rpms/pdfedit/F-11 import.log, NONE, 1.1 pdfedit-0.4.3-zlib.patch, NONE, 1.1 xpdf-3.02pl4.patch, NONE, 1.1 pdfedit.spec, 1.15, 1.16
Orion Poplawski
orion at fedoraproject.org
Wed Feb 17 17:54:37 UTC 2010
- Previous message: rpms/pdfedit/F-12 import.log, NONE, 1.1 pdfedit-0.4.3-zlib.patch, NONE, 1.1 xpdf-3.02pl4.patch, NONE, 1.1 pdfedit.spec, 1.16, 1.17
- Next message: rpms/ghostscript/F-13 ghostscript.spec,1.202,1.203
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: orion
Update of /cvs/pkgs/rpms/pdfedit/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv25075/F-11
Modified Files:
pdfedit.spec
Added Files:
import.log pdfedit-0.4.3-zlib.patch xpdf-3.02pl4.patch
Log Message:
Sync to devel
--- NEW FILE import.log ---
pdfedit-0_4_3-4_fc14:F-11:pdfedit-0.4.3-4.fc14.src.rpm:1266429263
pdfedit-0.4.3-zlib.patch:
Makefile.flags.in | 6 +-
config/ax_check_zlib.m4 | 137 ++++++++++++++++++++++++++++++++++++++++++++++++
configure.in | 2
3 files changed, 143 insertions(+), 2 deletions(-)
--- NEW FILE pdfedit-0.4.3-zlib.patch ---
Fix libz detection
We have relied on AC_CHECK_FT2 which is setting -lz automaticaly, but this
is not a case for all platforms (e.g. Fedora is different in that regard).
Let's make libz detection explicit. The core autoconf script was taken from
git://git.sv.gnu.org/autoconf-archive.git.
Thanks to Orion Poplawski for reporting.
Index: pdfedit-patches/Makefile.flags.in
===================================================================
--- pdfedit-patches.orig/Makefile.flags.in 2010-02-15 21:25:43.000000000 +0100
+++ pdfedit-patches/Makefile.flags.in 2010-02-15 21:28:59.000000000 +0100
@@ -173,6 +173,7 @@ QOUTPUTDEVROOT = $(SRCROOT)/kpdf-kde-3.
BOOSTFLAGS = @BOOST_CPPFLAGS@
CPPUNITFLAGS = @CPPUNIT_CFLAGS@
FREETYPEFLAGS = @FT2_CFLAGS@
+ZLIBFLAGS = @ZLIB_CPPFLAGS@
T1FLAGS = @t1_CFLAGS@
XPDFLAGS = -I$(XPDFROOT)/
# This is required for qmake which always forces -I when specifying
@@ -184,7 +185,7 @@ QOUTPUTDEVFLAGS = -I$(QOUTPUTDEVPATH)
# All necessary includes for building
MANDATORY_INCPATH = -I. -I$(SRCROOT) $(XPDFLAGS) $(BOOSTFLAGS)\
- $(FREETYPEFLAGS) $(T1FLAGS)
+ $(FREETYPEFLAGS) $(T1FLAGS) $(ZLIBFLAGS)
# This is required for qmake which always forces -I when specifying
MANDATORY_PATHS = $(SRCROOT) $(XPDFLAGS) $(BOOSTFLAGS) $(FREETYPEFLAGS)
@@ -194,6 +195,7 @@ DIST_INCPATH = -I$(INCLUDE_PATH) -I$(IN
FREETYPE_LIBS = @FT2_LIBS@
T1_LIBS = @t1_LIBS@
+ZLIB_LIBS = @ZLIB_LIBS@
BOOST_LIBS = @BOOST_LDFLAGS@
@@ -210,7 +212,7 @@ STANDARD_LDFLAGS = @LDFLAGS@
# all necessary libraries
MANDATORY_LIBS = $(BOOST_LIBS) $(PDFEDIT_LIBS) \
- $(FREETYPE_LIBS) $(T1_LIBS)
+ $(FREETYPE_LIBS) $(T1_LIBS) $(ZLIB_LIBS)
# All necessary libraries for 3rd party code depending on pdfedit-core-dev
# TODO change to have only one library containing kernel, utils, xpdf, fofi,
Index: pdfedit-patches/config/ax_check_zlib.m4
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ pdfedit-patches/config/ax_check_zlib.m4 2010-02-15 21:28:59.000000000 +0100
@@ -0,0 +1,137 @@
+# ===========================================================================
+# http://www.nongnu.org/autoconf-archive/ax_check_zlib.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+# AX_CHECK_ZLIB()
+#
+# DESCRIPTION
+#
+# This macro searches for an installed zlib library. If nothing was
+# specified when calling configure, it searches first in /usr/local and
+# then in /usr. If the --with-zlib=DIR is specified, it will try to find
+# it in DIR/include/zlib.h and DIR/lib/libz.a. If --without-zlib is
+# specified, the library is not searched at all.
