Date: Sunday, September 8, 2013 @ 19:18:11 Author: bisson Revision: 193957
fix FS#36818 Added: xpdf/trunk/sanitize.patch Modified: xpdf/trunk/PKGBUILD ----------------+ PKGBUILD | 5 ++++- sanitize.patch | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2013-09-08 00:58:33 UTC (rev 193956) +++ PKGBUILD 2013-09-08 17:18:11 UTC (rev 193957) @@ -6,7 +6,7 @@ pkgname=xpdf #pkgver=3.03_pl1 pkgver=3.03 -pkgrel=3 +pkgrel=4 pkgdesc='Viewer for Portable Document Format (PDF) files' url='http://www.foolabs.com/xpdf/' license=('GPL2') @@ -16,9 +16,11 @@ 'desktop-file-utils: for desktop environments') # "ftp://ftp.foolabs.com/pub/${pkgname}/${pkgname}-${pkgver%_*}pl1.patch"; source=("ftp://ftp.foolabs.com/pub/${pkgname}/${pkgname}-${pkgver%_*}.tar.gz"; + 'sanitize.patch' 'char.patch' 'desktop') sha1sums=('499423e8a795e0efd76ca798239eb4d0d52fe248' + '2face78a2f550fd15eeceb8a1ce47c566104f457' '5c471944685a6b24a2b0c0e000562d1a3263aeeb' '17ebbfe457cb92e97b12b7362e8ce961526012d9') @@ -29,6 +31,7 @@ cd "${srcdir}/${pkgname}-${pkgver%_*}" # patch -p1 -i "../${pkgname}-${_srcver}pl1.patch" + patch -p1 -i ../sanitize.patch patch -p1 -i ../char.patch sed -i 's:/usr/share/fonts/type1/gsfonts:/usr/share/fonts/Type1:' xpdf/GlobalParams.cc Added: sanitize.patch =================================================================== --- sanitize.patch (rev 0) +++ sanitize.patch 2013-09-08 17:18:11 UTC (rev 193957) @@ -0,0 +1,55 @@ +From 3945969e0072217c143fefa3044512a31ac2afa8 Mon Sep 17 00:00:00 2001 +From: mancha <[email protected]> +Date: Sun, 11 Aug 2013 +Subject: CVE-2012-2142 + +Filter stuff that might end up in the shell to address CVE-2012-2142. +This code was adapted from the Poppler project. +--- + Error.cc | 21 ++++++++++++++++----- + 1 file changed, 16 insertions(+), 5 deletions(-) + +--- a/xpdf/Error.cc 2013-08-11 ++++ b/xpdf/Error.cc 2013-08-11 +@@ -43,7 +43,7 @@ void setErrorCallback(void (*cbk)(void * + + void CDECL error(ErrorCategory category, int pos, const char *msg, ...) { + va_list args; +- GString *s; ++ GString *s, *sanitized; + + // NB: this can be called before the globalParams object is created + if (!errorCbk && globalParams && globalParams->getErrQuiet()) { +@@ -52,17 +52,28 @@ void CDECL error(ErrorCategory category, + va_start(args, msg); + s = GString::formatv(msg, args); + va_end(args); ++ ++ sanitized = new GString (); ++ for (int i = 0; i < s->getLength(); ++i) { ++ const char c = s->getChar(i); ++ if (c < (char)0x20 || c >= (char)0x7f) { ++ sanitized->appendf("<{0:02x}>", c & 0xff); ++ } else { ++ sanitized->append(c); ++ } ++ } ++ + if (errorCbk) { +- (*errorCbk)(errorCbkData, category, pos, s->getCString()); ++ (*errorCbk)(errorCbkData, category, pos, sanitized->getCString()); + } else { + if (pos >= 0) { + fprintf(stderr, "%s (%d): %s\n", +- errorCategoryNames[category], pos, s->getCString()); ++ errorCategoryNames[category], pos, sanitized->getCString()); + } else { + fprintf(stderr, "%s: %s\n", +- errorCategoryNames[category], s->getCString()); ++ errorCategoryNames[category], sanitized->getCString()); + } + fflush(stderr); + } +- delete s; ++ delete sanitized; + }
