[gentoo-commits] repo/gentoo:master commit in: app-text/mupdf/, app-text/mupdf/files/

Michael Weber Thu, 09 Feb 2017 13:16:36 -0800

commit:     54f3dbbee64dfa9de3193a16daa5ff254d4963b2
Author:     Michael Weber <xmw <AT> gentoo <DOT> org>
AuthorDate: Thu Feb  9 21:10:20 2017 +0000
Commit:     Michael Weber <xmw <AT> gentoo <DOT> org>
CommitDate: Thu Feb  9 21:10:20 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=54f3dbbe


app-text/mupdf: Revbump to fix null pointer dereference (bug 608702) and heap 
overflow (bug 608712).

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 .../mupdf/files/mupdf-1.10a-heap-overflow.patch    |  40 ++++++
 .../mupdf/files/mupdf-1.10a-null-pointer.patch     |  21 +++
 app-text/mupdf/mupdf-1.10a-r1.ebuild               | 148 +++++++++++++++++++++
 3 files changed, 209 insertions(+)

diff --git a/app-text/mupdf/files/mupdf-1.10a-heap-overflow.patch 
b/app-text/mupdf/files/mupdf-1.10a-heap-overflow.patch
new file mode 100644
index 0000000000..8b350ea859
--- /dev/null
+++ b/app-text/mupdf/files/mupdf-1.10a-heap-overflow.patch
@@ -0,0 +1,40 @@
+X-Git-Url: 
http://git.ghostscript.com/?p=mupdf.git;a=blobdiff_plain;f=source%2Ffitz%2Fpixmap.c;h=f1291dc29d49ead44c10785fd014a0d995e45a91;hp=a8317127da7af6d39eb86fe3ca02cb4106a9b262;hb=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27;hpb=90fa6203ad032fe161d85a3e580941ce3d1216f0
+
+diff --git a/source/fitz/pixmap.c b/source/fitz/pixmap.c
+index a831712..f1291dc 100644
+--- a/source/fitz/pixmap.c
++++ b/source/fitz/pixmap.c
+@@ -1104,6 +1104,7 @@ fz_subsample_pixmap_ARM(unsigned char *ptr, int w, int 
h, int f, int factor,
+       
"@STACK:r1,<9>,factor,n,fwd,back,back2,fwd2,divX,back4,fwd4,fwd3,divY,back5,divXY\n"
+       "ldr    r4, [r13,#4*22]         @ r4 = divXY                    \n"
+       "ldr    r5, [r13,#4*11]         @ for (nn = n; nn > 0; n--) {   \n"
++      "ldr    r8, [r13,#4*17]         @ r8 = back4                    \n"
+       "18:                            @                               \n"
+       "mov    r14,#0                  @ r14= v = 0                    \n"
+       "sub    r5, r5, r1, LSL #8      @ for (xx = x; xx > 0; x--) {   \n"
+@@ -1120,7 +1121,7 @@ fz_subsample_pixmap_ARM(unsigned char *ptr, int w, int 
h, int f, int factor,
+       "mul    r14,r4, r14             @ r14= v *= divX                \n"
+       "mov    r14,r14,LSR #16         @ r14= v >>= 16                 \n"
+       "strb   r14,[r9], #1            @ *d++ = r14                    \n"
+-      "sub    r0, r0, r8              @ s -= back2                    \n"
++      "sub    r0, r0, r8              @ s -= back4                    \n"
+       "subs   r5, r5, #1              @ n--                           \n"
+       "bgt    18b                     @ }                             \n"
+       "21:                            @                               \n"
+@@ -1249,6 +1250,7 @@ fz_subsample_pixmap(fz_context *ctx, fz_pixmap *tile, 
int factor)
+               x += f;
+               if (x > 0)
+               {
++                      int back4 = x * n - 1;
+                       div = x * y;
+                       for (nn = n; nn > 0; nn--)
+                       {
+@@ -1263,7 +1265,7 @@ fz_subsample_pixmap(fz_context *ctx, fz_pixmap *tile, 
int factor)
+                                       s -= back5;
+                               }
+                               *d++ = v / div;
+-                              s -= back2;
++                              s -= back4;
+                       }
+               }
+       }

