From 3b64e923e2de237859f6e8902dfd4e8a7e089ae1 Mon Sep 17 00:00:00 2001 From: tez Date: Wed, 13 Oct 2010 21:29:42 +0000 Subject: Fixes for CVE-2010-3702 and CVE-2010-3704 from openbsd ports and cross checked with redhat (bugs 595245 and 638960) --- print/xpdf/Makefile | 4 ++-- print/xpdf/distinfo | 4 +++- print/xpdf/patches/patch-bc | 23 +++++++++++++++++++++++ print/xpdf/patches/patch-bd | 31 +++++++++++++++++++++++++++++++ 4 files changed, 59 insertions(+), 3 deletions(-) create mode 100644 print/xpdf/patches/patch-bc create mode 100644 print/xpdf/patches/patch-bd (limited to 'print/xpdf') diff --git a/print/xpdf/Makefile b/print/xpdf/Makefile index e61685a91e9..13d14a1919a 100644 --- a/print/xpdf/Makefile +++ b/print/xpdf/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.72 2010/06/13 08:56:04 spz Exp $ +# $NetBSD: Makefile,v 1.73 2010/10/13 21:29:42 tez Exp $ DISTNAME= xpdf-3.02 PKGNAME= xpdf-3.02pl4 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= print MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \ ${MASTER_SITE_SUNSITE:=apps/graphics/viewers/X/xpdf/} \ diff --git a/print/xpdf/distinfo b/print/xpdf/distinfo index 2a6b0960e81..7e2778d2ea1 100644 --- a/print/xpdf/distinfo +++ b/print/xpdf/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.37 2010/06/13 08:56:04 spz Exp $ +$NetBSD: distinfo,v 1.38 2010/10/13 21:29:42 tez Exp $ SHA1 (xpdf-3.02.tar.gz) = f9940698840c8a8045677e8be68ab8580903e20a RMD160 (xpdf-3.02.tar.gz) = e900cb8670b8c430beaa45895fb474411cb1958d @@ -33,3 +33,5 @@ SHA1 (patch-ap) = 5961dfe22ac087a7df0311235b4fab27d7554c58 SHA1 (patch-aq) = 1df0efb9fdde90df0597ba2a56c6030e7446e185 SHA1 (patch-ar) = 5e4719a30a0412d9d731dbef8179c38bba67db94 SHA1 (patch-bb) = d38757d5e4a331d49149acfff897cfe7bc0a5e3b +SHA1 (patch-bc) = 856c7012bf794135aecdb70f726ccec14aa0a7cc +SHA1 (patch-bd) = 8cd3fabac230fcda0d5db39d4b777802f5a75114 diff --git a/print/xpdf/patches/patch-bc b/print/xpdf/patches/patch-bc new file mode 100644 index 00000000000..7d629666fed --- /dev/null +++ b/print/xpdf/patches/patch-bc @@ -0,0 +1,23 @@ +$NetbBSD$ + +Fix for CVE-2010-3702 +from http://www.openbsd.org/cgi-bin/cvsweb/ports/textproc/xpdf/patches/patch-xpdf_Gfx_cc.diff?r1=1.3;r2=1.4 + +--- xpdf/Gfx.cc.orig 2010-10-13 14:50:46.467717900 -0500 ++++ xpdf/Gfx.cc 2010-10-13 15:01:30.882241300 -0500 +@@ -443,6 +443,7 @@ + + xref = xrefA; + subPage = gFalse; ++ parser = NULL; + printCommands = globalParams->getPrintCommands(); + + // start the resource stack +@@ -485,6 +486,7 @@ + + xref = xrefA; + subPage = gTrue; ++ parser = NULL; + printCommands = globalParams->getPrintCommands(); + + // start the resource stack diff --git a/print/xpdf/patches/patch-bd b/print/xpdf/patches/patch-bd new file mode 100644 index 00000000000..73679796842 --- /dev/null +++ b/print/xpdf/patches/patch-bd @@ -0,0 +1,31 @@ +$NetBSD: patch-bd,v 1.1 2010/10/13 21:29:43 tez Exp $ + +Fix for CVE-2010-3704 +from http://www.openbsd.org/cgi-bin/cvsweb/ports/textproc/xpdf/patches/patch-fofi_FoFiType1_cc?rev=1.1 + +--- fofi/FoFiType1.cc.orig 2010-10-13 14:51:21.493696100 -0500 ++++ fofi/FoFiType1.cc 2010-10-13 14:58:20.655403000 -0500 +@@ -18,6 +18,14 @@ + #include "FoFiEncodings.h" + #include "FoFiType1.h" + ++#if defined(__GNUC__) && (__GNUC__ > 2) && defined(__OPTIMIZE__) ++# define likely(x) __builtin_expect((x), 1) ++# define unlikely(x) __builtin_expect((x), 0) ++#else ++# define likely(x) (x) ++# define unlikely(x) (x) ++#endif ++ + //------------------------------------------------------------------------ + // FoFiType1 + //------------------------------------------------------------------------ +@@ -224,7 +232,7 @@ + code = code * 8 + (*p2 - '0'); + } + } +- if (code < 256) { ++ if (likely(code < 256 && code >= 0)) { + for (p = p2; *p == ' ' || *p == '\t'; ++p) ; + if (*p == '/') { + ++p; -- cgit v1.2.3