diff options
| author | marcus <marcus@df743ca5-7f9a-e211-a948-0013205c9059> | 2005-08-13 16:19:48 +0800 |
|---|---|---|
| committer | marcus <marcus@df743ca5-7f9a-e211-a948-0013205c9059> | 2005-08-13 16:19:48 +0800 |
| commit | 0d2e9186293a820936fc2d3edc9975592f1bc7f8 (patch) | |
| tree | 618b1adb5bbdedbdda993ea6cfd34c74d31ddf19 /graphics/poppler | |
| parent | 3904dd79f7258d498b16687b0441deaf9931bc7d (diff) | |
| download | marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.tar marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.tar.gz marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.tar.bz2 marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.tar.lz marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.tar.xz marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.tar.zst marcuscom-ports-0d2e9186293a820936fc2d3edc9975592f1bc7f8.zip | |
Fix a security problem described at
http://vuxml.FreeBSD.org/24eee285-09c7-11da-bc08-0001020eed82.html.
Obtained from: graphics/xpdf
git-svn-id: svn://creme-brulee.marcuscom.com/ports/trunk@4484 df743ca5-7f9a-e211-a948-0013205c9059
Diffstat (limited to 'graphics/poppler')
| -rw-r--r-- | graphics/poppler/Makefile | 3 | ||||
| -rw-r--r-- | graphics/poppler/files/patch-security | 58 |
2 files changed, 60 insertions, 1 deletions
diff --git a/graphics/poppler/Makefile b/graphics/poppler/Makefile index 961c879cc..d967f99e4 100644 --- a/graphics/poppler/Makefile +++ b/graphics/poppler/Makefile @@ -3,11 +3,12 @@ # Whom: marcus@FreeBSD.org # # $FreeBSD$ -# $MCom: ports/graphics/poppler/Makefile,v 1.8 2005/07/02 23:25:15 ahze Exp $ +# $MCom: ports/graphics/poppler/Makefile,v 1.9 2005/07/04 00:11:30 marcus Exp $ # PORTNAME= poppler PORTVERSION= 0.3.3 +PORTREVISION= 1 CATEGORIES= graphics print MASTER_SITES= http://poppler.freedesktop.org/ diff --git a/graphics/poppler/files/patch-security b/graphics/poppler/files/patch-security new file mode 100644 index 000000000..8b1b1c2a5 --- /dev/null +++ b/graphics/poppler/files/patch-security @@ -0,0 +1,58 @@ +--- fofi/FoFiTrueType.cc.orig Thu Jan 22 02:26:44 2004 ++++ fofi/FoFiTrueType.cc Thu Aug 11 16:55:52 2005 +@@ -1343,6 +1343,27 @@ + return; + } + ++ // make sure the loca table is sane (correct length and entries are ++ // in bounds) ++ i = seekTable("loca"); ++ if (tables[i].len < (nGlyphs + 1) * (locaFmt ? 4 : 2)) { ++ parsedOk = gFalse; ++ return; ++ } ++ for (j = 0; j <= nGlyphs; ++j) { ++ if (locaFmt) { ++ pos = (int)getU32BE(tables[i].offset + j*4, &parsedOk); ++ } else { ++ pos = getU16BE(tables[i].offset + j*2, &parsedOk); ++ } ++ if (pos < 0 || pos > len) { ++ parsedOk = gFalse; ++ } ++ } ++ if (!parsedOk) { ++ return; ++ } ++ + // read the post table + readPostTable(); + if (!parsedOk) { +--- poppler/SplashOutputDev.cc.orig Thu Aug 11 16:51:38 2005 ++++ poppler/SplashOutputDev.cc Thu Aug 11 16:55:52 2005 +@@ -621,16 +621,19 @@ + } + break; + case fontTrueType: +- if (!(ff = FoFiTrueType::load(fileName->getCString()))) { +- goto err2; ++ if ((ff = FoFiTrueType::load(fileName->getCString()))) { ++ codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff); ++ n = 256; ++ delete ff; ++ } else { ++ codeToGID = NULL; ++ n = 0; + } +- codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff); +- delete ff; + if (!(fontFile = fontEngine->loadTrueTypeFont( + id, + fileName->getCString(), + fileName == tmpFileName, +- codeToGID, 256))) { ++ codeToGID, n))) { + error(-1, "Couldn't create a font for '%s'", + gfxFont->getName() ? gfxFont->getName()->getCString() + : "(unnamed)"); + |