download.lst | 4 +-
external/poppler/UnpackedTarball_poppler.mk | 2 +
external/poppler/disable-freetype.patch.1 | 41 +++++++++++++++++++++++
external/poppler/gcc7-EntityInfo.patch.1 | 48 ++++++++++++++++++++++++++++
external/poppler/pch.patch.0 | 4 +-
external/poppler/poppler-config.patch.1 | 27 +++++++--------
sdext/Executable_xpdfimport.mk | 4 ++
7 files changed, 111 insertions(+), 19 deletions(-)
New commits:
commit 16de18eeb5f1b94b699cc5f81bb214298c0f8dfe
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 15:54:49 2022 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Thu Sep 15 16:43:20 2022 +0200
poppler: upgrade to release 22.09.0
Fixes CVE-2022-38784
Add external/poppler/disable-freetype.patch.1 to get rid of some new
code that unconditionally requires freetype, to avoid building that on
WNT/MACOSX.
Change-Id: I854d1865286b6fb4112cdf37898cda0203c52f2e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139941
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 8fce9a0a41b1bbebd325fc9d98a79d8decd3950c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139850
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
diff --git a/download.lst b/download.lst
index 3af8236e81a5..242a342a7b2a 100644
--- a/download.lst
+++ b/download.lst
@@ -210,8 +210,8 @@ export LIBPNG_SHA256SUM :=
505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201f
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
export LIBTIFF_SHA256SUM :=
49307b510048ccc7bc40f2cba6e8439182fe6e654057c1a1683139bf2ecb1dc1
export LIBTIFF_TARBALL := tiff-4.4.0.tar.xz
-export POPPLER_SHA256SUM :=
7d3493056b5b86413e5c693c2cae02c5c06cd8e618d14c2c31e2c84b67b2313e
-export POPPLER_TARBALL := poppler-22.01.0.tar.xz
+export POPPLER_SHA256SUM :=
d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e
+export POPPLER_TARBALL := poppler-22.09.0.tar.xz
export POPPLER_DATA_SHA256SUM :=
2cec05cd1bb03af98a8b06a1e22f6e6e1a65b1e2f3816cb3069bb0874825f08c
export POPPLER_DATA_TARBALL := poppler-data-0.4.11.tar.gz
export POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
diff --git a/external/poppler/UnpackedTarball_poppler.mk
b/external/poppler/UnpackedTarball_poppler.mk
index b790693889d3..5726814fee82 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -16,6 +16,8 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,poppler,0))
$(eval $(call gb_UnpackedTarball_add_patches,poppler,\
external/poppler/poppler-config.patch.1 \
external/poppler/pch.patch.0 \
+ external/poppler/disable-freetype.patch.1 \
+ external/poppler/gcc7-EntityInfo.patch.1 \
))
ifneq ($(filter -fsanitize=%,$(CC)),)
diff --git a/external/poppler/disable-freetype.patch.1
b/external/poppler/disable-freetype.patch.1
new file mode 100644
index 000000000000..d59006eba979
--- /dev/null
+++ b/external/poppler/disable-freetype.patch.1
@@ -0,0 +1,41 @@
+disable freetype dependent code
+
+--- poppler/poppler/Form.cc.orig 2022-09-14 15:46:48.588316681 +0200
++++ poppler/poppler/Form.cc 2022-09-14 15:48:01.468274551 +0200
+@@ -46,7 +46,7 @@
+ #include <cstdlib>
+ #include <cstring>
+ #include <cctype>
+-#include "goo/ft_utils.h"
++//#include "goo/ft_utils.h"
+ #include "goo/gmem.h"
+ #include "goo/gfile.h"
+ #include "goo/GooString.h"
+@@ -77,8 +77,8 @@
+ #include "fofi/FoFiTrueType.h"
+ #include "fofi/FoFiIdentifier.h"
+
+-#include <ft2build.h>
+-#include FT_FREETYPE_H
++//#include <ft2build.h>
++//#include FT_FREETYPE_H
+
+ // return a newly allocated char* containing an UTF16BE string of size length
+ char *pdfDocEncodingToUTF16(const std::string &orig, int *length)
+@@ -2730,6 +2730,8 @@
+
+ Form::AddFontResult Form::addFontToDefaultResources(const std::string
&filepath, int faceIndex, const std::string &fontFamily, const std::string
&fontStyle)
+ {
++ return {};
++#if 0
+ if (!GooString::endsWith(filepath, ".ttf") &&
!GooString::endsWith(filepath, ".ttc") && !GooString::endsWith(filepath,