+#
+# If either the header file (zlib.h) or the library (libz) is not found,
+# the configuration exits on error, asking for a valid zlib installation
+# directory or --without-zlib.
+#
+# The macro defines the symbol HAVE_LIBZ if the library is found. You
+# should use autoheader to include a definition for this symbol in a
+# config.h file. Sample usage in a C/C++ source is as follows:
+#
+# #ifdef HAVE_LIBZ
+# #include <zlib.h>
+# #endif /* HAVE_LIBZ */
+#
+# LICENSE
+#
+# Copyright (c) 2008 Loic Dachary <loic at senga.org>
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+# Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# As a special exception, the respective Autoconf Macro's copyright owner
+# gives unlimited permission to copy, distribute and modify the configure
+# scripts that are the output of Autoconf when processing the Macro. You
+# need not follow the terms of the GNU General Public License when using
+# or distributing such scripts, even though portions of the text of the
+# Macro appear in them. The GNU General Public License (GPL) does govern
+# all other use of the material that constitutes the Autoconf Macro.
+#
+# This special exception to the GPL applies to versions of the Autoconf
+# Macro released by the Autoconf Archive. When you make and distribute a
+# modified version of the Autoconf Macro, you may extend this special
+# exception to the GPL to apply to your modified version as well.
+
+#serial 4
+
+AU_ALIAS([CHECK_ZLIB], [AX_CHECK_ZLIB])
+AC_DEFUN([AX_CHECK_ZLIB],
+#
+# Handle user hints
+#
+[AC_MSG_CHECKING(if zlib is wanted)
+AC_ARG_WITH(zlib,
+[ --with-zlib=DIR root directory path of zlib installation [defaults to
+ /usr/local or /usr if not found in /usr/local]
+ --without-zlib to disable zlib usage completely],
+[if test "$withval" != no ; then
+ AC_MSG_RESULT(yes)
+ if test -d "$withval"
+ then
+ ZLIB_HOME_PARAM="$withval"
+ else
+ AC_MSG_WARN([Sorry, $withval does not exist, checking usual places])
+ fi
+else
+ AC_MSG_RESULT(no)
+fi])
+
+for dir in "$ZLIB_HOME_PARAM" /usr/local /usr
+do
+ if test -f "${dir}/include/zlib.h"
+ then
+ ZLIB_HOME="$dir"
+ break
+ fi
+done
+
+if test -z "${ZLIB_HOME}"
+then
+ AC_MSG_ERROR([libz not found])
+fi
+
+#
+# Locate zlib, if wanted
+#
+if test -n "${ZLIB_HOME}"
+then
+ ZLIB_OLD_LDFLAGS=$LDFLAGS
+ ZLIB_OLD_CPPFLAGS=$LDFLAGS
+ LDFLAGS="-L${ZLIB_HOME}/lib"
+ CPPFLAGS="-I${ZLIB_HOME}/include"
+ AC_LANG_SAVE
+ AC_LANG_C
+ AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
+ AC_CHECK_HEADER(zlib.h, [zlib_cv_zlib_h=yes], [zlib_cv_zlib_h=no])
+ AC_LANG_RESTORE
+ if test "$zlib_cv_libz" = "yes" -a "$zlib_cv_zlib_h" = "yes"
+ then
+ #
+ # If both library and header were found, use them
+ #
+ AC_CHECK_LIB(z, inflateEnd)
+ AC_MSG_CHECKING(zlib in ${ZLIB_HOME})
+ AC_MSG_RESULT(ok)
+ else
+ #
+ # If either header or library was not found, revert and bomb
+ #
+ AC_MSG_CHECKING(zlib in ${ZLIB_HOME})
+ LDFLAGS="$ZLIB_OLD_LDFLAGS"
+ CPPFLAGS="$ZLIB_OLD_CPPFLAGS"
+ AC_MSG_RESULT(failed)
+ AC_MSG_ERROR(either specify a valid zlib installation with --with-zlib=DIR or disable zlib usage with --without-zlib)
