commit 6a499eb7da2e05a5529e191f7836d55c8604f60e Author: Antti Nykanen <aon@iki.fi> Date: Sat Aug 11 00:09:55 2007 +0300 [security] xpdf: added a patch for CVE-2007-3387 See http://secunia.com/cve_reference/CVE-2007-3387/ for more information. diff --git a/xpdf/.md5sum b/xpdf/.md5sum index eee0931..6c9cfac 100644 --- a/xpdf/.md5sum +++ b/xpdf/.md5sum @@ -1 +1,2 @@ +877118786dfe27d1b7aa5a6759cc6e45 xpdf-3.02.patch 599dc4cc65a07ee868cf92a667a913d2 xpdf-3.02.tar.gz diff --git a/xpdf/Pkgfile b/xpdf/Pkgfile index 75a8dfe..a599a4d 100644 --- a/xpdf/Pkgfile +++ b/xpdf/Pkgfile @@ -6,11 +6,13 @@ name=xpdf version=3.02 -release=1 -source=(ftp://ftp.foolabs.com/pub/xpdf/$name-$version.tar.gz) +release=2 +source=(ftp://ftp.foolabs.com/pub/xpdf/$name-$version.tar.gz + $name-$version.patch) build() { cd $name-$version + patch -p1 -i $SRC/$name-$version.patch ./configure \ --prefix=/usr \ --with-Xm-library=/usr/lib \ diff --git a/xpdf/xpdf-3.02.patch b/xpdf/xpdf-3.02.patch new file mode 100644 index 0000000..cd42fb9 --- /dev/null +++ b/xpdf/xpdf-3.02.patch @@ -0,0 +1,33 @@ +*** xpdf-3.02.orig/xpdf/Stream.cc Tue Feb 27 14:05:52 2007 +--- xpdf-3.02/xpdf/Stream.cc Thu Jul 26 14:44:43 2007 +*************** +*** 410,424 **** + ok = gFalse; + + nVals = width * nComps; +- if (width <= 0 || nComps <= 0 || nBits <= 0 || +- nComps >= INT_MAX / nBits || +- width >= INT_MAX / nComps / nBits || +- nVals * nBits + 7 < 0) { +- return; +- } + pixBytes = (nComps * nBits + 7) >> 3; + rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes; +! if (rowBytes <= 0) { + return; + } + predLine = (Guchar *)gmalloc(rowBytes); +--- 410,422 ---- + ok = gFalse; + + nVals = width * nComps; + pixBytes = (nComps * nBits + 7) >> 3; + rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes; +! if (width <= 0 || nComps <= 0 || nBits <= 0 || +! nComps > gfxColorMaxComps || +! nBits > 16 || +! width >= INT_MAX / nComps || // check for overflow in nVals +! nVals >= (INT_MAX - 7) / nBits) { // check for overflow in rowBytes + return; + } + predLine = (Guchar *)gmalloc(rowBytes);