From 03c4cc6c63a363378fa8426f61c1c296fc7f5e55 Mon Sep 17 00:00:00 2001 From: drochner Date: Tue, 2 Nov 2010 15:45:12 +0000 Subject: update to 0.14.4 changes: -bugfixes (in particular for security issues which were patched in pkgsrc) -fixed memory leaks --- print/poppler/Makefile | 3 +- print/poppler/Makefile.common | 4 +- print/poppler/distinfo | 14 ++-- print/poppler/patches/patch-ap | 152 ----------------------------------------- print/poppler/patches/patch-ba | 82 ---------------------- print/poppler/patches/patch-bb | 26 ------- print/poppler/patches/patch-bd | 48 ------------- print/poppler/patches/patch-be | 18 ----- print/poppler/patches/patch-bf | 31 --------- 9 files changed, 7 insertions(+), 371 deletions(-) delete mode 100644 print/poppler/patches/patch-ap delete mode 100644 print/poppler/patches/patch-ba delete mode 100644 print/poppler/patches/patch-bb delete mode 100644 print/poppler/patches/patch-bd delete mode 100644 print/poppler/patches/patch-be delete mode 100644 print/poppler/patches/patch-bf (limited to 'print/poppler') diff --git a/print/poppler/Makefile b/print/poppler/Makefile index 6c62cf39865..3b612a5d855 100644 --- a/print/poppler/Makefile +++ b/print/poppler/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.50 2010/10/02 22:46:49 wiz Exp $ +# $NetBSD: Makefile,v 1.51 2010/11/02 15:45:12 drochner Exp $ # .include "../../print/poppler/Makefile.common" COMMENT= PDF rendering library -PKGREVISION= 1 MAINTAINER= reed@reedmedia.net USE_TOOLS+= gmake diff --git a/print/poppler/Makefile.common b/print/poppler/Makefile.common index e6d318db9ae..10323a1b296 100644 --- a/print/poppler/Makefile.common +++ b/print/poppler/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.40 2010/10/02 22:46:49 wiz Exp $ +# $NetBSD: Makefile.common,v 1.41 2010/11/02 15:45:12 drochner Exp $ # # used by print/poppler/Makefile # used by print/poppler-glib/Makefile @@ -7,7 +7,7 @@ # used by print/poppler-qt4/Makefile # used by print/poppler-utils/Makefile -POPPLER_VERS= 0.14.2 +POPPLER_VERS= 0.14.4 DISTNAME= poppler-${POPPLER_VERS} CATEGORIES= print MASTER_SITES= http://poppler.freedesktop.org/ diff --git a/print/poppler/distinfo b/print/poppler/distinfo index d695215510e..463a07e0536 100644 --- a/print/poppler/distinfo +++ b/print/poppler/distinfo @@ -1,20 +1,14 @@ -$NetBSD: distinfo,v 1.61 2010/10/01 21:32:34 spz Exp $ +$NetBSD: distinfo,v 1.62 2010/11/02 15:45:12 drochner Exp $ -SHA1 (poppler-0.14.2.tar.gz) = a93e85c322ce36da4e9b4e9e52c9fd12ea5f4d6f -RMD160 (poppler-0.14.2.tar.gz) = bdbb901f85edd33ecd3ca1805a0f46c806bdb853 -Size (poppler-0.14.2.tar.gz) = 1791177 bytes +SHA1 (poppler-0.14.4.tar.gz) = c51931d7229126c16da54b72bfe63a190c2b5160 +RMD160 (poppler-0.14.4.tar.gz) = 505ac4c3759a7d4b14c1d077f9249f317dc2d2af +Size (poppler-0.14.4.tar.gz) = 1794096 bytes SHA1 (patch-aa) = b8c24eb7358410069f7ce6ad62576bc288cd55bb SHA1 (patch-ab) = 441308aec73c66a34c00ee1fad30a38748c89a7d SHA1 (patch-ac) = c343775da48a1d86dea1451b74355d117e30f6c5 SHA1 (patch-ag) = 4b914e85bb08ce83305d20de9c0a3e74d3cabdd2 SHA1 (patch-ai) = a51dba3fb0e7131873ef82ae5e256fb1d17cee53 SHA1 (patch-ao) = cf7e0f086522147a91f59b1b26ca510d1971ac74 -SHA1 (patch-ap) = db1c9765135865251a7958c3a4b86718b3313fae SHA1 (patch-aq) = 01e115ca868e0bbd398bade92485d83edbe98d66 -SHA1 (patch-ba) = 3a6bf7bd31c7e0238edd4d6505943c71d75221e4 -SHA1 (patch-bb) = c57c3b4bcf7a900e57bbf09d0fed28e2ef2dc737 SHA1 (patch-bc) = 456af841d297ce365878c9756d2c6327f9d7658e -SHA1 (patch-bd) = 8fd34a0f8c916a2ddd28654a6a6e0fedc35d5359 -SHA1 (patch-be) = e4e9b351c902255f2437c37e1925def750401aa9 -SHA1 (patch-bf) = aedde989871fe452c5538dade6bfa9b4e343da6c SHA1 (patch-bg) = b0353bf4bbee7a85f2a81e346119747897c7289f diff --git a/print/poppler/patches/patch-ap b/print/poppler/patches/patch-ap deleted file mode 100644 index d4ad1c89d32..00000000000 --- a/print/poppler/patches/patch-ap +++ /dev/null @@ -1,152 +0,0 @@ -$NetBSD: patch-ap,v 1.3 2010/10/01 21:32:34 spz Exp $ - -https://bugs.freedesktop.org/show_bug.cgi?id=25189 -plus security fixes for http://secunia.com/advisories/41596/ -taken from http://cgit.freedesktop.org/poppler/ - -- Make sure obj1 is a num before reading it -- Fix crash in broken pdf (parser->getStream() is 0) -- Properly initialize parser -- Give a value to color.c[i] - ---- poppler/Gfx.cc.orig 2010-08-11 19:20:32.000000000 +0000 -+++ poppler/Gfx.cc -@@ -536,6 +536,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, i - drawText = gFalse; - maskHaveCSPattern = gFalse; - mcStack = NULL; -+ parser = NULL; - - // start the resource stack - res = new GfxResources(xref, resDict, NULL); -@@ -590,6 +591,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, D - drawText = gFalse; - maskHaveCSPattern = gFalse; - mcStack = NULL; -+ parser = NULL; - - // start the resource stack - res = new GfxResources(xref, resDict, NULL); -@@ -1531,6 +1533,8 @@ void Gfx::opSetFillColorN(Object args[], - for (i = 0; i < numArgs - 1 && i < gfxColorMaxComps; ++i) { - if (args[i].isNum()) { - color.c[i] = dblToCol(args[i].getNum()); -+ } else { -+ color.c[i] = 0; // TODO Investigate if this is what Adobe does - } - } - state->setFillColor(&color); -@@ -1550,6 +1554,8 @@ void Gfx::opSetFillColorN(Object args[], - for (i = 0; i < numArgs && i < gfxColorMaxComps; ++i) { - if (args[i].isNum()) { - color.c[i] = dblToCol(args[i].getNum()); -+ } else { -+ color.c[i] = 0; // TODO Investigate if this is what Adobe does - } - } - state->setFillColor(&color); -@@ -1574,6 +1580,8 @@ void Gfx::opSetStrokeColorN(Object args[ - for (i = 0; i < numArgs - 1 && i < gfxColorMaxComps; ++i) { - if (args[i].isNum()) { - color.c[i] = dblToCol(args[i].getNum()); -+ } else { -+ color.c[i] = 0; // TODO Investigate if this is what Adobe does - } - } - state->setStrokeColor(&color); -@@ -1593,6 +1601,8 @@ void Gfx::opSetStrokeColorN(Object args[ - for (i = 0; i < numArgs && i < gfxColorMaxComps; ++i) { - if (args[i].isNum()) { - color.c[i] = dblToCol(args[i].getNum()); -+ } else { -+ color.c[i] = 0; // TODO Investigate if this is what Adobe does - } - } - state->setStrokeColor(&color); -@@ -2421,7 +2431,7 @@ static void bubbleSort(double array[]) - void