commit 747bfaea550428d7b0e36208988dd3e9b6b51722 Author: Juergen Daubert <jue@jue.li> Date: Tue Apr 8 16:50:55 2014 +0200 mupdf: update to 1.4rc1 diff --git a/mupdf/.footprint b/mupdf/.footprint index 7b72b22..4f61f5f 100644 --- a/mupdf/.footprint +++ b/mupdf/.footprint @@ -1,8 +1,8 @@ drwxr-xr-x root/root usr/ drwxr-xr-x root/root usr/bin/ -rwxr-xr-x root/root usr/bin/mudraw +-rwxr-xr-x root/root usr/bin/mujstest lrwxrwxrwx root/root usr/bin/mupdf -> mupdf-x11-curl --rwxr-xr-x root/root usr/bin/mupdf-x11 -rwxr-xr-x root/root usr/bin/mupdf-x11-curl -rwxr-xr-x root/root usr/bin/mutool drwxr-xr-x root/root usr/man/ diff --git a/mupdf/.md5sum b/mupdf/.md5sum index d4e253d..12a77c2 100644 --- a/mupdf/.md5sum +++ b/mupdf/.md5sum @@ -1,3 +1,2 @@ -fe53c2a56ebd7759f5f965bc4ff66359 mupdf-1.3-source.tar.gz -f4d785b28f711e12d4a078ce9b3ed8f5 mupdf-694957.patch -9a173e6f0067130b77f4daa658087c31 mupdf-sys_curl.patch +fb03b36cc685abf90a2318051d26ac51 mupdf-1.4rc1-source.tar.gz +a08fdfe8af29d40eda40a8258d3c686d mupdf-sys_curl.patch diff --git a/mupdf/Pkgfile b/mupdf/Pkgfile index 2ce31dc..92369ac 100644 --- a/mupdf/Pkgfile +++ b/mupdf/Pkgfile @@ -4,21 +4,21 @@ # Depends on: curl freetype libjpeg xorg-libxext name=mupdf -version=1.3 -release=2 +version=1.4rc1 +release=1 source=(https://mupdf.googlecode.com/files/$name-$version-source.tar.gz - $name-sys_curl.patch $name-694957.patch) + $name-sys_curl.patch) build() { cd $name-$version-source patch -p1 -i $SRC/$name-sys_curl.patch - patch -p1 -i $SRC/$name-694957.patch rm -r thirdparty/{freetype*,jpeg*,zlib,curl} make build=release make prefix=$PKG/usr mandir=$PKG/usr/man install - + ln -s mupdf-x11-curl $PKG/usr/bin/mupdf + rm $PKG/usr/bin/mupdf-x11 rm -r $PKG/usr/{include,lib,share} } diff --git a/mupdf/mupdf-694957.patch b/mupdf/mupdf-694957.patch deleted file mode 100644 index bfe86f3..0000000 --- a/mupdf/mupdf-694957.patch +++ /dev/null @@ -1,135 +0,0 @@ -From 60dabde18d7fe12b19da8b509bdfee9cc886aafc Mon Sep 17 00:00:00 2001 -From: =?utf8?q?Simon=20B=C3=BCnzli?= <zeniko@gmail.com> -Date: Thu, 16 Jan 2014 22:04:51 +0100 -Subject: [PATCH] Bug 694957: fix stack buffer overflow in xps_parse_color -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -xps_parse_color happily reads more than FZ_MAX_COLORS values out of a -ContextColor array which overflows the passed in samples array. -Limiting the number of allowed samples to FZ_MAX_COLORS and make sure -to use that constant for all callers fixes the problem. - -Thanks to Jean-Jamil Khalifé for reporting and investigating the issue -and providing a sample exploit file. ---- - source/xps/xps-common.c | 22 ++++++++++++++-------- - source/xps/xps-glyphs.c | 2 +- - source/xps/xps-gradient.c | 2 +- - source/xps/xps-path.c | 2 +- - 4 files changed, 17 insertions(+), 11 deletions(-) - -diff --git a/source/xps/xps-common.c b/source/xps/xps-common.c -index b780f42..32a30ba 100644 ---- a/source/xps/xps-common.c -+++ b/source/xps/xps-common.c -@@ -89,7 +89,7 @@ xps_begin_opacity(xps_document *doc, const fz_matrix *ctm, const fz_rect *area, - if (scb_color_att) - { - fz_colorspace *colorspace; -- float samples[32]; -+ float samples[FZ_MAX_COLORS]; - xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples); - opacity = opacity * samples[0]; - } -@@ -208,12 +208,13 @@ void - xps_parse_color(xps_document *doc, char *base_uri, char *string, - fz_colorspace **csp, float *samples) - { -+ fz_context *ctx = doc->ctx; - char *p; - int i, n; - char buf[1024]; - char *profile; - -- *csp = fz_device_rgb(doc->ctx); -+ *csp = fz_device_rgb(ctx); - - samples[0] = 1; - samples[1] = 0; -@@ -259,7 +260,7 @@ xps_parse_color(xps_document *doc, char *base_uri, char *string, - profile = strchr(buf, ' '); - if (!profile) - { -- fz_warn(doc->ctx, "cannot find icc profile uri in '%s'", string); -+ fz_warn(ctx, "cannot find icc profile uri in '%s'", string); - return; - } - -@@ -267,12 +268,17 @@ xps_parse_color(xps_document *doc, char *base_uri, char *string, - p = strchr(profile, ' '); - if (!p) - { -- fz_warn(doc->ctx, "cannot find component values in '%s'", profile); -+ fz_warn(ctx, "cannot find component values in '%s'", profile); - return; - } - - *p++ = 0; - n = count_commas(p) + 1; -+ if (n > FZ_MAX_COLORS) -+ { -+ fz_warn(ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS); -+ n = FZ_MAX_COLORS; -+ } - i = 0; - while (i < n) - { -@@ -292,10 +298,10 @@ xps_parse_color(xps_document *doc, char *base_uri, char *string, - /* TODO: load ICC profile */ - switch (n) - { -- case 2: *csp = fz_device_gray(doc->ctx); break; -- case 4: *csp = fz_device_rgb(doc->ctx); break; -- case 5: *csp = fz_device_cmyk(doc->ctx); break; -- default: *csp = fz_device_gray(doc->ctx); break; -+ case 2: *csp = fz_device_gray(ctx); break; -+ case 4: *csp = fz_device_rgb(ctx); break; -+ case 5: *csp = fz_device_cmyk(ctx); break; -+ default: *csp = fz_device_gray(ctx); break; - } - } - } -diff --git a/source/xps/xps-glyphs.c b/source/xps/xps-glyphs.c -index b26e18d..e621257 100644 ---- a/source/xps/xps-glyphs.c -+++ b/source/xps/xps-glyphs.c -@@ -590,7 +590,7 @@ xps_parse_glyphs(xps_document *doc, const fz_matrix *ctm, - - if (fill_att) - { -- float samples[32]; -+ float samples[FZ_MAX_COLORS]; - fz_colorspace *colorspace; - - xps_parse_color(doc, base_uri, fill_att, &colorspace, samples); -diff --git a/source/xps/xps-gradient.c b/source/xps/xps-gradient.c -index 7d03f89..76188e9 100644 ---- a/source/xps/xps-gradient.c -+++ b/source/xps/xps-gradient.c -@@ -39,7 +39,7 @@ xps_parse_gradient_stops(xps_document *doc, char *base_uri, fz_xml *node, - struct stop *stops, int maxcount) - { - fz_colorspace *colorspace; -- float sample[8]; -+ float sample[FZ_MAX_COLORS]; - float rgb[3]; - int before, after; - int count; -diff --git a/source/xps/xps-path.c b/source/xps/xps-path.c -index b97ee17..ea84a81 100644 ---- a/source/xps/xps-path.c -+++ b/source/xps/xps-path.c -@@ -826,7 +826,7 @@ xps_parse_path(xps_document *doc, const fz_matrix *ctm, char *base_uri, xps_reso - - fz_stroke_state *stroke = NULL; - fz_matrix transform; -- float samples[32]; -+ float samples[FZ_MAX_COLORS]; - fz_colorspace *colorspace; - fz_path *path = NULL; - fz_path *stroke_path = NULL; --- -1.7.9.5 - diff --git a/mupdf/mupdf-sys_curl.patch b/mupdf/mupdf-sys_curl.patch index 495a9d3..a50adf4 100644 --- a/mupdf/mupdf-sys_curl.patch +++ b/mupdf/mupdf-sys_curl.patch @@ -1,7 +1,7 @@ -diff -Nru mupdf-1.3-source.orig/Makerules mupdf-1.3-source/Makerules ---- mupdf-1.3-source.orig/Makerules 2013-08-16 11:07:13.627597342 +0200 -+++ mupdf-1.3-source/Makerules 2013-08-16 11:09:31.525988042 +0200 -@@ -67,6 +67,8 @@ +diff -Nru mupdf-1.4rc1-source.orig/Makerules mupdf-1.4rc1-source/Makerules +--- mupdf-1.4rc1-source.orig/Makerules 2014-04-08 15:47:54.229773268 +0200 ++++ mupdf-1.4rc1-source/Makerules 2014-04-08 16:12:39.293770693 +0200 +@@ -76,6 +76,8 @@ SYS_JBIG2DEC_LIBS = -ljbig2dec SYS_JPEG_LIBS = -ljpeg SYS_ZLIB_LIBS = -lz @@ -10,18 +10,20 @@ diff -Nru mupdf-1.3-source.orig/Makerules mupdf-1.3-source/Makerules endif -diff -Nru mupdf-1.3-source.orig/Makethird mupdf-1.3-source/Makethird ---- mupdf-1.3-source.orig/Makethird 2013-08-16 11:07:13.730926974 +0200 -+++ mupdf-1.3-source/Makethird 2013-08-16 11:09:04.700283008 +0200 -@@ -443,6 +443,10 @@ - - CURL_CFLAGS := -I$(CURL_DIR)/include +diff -Nru mupdf-1.4rc1-source.orig/Makethird mupdf-1.4rc1-source/Makethird +--- mupdf-1.4rc1-source.orig/Makethird 2014-04-08 15:47:54.329769765 +0200 ++++ mupdf-1.4rc1-source/Makethird 2014-04-08 16:17:27.233759450 +0200 +@@ -454,6 +454,13 @@ CURL_LIBS := $(SYS_CURL_DEPS) + + HAVE_CURL := yes + - else --NOCURL := yes ++else + +CURL_CFLAGS := $(SYS_CURL_CFLAGS) +CURL_LIBS := $(SYS_CURL_LIBS) ++HAVE_CURL := yes + endif + + # --- X11 ---