Fix embedded xpdf vulnerability. Bump PORTREVISION.

Approved by: asa@agava.com (maintainer, timeout 3 weeks), linimon Obtained from: RedHat/FC3 Security: http://www.FreeBSD.org/ports/portaudit/24eee285-09c7-11da-bc08-0001020eed82.html Security: CAN-2005-2097
svn path=/head/; revision=142064
2005-09-06 08:19:02 +00:00 · 2005-09-06 08:19:02 +00:00 · 8c7b5e4f7f · 2021-03-31 03:12:20 +00:00
commit 8c7b5e4f7f
parent ea45076eaa
2 changed files with 13 additions and 1 deletions
--- a/print/cups-base/Makefile
+++ b/print/cups-base/Makefile
@ -9,7 +9,7 @@

 PORTNAME=	cups-base
 PORTVERSION=	${CUPS_PORTVER}
-PORTREVISION=	4
+PORTREVISION=	5
 PORTEPOCH=	${CUPS_PORTEPOCH}
 CATEGORIES=	print
 MASTER_SITES=	${CUPS_MASTER_SITES}
--- a/print/cups-base/files/patch-CAN-2005-2097
+++ b/print/cups-base/files/patch-CAN-2005-2097
@ -0,0 +1,12 @@
+--- pdftops/FontFile.cxx.orig	Tue Feb  3 09:41:09 2004
+++ pdftops/FontFile.cxx	Tue Sep  6 16:16:04 2005
+@@ -3572,6 +3573,9 @@
+     } else {
+       origLocaTable[i].pos = 2 * getUShort(pos + 2*i);
+     }
+
+    if (origLocaTable[i].pos < 0 || origLocaTable[i].pos > len)
+      error(1, 0, "bad loca table pos value");
+   }
+   qsort(origLocaTable, nGlyphs + 1, sizeof(TrueTypeLoca), &cmpTrueTypeLocaPos);
+   for (i = 0; i < nGlyphs; ++i) {