Security fix: Use the xpdf version from our portstree for the pdf

importer. This basically updates the xpdf version used by the
importer from xpdf-3.02pl3 to xpdf-3.02pl4 and probably addresses
CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606,
CVE-2009-3608, and CVE-2009-3609.

I tried to build the pdf importer with poppler, but it failed badly
on PDF files containing any graphics.

While here, disable the (snake oil) DRM "feature", like we already
do in xpdf and poppler, and pass the correct flags to the xpdf
build.

Note: the extension concept of this software is stupid^W"enterprise
ready". If you ever enabled the pdf importing extension, you will
have to disable and re-enable it to get the new extension installed
(somewhere under ~/.openoffice.org or similar).

"just fucking commit you slacker ;)" robert@
This commit is contained in:
kili 2009-11-28 18:33:57 +00:00
parent 8e6adfb253
commit d813a23504
5 changed files with 1739 additions and 7 deletions

View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.29 2009/11/18 00:49:09 sthen Exp $
# $OpenBSD: Makefile,v 1.30 2009/11/28 18:33:57 kili Exp $
ONLY_FOR_ARCHS= amd64 i386
@ -10,7 +10,7 @@ VERSION= 3.1.1
DISTNAME= OOo_${VERSION}
WRKDIST= ${WRKDIR}/OOO310_m19
PKGNAME= openoffice-${VERSION}
PKGNAME-main= openoffice-${VERSION}p0
PKGNAME-main= openoffice-${VERSION}p1
PKGNAME-kde= openoffice-kde-${VERSION}
PKGNAME-java= openoffice-java-${VERSION}p0
CATEGORIES= editors productivity
@ -83,7 +83,8 @@ BUILD_DEPENDS+= :zip-*:archivers/zip \
:bash-*:shells/bash \
:p5-Archive-Zip-*:archivers/p5-Archive-Zip \
::print/cups \
::devel/boost
::devel/boost \
:xpdf-3.02:textproc/xpdf:patch
MODULES+= lang/python \
devel/gconf2
@ -195,7 +196,7 @@ CONFIGURE_ARGS+= --enable-symbols \
--enable-debug
.endif
MAKE_ENV+= envcflags="${CFLAGS}"
MAKE_ENV+= envcflags="${CFLAGS}" LOCALBASE="${LOCALBASE}"
# kludge
TCSH= ${LOCALBASE}/bin/tcsh
@ -214,6 +215,10 @@ BUILD_CMD= cd instsetoo_native && build.pl -P ${NCPU} --all --dlv_switch -link &
cd util && dmake ooolanguagepack
.endif
post-extract:
@mkdir -p ${WRKDIST}/xpdf/unxobsd.pro/misc
@echo mv ${WRKDIR}/textproc/xpdf/xpdf-3.02 . > ${WRKDIST}/xpdf/unxobsd.pro/misc/xpdf-3.02.unpack
pre-patch:
.if ${FLAVOR:L:Mparallel}
ln -fs ${WRKDIR}/cat.${ARCH} ${WRKDIR}/bin/cat

View File

@ -0,0 +1,50 @@
$OpenBSD: patch-sdext_source_pdfimport_filterdet_cxx,v 1.1 2009/11/28 18:33:57 kili Exp $
--- sdext/source/pdfimport/filterdet.cxx.orig.port Thu Aug 14 18:56:31 2008
+++ sdext/source/pdfimport/filterdet.cxx Sun Nov 22 13:31:15 2009
@@ -713,46 +713,6 @@ uno::Reference< io::XStream > getAdditionalStream( con
OSL_ENSURE( pObject, "object not found\n" );
if( pObject )
{
- if( pPDFFile->isEncrypted() )
- {
- bool bAuthenticated = false;
- if( io_rPwd.getLength() )
- {
- rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
- RTL_TEXTENCODING_ISO_8859_1 );
- bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- }
- if( ! bAuthenticated )
- {
- const beans::PropertyValue* pAttribs = rFilterData.getConstArray();
- sal_Int32 nAttribs = rFilterData.getLength();
- uno::Reference< task::XInteractionHandler > xIntHdl;
- for( sal_Int32 i = 0; i < nAttribs; i++ )
- {
- if( pAttribs[i].Name.equalsAscii( "InteractionHandler" ) )
- pAttribs[i].Value >>= xIntHdl;
- }
- if( ! bMayUseUI || ! xIntHdl.is() )
- {
- rOutMimetype = pMimeType->getFilteredName();
- xEmbed.clear();
- break;
- }
-
- bool bEntered = false;
- do
- {
- bEntered = getPassword( xIntHdl, io_rPwd, ! bEntered );
- rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
- RTL_TEXTENCODING_ISO_8859_1 );
- bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- } while( bEntered && ! bAuthenticated );
- }
-
- OSL_TRACE( "password: %s\n", bAuthenticated ? "matches" : "does not match" );
- if( ! bAuthenticated )
- continue;
- }
rOutMimetype = pMimeType->getFilteredName();
FileEmitContext aContext( rInPDFFileURL,
xContext,

View File

@ -0,0 +1,12 @@
$OpenBSD: patch-sdext_source_pdfimport_wrapper_wrapper_cxx,v 1.1 2009/11/28 18:33:57 kili Exp $
--- sdext/source/pdfimport/wrapper/wrapper.cxx.orig.port Tue Jun 9 15:41:21 2009
+++ sdext/source/pdfimport/wrapper/wrapper.cxx Sun Nov 22 13:35:52 2009
@@ -896,8 +896,6 @@ bool xpdf_ImportFromFile( const ::rtl::OUString&
// check for encryption, if necessary get password
rtl::OUString aPwd( rPwd );
bool bIsEncrypted = false;
- if( checkEncryption( aSysUPath, xIHdl, aPwd, bIsEncrypted ) == false )
- return false;
rtl::OUStringBuffer converterURL = rtl::OUString::createFromAscii("xpdfimport");

View File

@ -1,11 +1,16 @@
$OpenBSD: patch-xpdf_makefile_mk,v 1.3 2009/11/28 18:33:57 kili Exp $
--- xpdf/makefile.mk.orig.port Thu Apr 23 14:31:38 2009
+++ xpdf/makefile.mk Wed Apr 29 00:38:06 2009
@@ -81,7 +81,7 @@ CONFIGURE_ACTION=./configure --without-x --enable-mult
+++ xpdf/makefile.mk Wed Nov 25 18:20:43 2009
@@ -81,7 +81,10 @@ CONFIGURE_ACTION=./configure --without-x --enable-mult
.ELSE
#CONFIGURE_ACTION=./configure
#CONFIGURE_ACTION=./configure --without-x --enable-multithreaded --enable-exceptions CFLAGS="-g -O0" CXXFLAGS="-g -O0"
-CONFIGURE_ACTION=./configure --without-libpaper-library --without-x --enable-multithreaded --enable-exceptions
+CONFIGURE_ACTION=./configure --without-libpaper-library --without-x --enable-multithreaded --enable-exceptions CFLAGS="-pthread" LDFLAGS="-pthread"
+CONFIGURE_ACTION=./configure --without-libpaper-library --without-x --enable-multithreaded --enable-exceptions \
+ CFLAGS='${ENVCFLAGS} -DLOCALBASE=\"${LOCALBASE}\" -pthread' \
+ CXXFLAGS='${ENVCFLAGS} -DLOCALBASE=\"${LOCALBASE}\" -pthread' \
+ LDFLAGS="-pthread"
.ENDIF
BUILD_ACTION=$(GNUMAKE) -j$(EXTMAXPROCESS)

File diff suppressed because it is too large Load Diff