Update to xpdf 3.0.2, from Stuart Henderson and Brad Smith

Includes some security fixes

ok pvalchev, todd
This commit is contained in:
ckuethe 2007-03-30 04:09:42 +00:00
parent fce84944cf
commit 3b5bcac916
9 changed files with 29 additions and 162 deletions

View File

@ -1,12 +1,13 @@
# $OpenBSD: Makefile,v 1.53 2006/08/03 23:55:11 espie Exp $
# $OpenBSD: Makefile,v 1.54 2007/03/30 04:09:42 ckuethe Exp $
COMMENT= "PDF viewer for X"
DISTNAME= xpdf-3.01
PKGNAME= ${DISTNAME}p1
DISTNAME= xpdf-3.02
CATEGORIES= textproc x11
MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/
MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \
ftp://gd.tuwien.ac.at/publishing/xpdf/ \
ftp://tug.org/xpdf/
HOMEPAGE= http://www.foolabs.com/xpdf/
@ -21,7 +22,7 @@ PERMIT_PACKAGE_FTP= Yes
PERMIT_DISTFILES_CDROM= Yes
PERMIT_DISTFILES_FTP= Yes
WANTLIB= ICE SM X11 Xext Xp Xpm Xt c freetype m pthread \
stdc++
stdc++ z
USE_X11= Yes
USE_GMAKE= Yes
@ -32,7 +33,7 @@ CONFIGURE_ARGS+= --enable-multithreaded \
--without-Sgm-library \
--without-libpaper-library
CONFIGURE_ENV= CPPFLAGS="-I${X11BASE}/include/freetype2 -I${X11BASE}/include -I${LOCALBASE}/include" \
LDFLAGS="-L${X11BASE}/lib -L${LOCALBASE}/lib"
LDFLAGS="-L${X11BASE}/lib -L${LOCALBASE}/lib -lz"
NO_REGRESS= Yes

View File

@ -1,4 +1,5 @@
MD5 (xpdf-3.01.tar.gz) = e004c69c7dddef165d768b1362b44268
RMD160 (xpdf-3.01.tar.gz) = d734065ce12db8d0c37d9d0ac0ca7c287be59442
SHA1 (xpdf-3.01.tar.gz) = 472cbf0f3df4e20a3ab7ada2e704b4e10d1d385b
SIZE (xpdf-3.01.tar.gz) = 599778
MD5 (xpdf-3.02.tar.gz) = 599dc4cc65a07ee868cf92a667a913d2
RMD160 (xpdf-3.02.tar.gz) = e900cb8670b8c430beaa45895fb474411cb1958d
SHA1 (xpdf-3.02.tar.gz) = f9940698840c8a8045677e8be68ab8580903e20a
SHA256 (xpdf-3.02.tar.gz) = b33a7d56f454c331ae50996f989e86c9166e57af97b74de28cddf3d51ac11f00
SIZE (xpdf-3.02.tar.gz) = 674912

View File

@ -1,7 +1,7 @@
$OpenBSD: patch-xpdf_Catalog_cc,v 1.2 2005/09/09 17:34:53 brad Exp $
--- xpdf/Catalog.cc.orig Wed Aug 17 07:34:31 2005
+++ xpdf/Catalog.cc Thu Aug 18 10:15:28 2005
@@ -64,6 +64,15 @@ Catalog::Catalog(XRef *xrefA) {
$OpenBSD: patch-xpdf_Catalog_cc,v 1.3 2007/03/30 04:09:42 ckuethe Exp $
--- xpdf/Catalog.cc.orig Tue Feb 27 22:05:52 2007
+++ xpdf/Catalog.cc Fri Mar 30 00:31:19 2007
@@ -65,6 +65,15 @@ Catalog::Catalog(XRef *xrefA) {
}
pagesSize = numPages0 = (int)obj.getNum();
obj.free();
@ -17,7 +17,7 @@ $OpenBSD: patch-xpdf_Catalog_cc,v 1.2 2005/09/09 17:34:53 brad Exp $
pages = (Page **)gmallocn(pagesSize, sizeof(Page *));
pageRefs = (Ref *)gmallocn(pagesSize, sizeof(Ref));
for (i = 0; i < pagesSize; ++i) {
@@ -195,6 +204,11 @@ int Catalog::readPageTree(Dict *pagesDic
@@ -217,6 +226,11 @@ int Catalog::readPageTree(Dict *pagesDict, PageAttrs *
}
if (start >= pagesSize) {
pagesSize += 32;

