add an upstream patch to mupdf's javascript code for a heap buffer

overflow write and oob read. (js is disabled in the default flavour in OpenBSD ports/packages, it's only in the mupdf-XX-js package).
2016-11-08 12:05:04 +00:00 · 2016-11-08 12:05:04 +00:00 · a0b1771cb5
commit a0b1771cb5
parent a1943dd68e
2 changed files with 22 additions and 2 deletions
--- a/textproc/mupdf/Makefile
+++ b/textproc/mupdf/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.69 2016/11/04 15:49:38 sthen Exp $
+# $OpenBSD: Makefile,v 1.70 2016/11/08 12:05:04 sthen Exp $

 SHARED_LIBS +=	mupdf		4.0
 SHARED_LIBS +=	mupdfthird	0.0
@ -8,7 +8,7 @@ COMMENT =	graphic library, pdf parser, viewer and utilities
 V =		1.9a
 DISTNAME =	mupdf-$V-source
 PKGNAME =	mupdf-$V
-REVISION =	1
+REVISION =	2

 CATEGORIES =	textproc x11

--- a/textproc/mupdf/patches/patch-thirdparty_mujs_jslex_c
+++ b/textproc/mupdf/patches/patch-thirdparty_mujs_jslex_c
@ -0,0 +1,20 @@
+$OpenBSD: patch-thirdparty_mujs_jslex_c,v 1.1 2016/11/08 12:05:04 sthen Exp $
+
+a0ceaf5050f
+
+Fix 697244: Check for incomplete escape sequence at end of input. master
+author	Tor Andersson <tor.andersson@artifex.com>	
+	Mon, 31 Oct 2016 12:05:37 +0000 (13:05 +0100)
+committer	Tor Andersson <tor.andersson@artifex.com>	
+	Mon, 31 Oct 2016 12:05:37 +0000 (13:05 +0100)
+
+--- thirdparty/mujs/jslex.c.orig	Tue Nov  8 11:14:30 2016
+++ thirdparty/mujs/jslex.c	Tue Nov  8 11:15:34 2016
+@@ -376,6 +376,7 @@ static int lexescape(js_State *J)
+ 		return 0;
+ 
+ 	switch (J->lexchar) {
+	case 0: jsY_error(J, "unterminated escape sequence");
+ 	case 'u':
+ 		jsY_next(J);
+ 		if (!jsY_ishex(J->lexchar)) return 1; else { x |= jsY_tohex(J->lexchar) << 12; jsY_next(J); }