-11 05:51:36.000000000 +0100
-@@ -231,6 +231,8 @@ public:
- 
-   ~StreamPredictor();
- 
-+  GBool isOk() { return ok; }
-+
-   int lookChar();
-   int getChar();
- 
-@@ -248,6 +250,7 @@ private:
-   int rowBytes;			// bytes per line
-   Guchar *predLine;		// line buffer
-   int predIdx;			// current index in predLine
-+  GBool ok;
- };
- 
- //------------------------------------------------------------------------
author	wiz <wiz@pkgsrc.org>	2005-12-31 00:35:55 +0000
committer	wiz <wiz@pkgsrc.org>	2005-12-31 00:35:55 +0000
commit	28e0535bae4865e9b74f514057572f3732b81851 (patch)
tree	db55580fcf7399d53c768f6697c5f24d1192ccb2 /print/poppler/patches
parent	0445cbe3605f6ff2f68781a3c09c10beb2e1323b (diff)
download	pkgsrc-28e0535bae4865e9b74f514057572f3732b81851.tar.gz