View File

@ -1,28 +0,0 @@
$OpenBSD: patch-xpdf_JPXStream_cc,v 1.1 2005/12/07 09:22:15 bernd Exp $
--- xpdf/JPXStream.cc.orig Wed Aug 17 07:34:31 2005
+++ xpdf/JPXStream.cc Tue Dec 6 21:13:44 2005
@@ -783,7 +783,7 @@ GBool JPXStream::readCodestream(Guint le
int segType;
GBool haveSIZ, haveCOD, haveQCD, haveSOT;
Guint precinctSize, style;
- Guint segLen, capabilities, comp, i, j, r;
+ Guint segLen, capabilities, nTiles, comp, i, j, r;
//----- main header
haveSIZ = haveCOD = haveQCD = haveSOT = gFalse;
@@ -818,8 +818,13 @@ GBool JPXStream::readCodestream(Guint le
/ img.xTileSize;
img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1)
/ img.yTileSize;
- img.tiles = (JPXTile *)gmallocn(img.nXTiles * img.nYTiles,
- sizeof(JPXTile));
+ nTiles = img.nXTiles * img.nYTiles;
+ // check for overflow before allocating memory
+ if (nTiles == 0 || nTiles / img.nXTiles != img.nYTiles) {
+ error(getPos(), "Bad tile count in JPX SIZ marker segment");
+ return gFalse;
+ }
+ img.tiles = (JPXTile *)gmallocn(nTiles, sizeof(JPXTile));
for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
img.tiles[i].tileComps = (JPXTileComp *)gmallocn(img.nComps,
sizeof(JPXTileComp));

View File

@ -1,75 +0,0 @@
$OpenBSD: patch-xpdf_Stream_cc,v 1.1 2005/12/07 09:22:15 bernd Exp $
--- xpdf/Stream.cc.orig Wed Aug 17 07:34:31 2005
+++ xpdf/Stream.cc Tue Dec 6 21:13:44 2005
@@ -401,18 +401,33 @@ void ImageStream::skipLine() {
StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
int widthA, int nCompsA, int nBitsA) {
+ int totalBits;
+
str = strA;
predictor = predictorA;
width = widthA;
nComps = nCompsA;
nBits = nBitsA;
+ predLine = NULL;
+ ok = gFalse;
nVals = width * nComps;
+ totalBits = nVals * nBits;
+ if (totalBits == 0 ||
+ (totalBits / nBits) / nComps != width ||
+ totalBits + 7 < 0) {
+ return;
+ }
pixBytes = (nComps * nBits + 7) >> 3;
- rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
+ rowBytes = ((totalBits + 7) >> 3) + pixBytes;
+ if (rowBytes < 0) {
+ return;
+ }
predLine = (Guchar *)gmalloc(rowBytes);
memset(predLine, 0, rowBytes);
predIdx = rowBytes;
+
+ ok = gTrue;
}
StreamPredictor::~StreamPredictor() {
@@ -1004,6 +1019,10 @@ LZWStream::LZWStream(Stream *strA, int p
FilterStream(strA) {
if (predictor != 1) {
pred = new StreamPredictor(this, predictor, columns, colors, bits);
+ if (!pred->isOk()) {
+ delete pred;
+ pred = NULL;
+ }
} else {
pred = NULL;
}
@@ -2899,6 +2918,14 @@ GBool DCTStream::readBaselineSOF() {
height = read16();
width = read16();
numComps = str->getChar();
+ if (numComps <= 0 || numComps > 4) {
+ error(getPos(), "Bad number of components in DCT stream", prec);
+ return gFalse;
+ }
+ if (numComps <= 0 || numComps > 4) {
+ error(getPos(), "Bad number of components in DCT stream", prec);
+ return gFalse;
+ }
if (prec != 8) {
error(getPos(), "Bad DCT precision %d", prec);
return gFalse;
@@ -3827,6 +3854,10 @@ FlateStream::FlateStream(Stream *strA, i
FilterStream(strA) {
if (predictor != 1) {
pred = new StreamPredictor(this, predictor, columns, colors, bits);
+ if (!pred->isOk()) {
+ delete pred;
+ pred = NULL;
+ }
} else {
pred = NULL;
}