+ fi
+ ZLIB_LIBS="$LDFLAGS -lz"
+ ZLIB_CPPFLAGS="$CPPFLAGS"
+ LDFLAGS="$ZLIB_OLD_LDFLAGS"
+ CPPFLAGS="$ZLIB_OLD_CPPFLAGS"
+ AC_SUBST([ZLIB_LIBS])
+ AC_SUBST([ZLIB_CPPFLAGS])
+fi
+
+])
Index: pdfedit-patches/configure.in
===================================================================
--- pdfedit-patches.orig/configure.in 2010-02-15 22:58:37.000000000 +0100
+++ pdfedit-patches/configure.in 2010-02-15 20:42:10.000000000 +0100
@@ -16,6 +16,7 @@ m4_include([config/macro.m4])
m4_include([config/boost_base.m4])
m4_include([config/cppunit.m4])
m4_include([config/freetype2.m4])
+m4_include([config/ax_check_zlib.m4])
m4_include([config/xpdf.m4])
@@ -45,6 +46,7 @@ AC_C_CONST
AC_C_INLINE
AC_TYPE_SIZE_T
AC_STRUCT_TM
+AX_CHECK_ZLIB
dnl Checks for boost
AX_BOOST_BASE
xpdf-3.02pl4.patch:
pdfedit-0.4.3/src/xpdf/xpdf/XRef.cc | 17 ++++++++++
pdfedit-patches/src/xpdf/splash/Splash.cc | 13 ++++++-
pdfedit-patches/src/xpdf/splash/SplashBitmap.cc | 35 ++++++++++++++++-----
pdfedit-patches/src/xpdf/splash/SplashErrorCodes.h | 2 +
pdfedit-patches/src/xpdf/xpdf/PSOutputDev.cc | 2 -
pdfedit-patches/src/xpdf/xpdf/Stream.cc | 4 ++
6 files changed, 61 insertions(+), 12 deletions(-)
--- NEW FILE xpdf-3.02pl4.patch ---
xpdf: update to xpdf 3.02pl4
Backport of the upstream patch for 3.02pl4. This addresses several security
issues: CVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606,
CVE-2009-3608, CVE-2009-3609.
Index: pdfedit-patches/src/xpdf/xpdf/Stream.cc
===================================================================
--- pdfedit-patches.orig/src/xpdf/xpdf/Stream.cc 2009-09-11 13:56:24.000000000 +0200
+++ pdfedit-patches/src/xpdf/xpdf/Stream.cc 2010-02-17 10:18:42.000000000 +0100
@@ -335,6 +335,10 @@ ImageStream::ImageStream(Stream *strA, i
} else {
imgLineSize = nVals;
}
+ if (width > INT_MAX / nComps) {
+ // force a call to gmallocn(-1,...), which will throw an exception
+ imgLineSize = -1;
+ }
imgLine = (Guchar *)gmallocn(imgLineSize, sizeof(Guchar));
imgIdx = nVals;
}
Index: pdfedit-patches/src/xpdf/xpdf/PSOutputDev.cc
===================================================================
--- pdfedit-patches.orig/src/xpdf/xpdf/PSOutputDev.cc 2009-09-11 13:56:24.000000000 +0200
+++ pdfedit-patches/src/xpdf/xpdf/PSOutputDev.cc 2010-02-17 10:18:42.000000000 +0100
@@ -4316,7 +4316,7 @@ void PSOutputDev::doImageL1Sep(GfxImageC
width, -height, height);
// allocate a line buffer
- lineBuf = (Guchar *)gmalloc(4 * width);
+ lineBuf = (Guchar *)gmallocn(width, 4);
// set up to process the data stream
imgStr = new ImageStream(str, width, colorMap->getNumPixelComps(),
Index: pdfedit-patches/src/xpdf/splash/Splash.cc
===================================================================
--- pdfedit-patches.orig/src/xpdf/splash/Splash.cc 2008-09-09 16:18:01.000000000 +0200
+++ pdfedit-patches/src/xpdf/splash/Splash.cc 2010-02-17 10:19:42.000000000 +0100
@@ -12,6 +12,7 @@
#include <stdlib.h>
#include <string.h>
+#include <limits.h>
#include "goo/gmem.h"
#include "splash/SplashErrorCodes.h"