diff --git a/app-text/mupdf/files/mupdf-1.10a-null-pointer.patch 
b/app-text/mupdf/files/mupdf-1.10a-null-pointer.patch
new file mode 100644
index 0000000000..9a459b2801
--- /dev/null
+++ b/app-text/mupdf/files/mupdf-1.10a-null-pointer.patch
@@ -0,0 +1,21 @@
+From: Sebastian Rasmussen <seb...@gmail.com>
+Date: Sat, 4 Feb 2017 05:21:20 +0000 (+0100)
+Subject: Bug 697514: Write SVG output to stdout if no output specified.
+X-Git-Url: 
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff_plain;h=40ac85bfb676bb4373bda4b18f9fd90268c9f1e9
+
+Bug 697514: Write SVG output to stdout if no output specified.
+---
+
+diff --git a/source/tools/mudraw.c b/source/tools/mudraw.c
+index 95b3440..720e7ff 100644
+--- a/source/tools/mudraw.c
++++ b/source/tools/mudraw.c
+@@ -578,7 +578,7 @@ static void dodrawpage(fz_context *ctx, fz_page *page, 
fz_display_list *list, in
+               char buf[512];
+               fz_output *out;
+ 
+-              if (!strcmp(output, "-"))
++              if (!output || !strcmp(output, "-"))
+                       out = fz_stdout(ctx);
+               else
+               {