View File

@ -1,20 +0,0 @@
$OpenBSD: patch-xpdf_Stream_h,v 1.1 2005/12/07 09:22:15 bernd Exp $
--- xpdf/Stream.h.orig Wed Aug 17 07:34:31 2005
+++ xpdf/Stream.h Tue Dec 6 21:13:44 2005
@@ -232,6 +232,8 @@ public:
~StreamPredictor();
+ GBool isOk() { return ok; }
+
int lookChar();
int getChar();
@@ -249,6 +251,7 @@ private:
int rowBytes; // bytes per line
Guchar *predLine; // line buffer
int predIdx; // current index in predLine
+ GBool ok;
};
//------------------------------------------------------------------------

View File

@ -1,7 +1,7 @@
$OpenBSD: patch-xpdf_XPDFCore_cc,v 1.3 2005/09/09 17:34:53 brad Exp $
--- xpdf/XPDFCore.cc.orig Wed Aug 17 07:34:31 2005
+++ xpdf/XPDFCore.cc Thu Aug 18 10:23:14 2005
@@ -377,9 +377,6 @@ void XPDFCore::copySelection() {
$OpenBSD: patch-xpdf_XPDFCore_cc,v 1.4 2007/03/30 04:09:42 ckuethe Exp $
--- xpdf/XPDFCore.cc.orig Tue Feb 27 22:05:52 2007
+++ xpdf/XPDFCore.cc Fri Mar 30 00:31:19 2007
@@ -407,9 +407,6 @@ void XPDFCore::copySelection() {
int pg;
double ulx, uly, lrx, lry;
@ -11,15 +11,3 @@ $OpenBSD: patch-xpdf_XPDFCore_cc,v 1.3 2005/09/09 17:34:53 brad Exp $
if (getSelection(&pg, &ulx, &uly, &lrx, &lry)) {
//~ for multithreading: need a mutex here
if (currentSelection) {
@@ -1108,11 +1105,7 @@ void XPDFCore::inputCbk(Widget widget, X
#ifndef NO_TEXT_SELECT
if (core->selectULX != core->selectLRX &&
core->selectULY != core->selectLRY) {
- if (core->doc->okToCopy()) {
core->copySelection();
- } else {
- error(-1, "Copying of text from this document is not allowed.");
- }
}
#endif
}

View File

@ -1,7 +1,7 @@
$OpenBSD: patch-xpdf_XPDFViewer_cc,v 1.3 2005/09/09 17:34:53 brad Exp $
--- xpdf/XPDFViewer.cc.orig Wed Aug 17 07:34:31 2005
+++ xpdf/XPDFViewer.cc Thu Aug 18 10:08:25 2005
@@ -2391,11 +2391,6 @@ void XPDFViewer::printPrintCbk(Widget wi
$OpenBSD: patch-xpdf_XPDFViewer_cc,v 1.4 2007/03/30 04:09:42 ckuethe Exp $
--- xpdf/XPDFViewer.cc.orig Tue Feb 27 22:05:52 2007
+++ xpdf/XPDFViewer.cc Fri Mar 30 00:31:19 2007
@@ -3406,11 +3406,6 @@ void XPDFViewer::printPrintCbk(Widget widget, XtPointe
PSOutputDev *psOut;
doc = viewer->core->getDoc();

View File

@ -1,7 +1,7 @@
$OpenBSD: patch-xpdf_pdftops_cc,v 1.3 2005/09/09 17:34:53 brad Exp $
--- xpdf/pdftops.cc.orig Wed Aug 17 07:34:31 2005
+++ xpdf/pdftops.cc Thu Aug 18 10:08:26 2005
@@ -269,13 +269,6 @@ int main(int argc, char *argv[]) {
$OpenBSD: patch-xpdf_pdftops_cc,v 1.4 2007/03/30 04:09:42 ckuethe Exp $
--- xpdf/pdftops.cc.orig Tue Feb 27 22:05:52 2007
+++ xpdf/pdftops.cc Fri Mar 30 00:31:19 2007
@@ -278,13 +278,6 @@ int main(int argc, char *argv[]) {
goto err1;
}