Fri Feb 14 17:49:41 2014 UTC ()
add patch from upstream to fix buffer overflow in xps_parse_color()
bump PKGREV
(drochner)
diff -r1.20 -r1.21 pkgsrc/print/mupdf/Makefile
diff -r1.10 -r1.11 pkgsrc/print/mupdf/distinfo
diff -r0 -r1.1 pkgsrc/print/mupdf/patches/patch-ba
diff -r0 -r1.1 pkgsrc/print/mupdf/patches/patch-bb
diff -r0 -r1.1 pkgsrc/print/mupdf/patches/patch-bc
diff -r0 -r1.1 pkgsrc/print/mupdf/patches/patch-bd
--- pkgsrc/print/mupdf/Makefile 2014/02/12 23:18:30 1.20
+++ pkgsrc/print/mupdf/Makefile 2014/02/14 17:49:41 1.21
| @@ -1,18 +1,18 @@ | | | @@ -1,18 +1,18 @@ |
| 1 | # $NetBSD: Makefile,v 1.20 2014/02/12 23:18:30 tron Exp $ | | 1 | # $NetBSD: Makefile,v 1.21 2014/02/14 17:49:41 drochner Exp $ |
| 2 | | | 2 | |
| 3 | DISTNAME= mupdf-1.3-source | | 3 | DISTNAME= mupdf-1.3-source |
| 4 | PKGNAME= ${DISTNAME:S/-source//} | | 4 | PKGNAME= ${DISTNAME:S/-source//} |
| 5 | PKGREVISION= 1 | | 5 | PKGREVISION= 2 |
| 6 | CATEGORIES= print | | 6 | CATEGORIES= print |
| 7 | MASTER_SITES= http://mupdf.googlecode.com/files/ | | 7 | MASTER_SITES= http://mupdf.googlecode.com/files/ |
| 8 | | | 8 | |
| 9 | MAINTAINER= pkgsrc-users@NetBSD.org | | 9 | MAINTAINER= pkgsrc-users@NetBSD.org |
| 10 | HOMEPAGE= http://mupdf.com/ | | 10 | HOMEPAGE= http://mupdf.com/ |
| 11 | COMMENT= Lightweight PDF viewer and toolkit | | 11 | COMMENT= Lightweight PDF viewer and toolkit |
| 12 | LICENSE= gnu-agpl-v3 | | 12 | LICENSE= gnu-agpl-v3 |
| 13 | | | 13 | |
| 14 | USE_LIBTOOL= yes | | 14 | USE_LIBTOOL= yes |
| 15 | USE_TOOLS+= pkg-config gmake | | 15 | USE_TOOLS+= pkg-config gmake |
| 16 | | | 16 | |
| 17 | SUBST_CLASSES+= makerules | | 17 | SUBST_CLASSES+= makerules |
| 18 | SUBST_STAGE.makerules= post-patch | | 18 | SUBST_STAGE.makerules= post-patch |
--- pkgsrc/print/mupdf/distinfo 2014/01/09 14:25:23 1.10
+++ pkgsrc/print/mupdf/distinfo 2014/02/14 17:49:41 1.11
| @@ -1,9 +1,13 @@ | | | @@ -1,9 +1,13 @@ |
| 1 | $NetBSD: distinfo,v 1.10 2014/01/09 14:25:23 mef Exp $ | | 1 | $NetBSD: distinfo,v 1.11 2014/02/14 17:49:41 drochner Exp $ |
| 2 | | | 2 | |
| 3 | SHA1 (mupdf-1.3-source.tar.gz) = 082325aceb5565b07b82c2b6cc52a97533e03cf9 | | 3 | SHA1 (mupdf-1.3-source.tar.gz) = 082325aceb5565b07b82c2b6cc52a97533e03cf9 |
| 4 | RMD160 (mupdf-1.3-source.tar.gz) = 5f898cfaa3a54c7c34835411b0d386914edee2f8 | | 4 | RMD160 (mupdf-1.3-source.tar.gz) = 5f898cfaa3a54c7c34835411b0d386914edee2f8 |
| 5 | Size (mupdf-1.3-source.tar.gz) = 14594969 bytes | | 5 | Size (mupdf-1.3-source.tar.gz) = 14594969 bytes |
| 6 | SHA1 (patch-Makethird) = 37b0be98bf859ec9d995dd7a3c05c191be42a479 | | 6 | SHA1 (patch-Makethird) = 37b0be98bf859ec9d995dd7a3c05c191be42a479 |
| 7 | SHA1 (patch-ab) = d3258d2c37743a3c4bc1949d3246e71d81e4d69e | | 7 | SHA1 (patch-ab) = d3258d2c37743a3c4bc1949d3246e71d81e4d69e |
| 8 | SHA1 (patch-ac) = aa528c732ca5f42234279734467155e68aa39663 | | 8 | SHA1 (patch-ac) = aa528c732ca5f42234279734467155e68aa39663 |
| 9 | SHA1 (patch-ae) = df35d031a816eceac5bdfd5ddb298adea4a48ce0 | | 9 | SHA1 (patch-ae) = df35d031a816eceac5bdfd5ddb298adea4a48ce0 |
| | | 10 | SHA1 (patch-ba) = eeb839953619c08d222b3400bab38b738c08b465 |
| | | 11 | SHA1 (patch-bb) = 82002ae6fe2eef67c1ee64123434298765716047 |
