From 8d6731439de4e2bb6f9d33d4c358828588698b94 Mon Sep 17 00:00:00 2001 From: markd Date: Tue, 2 Nov 2004 23:32:18 +0000 Subject: Improved integer overflow fix for KWord's PDF import filter. Official koffice patch. Bump PKGREVISION. --- misc/koffice/Makefile | 3 ++- misc/koffice/distinfo | 4 +++- misc/koffice/patches/patch-ac | 34 ++++++++++++++++++++++++++++++ misc/koffice/patches/patch-ad | 48 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 87 insertions(+), 2 deletions(-) create mode 100644 misc/koffice/patches/patch-ac create mode 100644 misc/koffice/patches/patch-ad (limited to 'misc') diff --git a/misc/koffice/Makefile b/misc/koffice/Makefile index a102333c96e..fd4162d1743 100644 --- a/misc/koffice/Makefile +++ b/misc/koffice/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.46 2004/10/28 11:30:25 markd Exp $ +# $NetBSD: Makefile,v 1.47 2004/11/02 23:32:18 markd Exp $ DISTNAME= koffice-1.3.4 +PKGREVISION= 1 CATEGORIES= misc kde MASTER_SITES= ftp://ftp.kde.org/pub/kde/stable/koffice-1.3.4/src/ \ ftp://ftp.us.kde.org/pub/kde/stable/koffice-1.3.4/src/ \ diff --git a/misc/koffice/distinfo b/misc/koffice/distinfo index bfcd3d9a32d..7e3ac34efb3 100644 --- a/misc/koffice/distinfo +++ b/misc/koffice/distinfo @@ -1,6 +1,8 @@ -$NetBSD: distinfo,v 1.16 2004/10/28 11:30:26 markd Exp $ +$NetBSD: distinfo,v 1.17 2004/11/02 23:32:18 markd Exp $ SHA1 (koffice-1.3.4.tar.bz2) = 1848f37320833eddae0732aeaabfeddd3e0e35d4 Size (koffice-1.3.4.tar.bz2) = 10765924 bytes SHA1 (patch-aa) = 64f32eaaa0f6e29f6ec3c9b92ecf4599cd11f178 SHA1 (patch-ab) = 6f253484f6c09877cca6b1d1d7610725c895e13a +SHA1 (patch-ac) = e686a889c9c5c2d17482301227139218ad58ba94 +SHA1 (patch-ad) = a1c30be30cbf80828b10a808bb02fe55835cf2cd diff --git a/misc/koffice/patches/patch-ac b/misc/koffice/patches/patch-ac new file mode 100644 index 00000000000..92f1b0ed46f --- /dev/null +++ b/misc/koffice/patches/patch-ac @@ -0,0 +1,34 @@ +$NetBSD: patch-ac,v 1.6 2004/11/02 23:32:19 markd Exp $ + +--- filters/kword/pdf/xpdf/xpdf/Catalog.cc.orig 2004-10-23 20:01:23.000000000 +1300 ++++ filters/kword/pdf/xpdf/xpdf/Catalog.cc +@@ -12,6 +12,7 @@ + #pragma implementation + #endif + ++#include + #include + #include "gmem.h" + #include "Object.h" +@@ -63,8 +64,8 @@ Catalog::Catalog(XRef *xrefA) { + } + pagesSize = numPages0 = obj.getInt(); + obj.free(); +- if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize || +- pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) { ++ if ((unsigned) pagesSize >= INT_MAX / sizeof(Page *) || ++ (unsigned) pagesSize >= INT_MAX / sizeof(Ref)) { + error(-1, "Invalid 'pagesSize'"); + ok = gFalse; + return; +@@ -196,8 +197,8 @@ int Catalog::readPageTree(Dict *pagesDic + } + if (start >= pagesSize) { + pagesSize += 32; +- if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize || +- pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) { ++ if ((unsigned) pagesSize >= INT_MAX / sizeof(Page *) || ++ (unsigned) pagesSize >= INT_MAX / sizeof(Ref)) { + error(-1, "Invalid 'pagesSize' parameter."); + goto err3; + } diff --git a/misc/koffice/patches/patch-ad b/misc/koffice/patches/patch-ad new file mode 100644 index 00000000000..6c995845dc7 --- /dev/null +++ b/misc/koffice/patches/patch-ad @@ -0,0 +1,48 @@ +$NetBSD: patch-ad,v 1.7 2004/11/02 23:32:19 markd Exp $ + +--- filters/kword/pdf/xpdf/xpdf/XRef.cc.orig 2004-10-23 20:01:23.000000000 +1300 ++++ filters/kword/pdf/xpdf/xpdf/XRef.cc +@@ -12,6 +12,7 @@ + #pragma implementation + #endif + ++#include + #include + #include + #include +@@ -76,7 +77,7 @@ XRef::XRef(BaseStream *strA, GString *ow + + // trailer is ok - read the xref table + } else { +- if (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size) { ++ if ((unsigned) size >= INT_MAX / sizeof(XRefEntry)) { + error(-1, "Invalid 'size' inside xref table."); + ok = gFalse; + errCode = errDamaged; +@@ -273,7 +274,7 @@ GBool XRef::readXRef(Guint *pos) { + // table size + if (first + n > size) { + newSize = size + 256; +- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) { ++ if ((unsigned) newSize >= INT_MAX / sizeof(XRefEntry)) { + error(-1, "Invalid 'newSize'"); + goto err2; + } +@@ -420,7 +421,7 @@ GBool XRef::constructXRef() { + if (!strncmp(p, "obj", 3)) { + if (num >= size) { + newSize = (num + 1 + 255) & ~255; +- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) { ++ if ((unsigned) newSize >= INT_MAX / sizeof(XRefEntry)) { + error(-1, "Invalid 'obj' parameters."); + return gFalse; + } +@@ -445,7 +446,7 @@ GBool XRef::constructXRef() { + } else if (!strncmp(p, "endstream", 9)) { + if (streamEndsLen == streamEndsSize) { + streamEndsSize += 64; +- if (streamEndsSize*sizeof(int)/sizeof(int) != streamEndsSize) { ++ if ((unsigned) streamEndsSize >= INT_MAX / sizeof(int)) { + error(-1, "Invalid 'endstream' parameter."); + return gFalse; + } -- cgit v1.2.3