Gfx::doAxialShFill(GfxAxialShading *shading) { - double xMin, yMin, xMax, yMax; - double x0, y0, x1, y1; -- double dx, dy, mul; -+ double dx, dy, len2; - GBool dxZero, dyZero; - double bboxIntersections[4]; - double tMin, tMax, tx, ty; -@@ -2443,16 +2453,18 @@ void Gfx::doAxialShFill(GfxAxialShading - shading->getCoords(&x0, &y0, &x1, &y1); - dx = x1 - x0; - dy = y1 - y0; -- dxZero = fabs(dx) < 0.01; -- dyZero = fabs(dy) < 0.01; -- if (dxZero && dyZero) { -- tMin = tMax = 0; -+ dxZero = (dx == 0.0); -+ dyZero = (dy == 0.0); -+ len2 = dx * dx + dy * dy; -+ if (len2 == 0.0) { -+ /* invalid? */ -+ tMin = 0; -+ tMax = 1; - } else { -- mul = 1 / (dx * dx + dy * dy); -- bboxIntersections[0] = ((xMin - x0) * dx + (yMin - y0) * dy) * mul; -- bboxIntersections[1] = ((xMin - x0) * dx + (yMax - y0) * dy) * mul; -- bboxIntersections[2] = ((xMax - x0) * dx + (yMin - y0) * dy) * mul; -- bboxIntersections[3] = ((xMax - x0) * dx + (yMax - y0) * dy) * mul; -+ bboxIntersections[0] = ((xMin - x0) * dx + (yMin - y0) * dy) / len2; -+ bboxIntersections[1] = ((xMin - x0) * dx + (yMax - y0) * dy) / len2; -+ bboxIntersections[2] = ((xMax - x0) * dx + (yMin - y0) * dy) / len2; -+ bboxIntersections[3] = ((xMax - x0) * dx + (yMax - y0) * dy) / len2; - bubbleSort(bboxIntersections); - tMin = bboxIntersections[0]; - tMax = bboxIntersections[3]; -@@ -4225,8 +4237,14 @@ void Gfx::doForm(Object *str) { - } - for (i = 0; i < 4; ++i) { - bboxObj.arrayGet(i, &obj1); -- bbox[i] = obj1.getNum(); -- obj1.free(); -+ if (likely(obj1.isNum())) { -+ bbox[i] = obj1.getNum(); -+ obj1.free(); -+ } else { -+ obj1.free(); -+ error(getPos(), "Bad form bounding box value"); -+ return; -+ } - } - bboxObj.free(); - -@@ -4449,8 +4467,13 @@ Stream *Gfx::buildImageStream() { - obj.free(); - - // make stream -- str = new EmbedStream(parser->getStream(), &dict, gFalse, 0); -- str = str->addFilters(&dict); -+ if (parser->getStream()) { -+ str = new EmbedStream(parser->getStream(), &dict, gFalse, 0); -+ str = str->addFilters(&dict); -+ } else { -+ str = NULL; -+ dict.free(); -+ } - - return str; - } -@@ -4651,8 +4674,14 @@ void Gfx::drawAnnot(Object *str, AnnotBo - } - for (i = 0; i < 4; ++i) { - bboxObj.arrayGet(i, &obj1); -- bbox[i] = obj1.getNum(); -- obj1.free(); -+ if (likely(obj1.isNum())) { -+ bbox[i] = obj1.getNum(); -+ obj1.free(); -+ } else { -+ obj1.free(); -+ error(getPos(), "Bad form bounding box value"); -+ return; -+ } - } - bboxObj.free(); - diff --git a/print/poppler/patches/patch-ba b/print/poppler/patches/patch-ba deleted file mode 100644 index a3ecb10b00a..00000000000 --- a/print/poppler/patches/patch-ba +++ /dev/null @@ -1,82 +0,0 @@ -$NetBSD: patch-ba,v 1.5 2010/10/01 21:32:34 spz Exp $ - -security fixes for http://secunia.com/advisories/41596/ -taken from http://cgit.freedesktop.org/poppler - -- Fix memory leak if obj2 is not a dict -- Avoid loops in Form::fieldLookup - ---- poppler/Form.cc.orig 2010-06-08 20:06:31.000000000 +0000 -+++ poppler/Form.cc -@@ -22,6 +22,7 @@ - #pragma implementation - #endif - -+#include - #include - #include - #include "goo/gmem.h" -@@ -715,13 +716,14 @@ FormField::FormField(XRef* xrefA, Object - // Load children - for(int i=0; iget(i, &obj2); -- array->getNF(i, &childRef); - if (!obj2.isDict ()) { - error (-1, "Reference to an invalid or non existant object"); -+ obj2.free(); - continue; - } -+ Object childRef; -+ array->getNF(i, &childRef); - //field child - if (dict->lookup ("FT", &obj3)->isName()) { - // If I'm not a generic container field and my children -@@ -1180,7 +1182,7 @@ Form::~Form() { - } - - // Look up an inheritable field dictionary entry. --Object *Form::fieldLookup(Dict *field, char *key, Object *obj) { -+static Object *fieldLookup(Dict *field, char *key, Object *obj, std::set *usedParents) { - Dict *dict; - Object parent; - -@@ -1189,8 +1191,23 @@ Object *Form::fieldLookup(Dict *field, c - return obj; - } - obj->free(); -- if (dict->lookup("Parent", &parent)->isDict()) { -- fieldLookup(parent.getDict(), key, obj); -+ dict->lookupNF("Parent", &parent); -+ if (parent.isRef()) { -+ const Ref ref = parent.getRef(); -+ if (usedParents->find(ref.num) == usedParents->end()) { -+ usedParents->insert(ref.num); -+ -+ Object obj2; -+ parent.fetch(dict->getXRef(), &obj2); -+ if (obj2.isDict()) { -+ fieldLookup(obj2.getDict(), key, obj, usedParents); -+ } else { -+ obj->initNull(); -+ } -+ obj2.free(); -+ } -+ } else if (parent.isDict()) { -+ fieldLookup(parent.getDict(), key, obj, usedParents); - } else { - obj->initNull(); - } -@@ -1198,6 +1215,11 @@ Object *Form::fieldLookup(Dict *field, c - return obj; - } - -+Object *Form::fieldLookup(Dict *field, char *key, Object *obj) { -+ std::set usedParents; -+ return ::fieldLookup(field, key, obj, &usedParents); -+} -+ - FormField *Form::createFieldFromDict (Object* obj, XRef *xrefA, const Ref& pref) - { - Object obj2; diff --git a/print/poppler/patches/patch-bb b/print/poppler/patches/patch-bb deleted file mode 100644 index 6460c238ec7..00000000000 --- a/print/poppler/patches/patch-bb +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-bb,v 1.5 2010/10/01 21:32:34 spz Exp $ - -security fixes for http://secunia.com/advisories/41596/ -taken from http://cgit.freedesktop.org/poppler - -- Avoid loops in Form::fieldLookup - ---- poppler/Dict.h.orig 2010-10-01 05:53:53.000000000 +0000 -+++ poppler/Dict.h -@@ -16,6 +16,7 @@ - // Copyright (C) 2005 Kristian Høgsberg - // Copyright (C) 2006 Krzysztof Kowalczyk - // Copyright (C) 2007-2008 Julien Rebetez -+// Copyright (C) 2010 Albert Astals Cid - // - // To see a description of the changes please see the Changelog file that - // came with your tarball or type make ChangeLog if you are building from git -@@ -84,6 +85,8 @@ public: - // parsed. - void setXRef(XRef *xrefA) { xref = xrefA; } - -+ XRef *getXRef() { return xref; } -+ - private: - - XRef *xref; // the xref table for this PDF file diff --git a/print/poppler/patches/patch-bd b/print/poppler/patches/patch-bd deleted file mode 100644 index 996a49ac9b2..00000000000 --- a/print/poppler/patches/patch-bd +++ /dev/null @@ -1,48 +0,0 @@ -$NetBSD: patch-bd,v 1.1 2010/10/01 21:32:34 spz Exp $ - -security fixes for http://secunia.com/advisories/41596/ -taken from http://cgit.freedesktop.org/poppler - -- Fix crash in broken pdf (code < 0) - ---- fofi/FoFiType1.cc.orig 2010-06-08 20:06:31.000000000 +0000 -+++ fofi/FoFiType1.cc -@@ -13,7 +13,7 @@ - // All changes made under the Poppler project to this file are licensed - // under GPL version 2 or later - // --// Copyright (C) 2005, 2008 Albert Astals Cid -+// Copyright (C) 2005, 2008, 2010 Albert Astals Cid - // Copyright (C) 2005 Kristian Høgsberg - // Copyright (C) 2010 Jakub Wilk - // -@@ -30,11 +30,20 @@ - - #include - #include -+ - #include "goo/gmem.h" - #include "FoFiEncodings.h" - #include "FoFiType1.h" - #include "poppler/Error.h" - -+#if defined(__GNUC__) && (__GNUC__ > 2) && defined(__OPTIMIZE__) -+# define likely(x) __builtin_expect((x), 1) -+# define unlikely(x) __builtin_expect((x), 0) -+#else -+# define likely(x) (x) -+# define unlikely(x) (x) -+#endif -+ - //------------------------------------------------------------------------ - // FoFiType1 - //------------------------------------------------------------------------ -@@ -243,7 +252,7 @@ void FoFiType1::parse() { - code = code * 8 + (*p2 - '0'); - } - } -- if (code < 256) { -+ if (likely(code < 256 && code >= 0)) { - for (p = p2; *p == ' ' || *p == '\t'; ++p) ; - if (*p == '/') { - ++p; diff --git a/print/poppler/patches/patch-be b/print/poppler/patches/patch-be deleted file mode 100644 index e653a99d183..00000000000 --- a/print/poppler/patches/patch-be +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-be,v 1.1 2010/10/01 21:32:34 spz Exp $ - -security fixes for http://secunia.com/advisories/41596/ -taken from http://cgit.freedesktop.org/poppler - -- Initialize properly charactersRead - ---- poppler/Decrypt.cc.orig 2010-06-08 20:06:31.000000000 +0000 -+++ poppler/Decrypt.cc -@@ -229,6 +229,8 @@ DecryptStream::DecryptStream(Stream *str - if ((objKeyLength = keyLength + 5) > 16) { - objKeyLength = 16; - } -+ -+ charactersRead = 0; - } - - DecryptStream::~DecryptStream() { diff --git a/print/poppler/patches/patch-bf b/print/poppler/patches/patch-bf deleted file mode 100644 index 1fb6376d937..00000000000 --- a/print/poppler/patches/patch-bf +++ /dev/null @@ -1,31 +0,0 @@ -$NetBSD: patch-bf,v 1.1 2010/10/01 21:32:34 spz Exp $ - -security fixes for http://secunia.com/advisories/41596/ -taken from http://cgit.freedesktop.org/poppler - -- Properly initialize stack -- Fix crash when idx is out of range - ---- poppler/Function.cc.orig 2010-07-24 12:01:53.000000000 +0000 -+++ poppler/Function.cc -@@ -422,7 +422,11 @@ void SampledFunction::transform(double * - for (k = 0, t = j; k < m; ++k, t >>= 1) { - idx += idxMul[k] * (e[k][t & 1]); - } -- sBuf[j] = samples[idx]; -+ if (likely(idx >= 0 && idx < nSamples)) { -+ sBuf[j] = samples[idx]; -+ } else { -+ sBuf[j] = 0; -+ } - } - - // do m sets of interpolations -@@ -1108,6 +1112,7 @@ PostScriptFunction::PostScriptFunction(O - code = NULL; - codeString = NULL; - codeSize = 0; -+ stack = NULL; - ok = gFalse; - cache = new PopplerCache(5); - -- cgit v1.2.3