#include "splash/SplashMath.h"
@@ -1912,7 +1913,10 @@ SplashError Splash::fillImageMask(Splash
xq = w % scaledWidth;
// allocate pixel buffer
- pixBuf = (SplashColorPtr)gmalloc((yp + 1) * w);
+ if (yp < 0 || yp > INT_MAX - 1) {
+ return splashErrBadArg;
+ }
+ pixBuf = (SplashColorPtr)gmallocn(yp + 1, w);
// initialize the pixel pipe
pipeInit(&pipe, 0, 0, state->fillPattern, NULL, state->fillAlpha,
@@ -2208,9 +2212,12 @@ SplashError Splash::drawImage(SplashImag
xq = w % scaledWidth;
// allocate pixel buffers
- colorBuf = (SplashColorPtr)gmalloc((yp + 1) * w * nComps);
+ if (yp < 0 || yp > INT_MAX - 1 || w > INT_MAX / nComps) {
+ return splashErrBadArg;
+ }
+ colorBuf = (SplashColorPtr)gmallocn(yp + 1, w * nComps);
if (srcAlpha) {
- alphaBuf = (Guchar *)gmalloc((yp + 1) * w);
+ alphaBuf = (Guchar *)gmallocn(yp + 1, w);
} else {
alphaBuf = NULL;
}
Index: pdfedit-patches/src/xpdf/splash/SplashErrorCodes.h
===================================================================
--- pdfedit-patches.orig/src/xpdf/splash/SplashErrorCodes.h 2008-09-09 16:18:01.000000000 +0200
+++ pdfedit-patches/src/xpdf/splash/SplashErrorCodes.h 2010-02-17 10:18:42.000000000 +0100
@@ -29,4 +29,6 @@
#define splashErrSingularMatrix 8 // matrix is singular
+#define splashErrBadArg 9 // bad argument
+
#endif
Index: pdfedit-patches/src/xpdf/splash/SplashBitmap.cc
===================================================================
--- pdfedit-patches.orig/src/xpdf/splash/SplashBitmap.cc 2009-08-10 09:36:17.000000000 +0200
+++ pdfedit-patches/src/xpdf/splash/SplashBitmap.cc 2010-02-17 10:31:32.000000000 +0100
@@ -11,6 +11,7 @@
#endif
#include <stdio.h>
+#include <limits.h>
#include "goo/gmem.h"
#include "splash/SplashErrorCodes.h"
#include "splash/SplashBitmap.h"
@@ -27,30 +28,48 @@ SplashBitmap::SplashBitmap(int widthA, i
mode = modeA;
switch (mode) {
case splashModeMono1:
- rowSize = (width + 7) >> 3;
+ if (width > 0) {
+ rowSize = (width + 7) >> 3;
+ } else {
+ rowSize = -1;
+ }
break;
case splashModeMono8:
- rowSize = width;
+ if (width > 0) {
+ rowSize = width;
+ } else {
+ rowSize = -1;
+ }
break;
case splashModeRGB8:
case splashModeBGR8:
- rowSize = width * 3;
+ if (width > 0 && width <= INT_MAX / 3) {
+ rowSize = width * 3;
+ } else {
+ rowSize = -1;
+ }
break;
#if SPLASH_CMYK
case splashModeCMYK8:
- rowSize = width * 4;
+ if (width > 0 && width <= INT_MAX / 4) {
+ rowSize = width * 4;
+ } else {
+ rowSize = -1;
+ }
break;
#endif
}
- rowSize += rowPad - 1;
- rowSize -= rowSize % rowPad;
- data = (SplashColorPtr)gmalloc(rowSize * height);
+ if (rowSize > 0) {
+ rowSize += rowPad - 1;
+ rowSize -= rowSize % rowPad;
+ }
+ data = (SplashColorPtr)gmallocn(height, rowSize);
if (!topDown) {
data += (height - 1) * rowSize;
rowSize = -rowSize;
}
if (alphaA) {
- alpha = (Guchar *)gmalloc(width * height);
+ alpha = (Guchar *)gmallocn(width, height);
} else {
alpha = NULL;
}
--- pdfedit-0.4.3/src/xpdf/xpdf/XRef.cc.xpdf-3.02pl4 2009-03-27 08:17:26.000000000 -0600
+++ pdfedit-0.4.3/src/xpdf/xpdf/XRef.cc 2010-02-17 10:47:44.066674736 -0700
@@ -52,6 +52,8 @@
// generation 0.
