diff options
Diffstat (limited to 'patches/source/poppler')
-rw-r--r-- | patches/source/poppler/poppler.CVE-2012-2142.diff | 64 | ||||
-rwxr-xr-x | patches/source/poppler/poppler.SlackBuild | 131 | ||||
-rw-r--r-- | patches/source/poppler/poppler_xyscale.patch | 47 | ||||
-rw-r--r-- | patches/source/poppler/slack-desc | 19 |
4 files changed, 261 insertions, 0 deletions
diff --git a/patches/source/poppler/poppler.CVE-2012-2142.diff b/patches/source/poppler/poppler.CVE-2012-2142.diff new file mode 100644 index 000000000..9c6a2a56b --- /dev/null +++ b/patches/source/poppler/poppler.CVE-2012-2142.diff @@ -0,0 +1,64 @@ +From 71bad47ed6a36d825b0d08992c8db56845c71e40 Mon Sep 17 00:00:00 2001 +From: Marek Kasik <mkasik@redhat.com> +Date: Sun, 09 Dec 2012 19:20:00 +0000 +Subject: Filter stuff that might end up in the shell + +Since it seems shells don't know how to filter stuff and might causing bad things to happen +--- +diff --git a/poppler/Error.cc b/poppler/Error.cc +index 9d044bc..ce71820 100644 +--- a/poppler/Error.cc ++++ b/poppler/Error.cc +@@ -16,6 +16,7 @@ + // Copyright (C) 2005, 2007 Jeff Muizelaar <jeff@infidigm.net> + // Copyright (C) 2005 Albert Astals Cid <aacid@kde.org> + // Copyright (C) 2007 Krzysztof Kowalczyk <kkowalczyk@gmail.com> ++// Copyright (C) 2012 Marek Kasik <mkasik@redhat.com> + // + // To see a description of the changes please see the Changelog file that + // came with your tarball or type make ChangeLog if you are building from git +@@ -59,7 +60,7 @@ void setErrorCallback(void (*cbk)(void *data, ErrorCategory category, + + void CDECL error(ErrorCategory category, int pos, const char *msg, ...) { + va_list args; +- GooString *s; ++ GooString *s, *sanitized; + + // NB: this can be called before the globalParams object is created + if (!errorCbk && globalParams && globalParams->getErrQuiet()) { +@@ -68,17 +69,29 @@ void CDECL error(ErrorCategory category, int pos, const char *msg, ...) { + va_start(args, msg); + s = GooString::formatv(msg, args); + va_end(args); ++ ++ sanitized = new GooString (); ++ for (int i = 0; i < s->getLength(); ++i) { ++ const char c = s->getChar(i); ++ if (c < (char)0x20 || c >= (char)0x7f) { ++ sanitized->appendf("<{0:02x}>", c & 0xff); ++ } else { ++ sanitized->append(c); ++ } ++ } ++ + if (errorCbk) { +- (*errorCbk)(errorCbkData, category, pos, s->getCString()); ++ (*errorCbk)(errorCbkData, category, pos, sanitized->getCString()); + } else { + if (pos >= 0) { + fprintf(stderr, "%s (%d): %s\n", +- errorCategoryNames[category], pos, s->getCString()); ++ errorCategoryNames[category], pos, sanitized->getCString()); + } else { + fprintf(stderr, "%s: %s\n", +- errorCategoryNames[category], s->getCString()); ++ errorCategoryNames[category], sanitized->getCString()); + } + fflush(stderr); + } + delete s; ++ delete sanitized; + } +-- +cgit v0.9.0.2-2-gbebe + diff --git a/patches/source/poppler/poppler.SlackBuild b/patches/source/poppler/poppler.SlackBuild new file mode 100755 index 000000000..e85b6de03 --- /dev/null +++ b/patches/source/poppler/poppler.SlackBuild @@ -0,0 +1,131 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=poppler +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack14.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Fix printing of some pdf files: +zcat $CWD/poppler_xyscale.patch.gz | patch -p1 --verbose || exit 1 + +# Sanitize error output: +zcat $CWD/poppler.CVE-2012-2142.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --enable-xpdf-headers \ + --enable-poppler-qt4 \ + --enable-cairo-output \ + --mandir=/usr/man \ + --disable-static \ + --enable-zlib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a AUTHORS COPYING* INSTALL NEWS README README-XPDF TODO \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION + ln -s /usr/share/gtk-doc/html/poppler html ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/poppler/poppler_xyscale.patch b/patches/source/poppler/poppler_xyscale.patch new file mode 100644 index 000000000..bd23d36c8 --- /dev/null +++ b/patches/source/poppler/poppler_xyscale.patch @@ -0,0 +1,47 @@ +From 36481939e3064de920e49d9d1742a85473a50963 Mon Sep 17 00:00:00 2001 +From: Thomas Freitag <Thomas.Freitag@alfa.de> +Date: Sun, 22 Jul 2012 16:40:46 +0000 +Subject: Make sure xScale and yScale are always initialized + +Bug #52215 +--- +diff --git a/poppler/PSOutputDev.cc b/poppler/PSOutputDev.cc +index a01a4b3..e15c2e9 100644 +--- a/poppler/PSOutputDev.cc ++++ b/poppler/PSOutputDev.cc +@@ -3521,6 +3521,7 @@ void PSOutputDev::startPage(int pageNum, GfxState *state) { + saveState(NULL); + } + ++ xScale = yScale = 1; + switch (mode) { + + case psModePSOrigPageSizes: +@@ -3631,8 +3632,6 @@ void PSOutputDev::startPage(int pageNum, GfxState *state) { + } else { + yScale = xScale; + } +- } else { +- xScale = yScale = 1; + } + // deal with odd bounding boxes or clipping + if (clipLLX0 < clipURX0 && clipLLY0 < clipURY0) { +@@ -3694,7 +3693,6 @@ void PSOutputDev::startPage(int pageNum, GfxState *state) { + if (tx != 0 || ty != 0) { + writePSFmt("{0:.6g} {1:.6g} translate\n", tx, ty); + } +- xScale = yScale = 1; + break; + + case psModeForm: +@@ -3702,7 +3700,6 @@ void PSOutputDev::startPage(int pageNum, GfxState *state) { + writePS("begin xpdf begin\n"); + writePS("pdfStartPage\n"); + tx = ty = 0; +- xScale = yScale = 1; + rotate = 0; + break; + } +-- +cgit v0.9.0.2-2-gbebe + diff --git a/patches/source/poppler/slack-desc b/patches/source/poppler/slack-desc new file mode 100644 index 000000000..9d5891d8a --- /dev/null +++ b/patches/source/poppler/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +poppler: poppler (a library for rendering PDF documents) +poppler: +poppler: Poppler is a library based on the xpdf PDF viewer developed by Derek +poppler: Noonburg of Glyph and Cog, LLC. Since xpdf does not provide a shared +poppler: library, whenever a flaw was found potentially dozens of applications +poppler: incorporating code from xpdf would have to be patched. By providing +poppler: a centralized PDF library this duplicated effort will be eliminated. +poppler: +poppler: +poppler: +poppler: |