diff --git a/app-text/mupdf/mupdf-1.10a-r1.ebuild 
b/app-text/mupdf/mupdf-1.10a-r1.ebuild
new file mode 100644
index 0000000000..fb40d437d1
--- /dev/null
+++ b/app-text/mupdf/mupdf-1.10a-r1.ebuild
@@ -0,0 +1,148 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit flag-o-matic toolchain-funcs
+
+DESCRIPTION="a lightweight PDF viewer and toolkit written in portable C"
+HOMEPAGE="http://mupdf.com/";
+SRC_URI="http://mupdf.com/downloads/${P}-source.tar.gz";
+
+LICENSE="AGPL-3"
+SLOT="0/${PV}"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 
~amd64-linux ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="X +curl javascript libressl opengl +openssl static static-libs vanilla"
+
+LIB_DEPEND="
+       !libressl? ( dev-libs/openssl:0[static-libs?] )
+       libressl? ( dev-libs/libressl[static-libs?] )
+       javascript? ( >=dev-lang/mujs-0_p20160504 )
+       media-libs/freetype:2[static-libs?]
+       media-libs/harfbuzz[static-libs?]
+       media-libs/jbig2dec[static-libs?]
+       media-libs/libpng:0[static-libs?]
+       >=media-libs/openjpeg-2.1:2[static-libs?]
+       net-misc/curl[static-libs?]
+       virtual/jpeg[static-libs?]
+       X? ( x11-libs/libX11[static-libs?]
+               x11-libs/libXext[static-libs?] )
+       opengl? ( >=media-libs/glfw-3 )"
+RDEPEND="${LIB_DEPEND}"
+DEPEND="${RDEPEND}
+       virtual/pkgconfig
+       static-libs? ( ${LIB_DEPEND} )
+       static? ( ${LIB_DEPEND//?}
+               app-arch/bzip2[static-libs]
+               x11-libs/libXau[static-libs]
+               x11-libs/libXdmcp[static-libs]
+               x11-libs/libxcb[static-libs] )"
+
+REQUIRED_USE="opengl? ( X !static !static-libs )"
+
+S=${WORKDIR}/${P}-source
+
+PATCHES=(
+               "${FILESDIR}"/${PN}-1.9a-CFLAGS.patch
+               "${FILESDIR}"/${PN}-1.9a-debug-build.patch
+               "${FILESDIR}"/${PN}-1.10a-add-desktop-pc-xpm-files.patch
+               "${FILESDIR}"/${PN}-1.10a-Makerules-openssl-curl.patch
+               "${FILESDIR}"/${PN}-1.8-system-glfw.patch
+               "${FILESDIR}"/${PN}-1.10a-heap-overflow.patch
+               "${FILESDIR}"/${PN}-1.10a-null-pointer.patch
+)
+
+src_prepare() {
+       default
+       use hppa && append-cflags -ffunction-sections
+
+       rm -rf thirdparty || die
+
+       if has_version ">=media-libs/openjpeg-2.1:2" ; then
+               # Remove a switch, which prevents using shared libraries for 
openjpeg2.
+               # See 
http://www.linuxfromscratch.org/blfs/view/cvs/pst/mupdf.html
+               sed '/OPJ_STATIC$/d' -i source/fitz/load-jpx.c
+       fi
+
+       use javascript || \
+               sed -e '/* #define FZ_ENABLE_JS/ a\#define FZ_ENABLE_JS 0' \
+                       -i include/mupdf/fitz/config.h
+
+       sed -e "/^libdir=/s:/lib:/$(get_libdir):" \
+               -e "/^prefix=/s:=.*:=${EROOT}/usr:" \
+               -i platform/debian/${PN}.pc || die
+
+       use vanilla || eapply \
+               "${FILESDIR}"/${PN}-1.3-zoom-2.patch
+
+       sed -e "1iOS = Linux" \
+               -e "1iCC = $(tc-getCC)" \
+               -e "1iLD = $(tc-getCC)" \
+               -e "1iAR = $(tc-getAR)" \
+               -e "1iverbose = yes" \
+               -e "1ibuild = debug" \
+               -e "1iprefix = ${ED}usr" \
+               -e "1ilibdir = ${ED}usr/$(get_libdir)" \
+               -e "1idocdir = ${ED}usr/share/doc/${PF}" \
+               -e "1iHAVE_X11 = $(usex X)" \
+               -e "1iWANT_OPENSSL = $(usex openssl)" \
+               -e "1iWANT_CURL = $(usex curl)" \
+               -e "1iHAVE_MUJS = $(usex javascript)" \
+               -e "1iMUJS_LIBS = $(usex javascript -lmujs '')" \
+               -e "1iMUJS_CFLAGS =" \
+               -e "1iHAVE_GLFW = $(usex opengl yes no)" \
+               -i Makerules || die
+
+       if use static-libs || use static ; then
+               cp -a "${S}" "${S}"-static || die
+               #add missing Libs.private for xcb and freetype
+               sed -e 's:\(pkg-config --libs\):\1 --static:' \
+                   -e '/^SYS_X11_LIBS = /s:\(.*\):\1 -lpthread:' \
+                   -e '/^SYS_FREETYPE_LIBS = /s:\(.*\):\1 -lbz2:' \
+                       -i "${S}"-static/Makerules || die
+       fi
+
+       my_soname=libmupdf.so.${PV}
+       my_soname_js_none=libmupdf-js-none.so.${PV}
+       sed -e "\$a\$(MUPDF_LIB): \$(MUPDF_JS_NONE_LIB)" \
+               -e "\$a\\\t\$(QUIET_LINK) \$(CC) \$(LDFLAGS) --shared 
-Wl,-soname -Wl,${my_soname} -Wl,--no-undefined -o \$@ \$^ 
\$(MUPDF_JS_NONE_LIB) \$(LIBS)" \
+               -e "/^MUPDF_LIB =/s:=.*:= \$(OUT)/${my_soname}:" \
+               -e "\$a\$(MUPDF_JS_NONE_LIB):" \
+               -e "\$a\\\t\$(QUIET_LINK) \$(CC) \$(LDFLAGS) --shared 
-Wl,-soname -Wl,${my_soname_js_none} -Wl,--no-undefined -o \$@ \$^ \$(LIBS)" \
+               -e "/install/s: COPYING : :" \
+               -i Makefile || die
+}
+
+src_compile() {
+       emake XCFLAGS="-fpic"
+       use static-libs && \
+               emake -C "${S}"-static build/debug/lib${PN}{,-js-none}.a
+       use static && \
+               emake -C "${S}"-static XLIBS="-static"
+}
+
+src_install() {
+       if use X ; then
+               domenu platform/debian/${PN}.desktop
+               doicon platform/debian/${PN}.xpm
+       else
+               rm docs/man/${PN}.1
+       fi
+
+       emake install
+       dosym ${my_soname} /usr/$(get_libdir)/lib${PN}.so
+
+       use static-libs && \
+               dolib.a "${S}"-static/build/debug/lib${PN}{,-js-none}.a
+       if use static ; then
+               dobin "${S}"-static/build/debug/mu{tool,draw}
+               use X && dobin "${S}"-static/build/debug/${PN}-x11
+       fi
+       use X && dosym ${PN}-x11 /usr/bin/${PN}
+
+       insinto /usr/$(get_libdir)/pkgconfig
+       doins platform/debian/${PN}.pc
+
+       dodoc README docs/*.{txt,c}
+}

[gentoo-commits] repo/gentoo:master commit in: app-text/mupdf/, app-text/mupdf/files/

Reply via email to