| | | 12 | SHA1 (patch-bc) = 02b2cb087dd94165f71126636b82976917cd0d7f |
| | | 13 | SHA1 (patch-bd) = f8d4d1f7f638df4a39279294868dad8ac1ac5a33 |
$NetBSD: patch-ba,v 1.1 2014/02/14 17:49:41 drochner Exp $
http://bugs.ghostscript.com/show_bug.cgi?id=694957
--- source/xps/xps-common.c.orig 2013-08-14 12:41:20.000000000 +0000
+++ source/xps/xps-common.c
@@ -89,7 +89,7 @@ xps_begin_opacity(xps_document *doc, con
if (scb_color_att)
{
fz_colorspace *colorspace;
- float samples[32];
+ float samples[FZ_MAX_COLORS];
xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples);
opacity = opacity * samples[0];
}
@@ -208,12 +208,13 @@ void
xps_parse_color(xps_document *doc, char *base_uri, char *string,
fz_colorspace **csp, float *samples)
{
+ fz_context *ctx = doc->ctx;
char *p;
int i, n;
char buf[1024];
char *profile;
- *csp = fz_device_rgb(doc->ctx);
+ *csp = fz_device_rgb(ctx);
samples[0] = 1;
samples[1] = 0;
@@ -259,7 +260,7 @@ xps_parse_color(xps_document *doc, char
profile = strchr(buf, ' ');
if (!profile)
{
- fz_warn(doc->ctx, "cannot find icc profile uri in '%s'", string);
+ fz_warn(ctx, "cannot find icc profile uri in '%s'", string);
return;
}
@@ -267,12 +268,17 @@ xps_parse_color(xps_document *doc, char
p = strchr(profile, ' ');
if (!p)
{
- fz_warn(doc->ctx, "cannot find component values in '%s'", profile);
+ fz_warn(ctx, "cannot find component values in '%s'", profile);
return;
}
*p++ = 0;
n = count_commas(p) + 1;
+ if (n > FZ_MAX_COLORS)
+ {
+ fz_warn(ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS);
+ n = FZ_MAX_COLORS;
+ }
i = 0;
while (i < n)
{
@@ -292,10 +298,10 @@ xps_parse_color(xps_document *doc, char
/* TODO: load ICC profile */
switch (n)
{
- case 2: *csp = fz_device_gray(doc->ctx); break;
- case 4: *csp = fz_device_rgb(doc->ctx); break;
- case 5: *csp = fz_device_cmyk(doc->ctx); break;
- default: *csp = fz_device_gray(doc->ctx); break;
+ case 2: *csp = fz_device_gray(ctx); break;
+ case 4: *csp = fz_device_rgb(ctx); break;
+ case 5: *csp = fz_device_cmyk(ctx); break;
+ default: *csp = fz_device_gray(ctx); break;
}
}
}
$NetBSD: patch-bb,v 1.1 2014/02/14 17:49:41 drochner Exp $
--- source/xps/xps-glyphs.c.orig 2013-08-14 12:41:20.000000000 +0000
+++ source/xps/xps-glyphs.c
@@ -591,7 +591,7 @@ xps_parse_glyphs(xps_document *doc, cons
if (fill_att)
{
- float samples[32];
+ float samples[FZ_MAX_COLORS];
fz_colorspace *colorspace;
xps_parse_color(doc, base_uri, fill_att, &colorspace, samples);
$NetBSD: patch-bc,v 1.1 2014/02/14 17:49:41 drochner Exp $
--- source/xps/xps-gradient.c.orig 2013-08-14 12:41:20.000000000 +0000
+++ source/xps/xps-gradient.c
@@ -38,7 +38,7 @@ xps_parse_gradient_stops(xps_document *d
struct stop *stops, int maxcount)
{
fz_colorspace *colorspace;
- float sample[8];
+ float sample[FZ_MAX_COLORS];
float rgb[3];
int before, after;
int count;
$NetBSD: patch-bd,v 1.1 2014/02/14 17:49:41 drochner Exp $
--- source/xps/xps-path.c.orig 2013-08-14 12:41:20.000000000 +0000
+++ source/xps/xps-path.c
@@ -826,7 +826,7 @@ xps_parse_path(xps_document *doc, const
fz_stroke_state *stroke = NULL;
fz_matrix transform;
- float samples[32];
+ float samples[FZ_MAX_COLORS];
fz_colorspace *colorspace;
fz_path *path = NULL;
fz_path *stroke_path = NULL;