Security fix for CVE-2022-38171.

See: https://gist.github.com/zmanion/b2ed0d1a0cec163ecd07d5e3d9740dc6

textproc/xpdf/Makefile

@@ -3,7 +3,7 @@ COMMENT=	PDF viewer for X11
 DISTNAME=	xpdf-3.04
 CATEGORIES=	textproc x11
 EPOCH=		0
-REVISION=	1
+REVISION=	2
 
 MASTER_SITES=	https://xpdfreader-dl.s3.amazonaws.com/old/
 

textproc/xpdf/patches/patch-xpdf_JBIG2Stream_cc

@@ -0,0 +1,22 @@
+Security fix for CVE-2022-38171.
+Extracted from upstream 4.04
+
+Index: xpdf/JBIG2Stream.cc
+--- xpdf/JBIG2Stream.cc.orig
++++ xpdf/JBIG2Stream.cc
+@@ -1977,7 +1977,14 @@ void JBIG2Stream::readTextRegionSeg(Guint segNum, GBoo
+   for (i = 0; i < nRefSegs; ++i) {
+     if ((seg = findSegment(refSegs[i]))) {
+       if (seg->getType() == jbig2SegSymbolDict) {
+-	numSyms += ((JBIG2SymbolDict *)seg)->getSize();
++	Guint segSize = ((JBIG2SymbolDict *)seg)->getSize();
++	if (segSize > INT_MAX || numSyms > INT_MAX - segSize) {
++	  error(errSyntaxError, getPos(),
++		"Too many symbols in JBIG2 text region");
++	  delete codeTables;
++	  return;
++	}
++	numSyms += segSize;
+       } else if (seg->getType() == jbig2SegCodeTable) {
+ 	codeTables->append(seg);
+       }