ObjectStream(XRef *xref, int objStrNumA);
+ GBool isOk() { return ok; }
+
~ObjectStream();
// Return the object number of this object stream.
@@ -67,6 +69,7 @@
int nObjects; // number of objects in the stream
Object *objs; // the objects (length = nObjects)
int *objNums; // the object numbers (length = nObjects)
+ GBool ok;
};
ObjectStream::ObjectStream(XRef *xref, int objStrNumA) {
@@ -80,6 +83,7 @@
nObjects = 0;
objs = NULL;
objNums = NULL;
+ ok = gFalse;
// we don't have to check for isOk here because fetch failure
// is reported via returned objNull
@@ -107,6 +111,13 @@
goto err1;
}
+ // this is an arbitrary limit to avoid integer overflow problems
+ // in the 'new Object[nObjects]' call (Acrobat apparently limits
+ // object streams to 100-200 objects)
+ if (nObjects > 1000000) {
+ error(-1, "Too many objects in an object stream");
+ goto err1;
+ }
objs = new Object[nObjects];
objNums = (int *)gmallocn(nObjects, sizeof(int));
offsets = (int *)gmallocn(nObjects, sizeof(int));
@@ -169,6 +180,7 @@
}
gfree(offsets);
+ ok = gTrue;
err1:
objStr.free();
@@ -960,6 +972,11 @@
delete objStr;
}
objStr = new ObjectStream(this, e->offset);
+ if (!objStr->isOk()) {
+ delete objStr;
+ objStr = NULL;
+ goto err_damaged;
+ }
}
objStr->getObject(e->gen, num, obj);
break;
Index: pdfedit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pdfedit/F-11/pdfedit.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -p -r1.15 -r1.16
--- pdfedit.spec 22 Jul 2009 02:17:20 -0000 1.15
+++ pdfedit.spec 17 Feb 2010 17:54:36 -0000 1.16
@@ -1,6 +1,6 @@
Name: pdfedit
Version: 0.4.3
-Release: 1%{?dist}
+Release: 4%{?dist}
Summary: A complete pdf document editing solution
Group: Applications/Publishing
@@ -10,6 +10,9 @@ Source0: http://downloads.sourcef
Source1: pdfedit.desktop
Patch0: pdfedit-destdir.patch
Patch1: pdfedit-fix-includes.patch
+Patch2: pdfedit-0.4.3-zlib.patch
+#Patch to fix several security issues
+Patch3: xpdf-3.02pl4.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: boost-devel, lesstif-devel, libpaper-devel
@@ -34,14 +37,18 @@ everything is based on a script.
%patch0 -p1 -b .destdir
%patch1 -p1 -b .fix-includes
+%patch2 -p1 -b .zlib
+%patch3 -p1 -b .xpdf-3.02pl4
+# zlib patch requires autoconf run
+autoconf
# fix paths to be relative to rpm build root
sed -i 's/\(.path\s\+= \)/\1$(QMAKE_DESTDIR)\//' src/gui/pdfedit.pro
+
%build
export QMAKESPEC=linux-g++
-# currently boost-iostreams causes an error when running configure
-%configure --without-boost-iostreams
+%configure
make %{?_smp_mflags}
@@ -100,6 +107,18 @@ fi
%{_docdir}
%changelog
+* Wed Feb 17 2010 Orion Poplawski <orion at cora.nwra.com> - 0.4.3-4
+- Add patch from upstream to fix several security issues in xpdf code:
+ CVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608,
+ CVE-2009-3609
+
+* Mon Feb 15 2010 Orion Poplawski <orion at cora.nwra.com> - 0.4.3-3
+- Add patch from upstream to fix zlib link issue (bug #565061)
+- Remove old configure option
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
* Tue Jul 21 2009 Bernard Johnson <bjohnson at symetrix.com> - 0.4.3-1
- 0.4.3
- Previous message: rpms/pdfedit/F-12 import.log, NONE, 1.1 pdfedit-0.4.3-zlib.patch, NONE, 1.1 xpdf-3.02pl4.patch, NONE, 1.1 pdfedit.spec, 1.16, 1.17
- Next message: rpms/ghostscript/F-13 ghostscript.spec,1.202,1.203
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list