".otf")) {
+ error(errIO, -1, "We only support embedding ttf/ttc/otf fonts for
now. The font file for {0:s} {1:s} was {2:s}", fontFamily.c_str(),
fontStyle.c_str(), filepath.c_str());
+ return {};
+@@ -2939,6 +2941,7 @@
+ }
+
+ return { dictFontName, fontDictRef };
++#endif
+ }
+
+ std::string Form::getFallbackFontForChar(Unicode uChar, const GfxFont
&fontToEmulate) const
diff --git a/external/poppler/gcc7-EntityInfo.patch.1
b/external/poppler/gcc7-EntityInfo.patch.1
new file mode 100644
index 000000000000..b450bff93af9
--- /dev/null
+++ b/external/poppler/gcc7-EntityInfo.patch.1
@@ -0,0 +1,48 @@
+gcc 7.3.1 says:
+
+workdir/UnpackedTarball/poppler/poppler/CertificateInfo.cc:42:34: error:
function ‘X509CertificateInfo::EntityInfo&
X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo&&)’
defaulted on its redeclaration with an exception-specification that differs
from the implicit exception-specification ‘’
+
+--- poppler/poppler/CertificateInfo.h.orig 2022-09-14 19:32:12.426351385
+0200
++++ poppler/poppler/CertificateInfo.h 2022-09-14 19:32:18.947347812 +0200
+@@ -70,7 +70,7 @@
+ ~EntityInfo();
+
+ EntityInfo(EntityInfo &&) noexcept;
+- EntityInfo &operator=(EntityInfo &&) noexcept;
++ EntityInfo &operator=(EntityInfo &&) /*noexcept*/;
+
+ EntityInfo(const EntityInfo &) = delete;
+ EntityInfo &operator=(const EntityInfo &) = delete;
+--- poppler/poppler/CertificateInfo.cc.orig 2022-09-14 19:31:10.225385467
+0200
++++ poppler/poppler/CertificateInfo.cc 2022-09-14 19:31:12.572384182 +0200
+@@ -39,7 +39,7 @@
+
+ X509CertificateInfo::EntityInfo::EntityInfo(X509CertificateInfo::EntityInfo
&&other) noexcept = default;
+
+-X509CertificateInfo::EntityInfo
&X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo
&&other) noexcept = default;
++X509CertificateInfo::EntityInfo
&X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo
&&other) /*noexcept*/ = default;
+
+ X509CertificateInfo::X509CertificateInfo() : ku_extensions(KU_NONE),
cert_version(-1), is_self_signed(false) { }
+
+--- poppler/poppler/GfxFont.cc.orig 2022-09-14 20:24:32.569607333 +0200
++++ poppler/poppler/GfxFont.cc 2022-09-14 20:24:52.323596186 +0200
+@@ -180,7 +180,7 @@
+
+ GfxFontLoc::GfxFontLoc(GfxFontLoc &&other) noexcept = default;
+
+-GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) noexcept = default;
++GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) /*noexcept*/ = default;
+
+ void GfxFontLoc::setPath(GooString *pathA)
+ {
+--- poppler/poppler/GfxFont.h.orig 2022-09-14 20:24:30.784608340 +0200
++++ poppler/poppler/GfxFont.h 2022-09-14 20:25:08.850586861 +0200
+@@ -124,7 +124,7 @@
+ GfxFontLoc(const GfxFontLoc &) = delete;
+ GfxFontLoc(GfxFontLoc &&) noexcept;
+ GfxFontLoc &operator=(const GfxFontLoc &) = delete;
+- GfxFontLoc &operator=(GfxFontLoc &&other) noexcept;
++ GfxFontLoc &operator=(GfxFontLoc &&other) /*noexcept*/;
+
+ // Set the 'path' string from a GooString on the heap.
+ // Ownership of the object is taken.
diff --git a/external/poppler/pch.patch.0 b/external/poppler/pch.patch.0
index 89b165f53511..9ffeeb8421f5 100644
--- a/external/poppler/pch.patch.0
+++ b/external/poppler/pch.patch.0
@@ -2,10 +2,10 @@
+++ ./goo/gdir.h 2021-11-03 15:16:04.306277081 +0100
@@ -37,6 +37,8 @@
- #include "poppler-config.h"
+ #include <memory>
+#include "gfile.h"
+
class GooString;
- //------------------------------------------------------------------------
+ #if defined(_WIN32)
diff --git a/external/poppler/poppler-config.patch.1
b/external/poppler/poppler-config.patch.1
index 2a24d4510197..455a88e2afc4 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -16,7 +16,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/config.h
-@@ -0,0 +1,223 @@
+@@ -0,0 +1,220 @@
+/* config.h. Generated from config.h.cmake by cmake. */
+
+/* Build against libcurl. */
@@ -105,9 +105,6 @@ index 0fbd336a..451213f8 100644
+#define HAVE_TIMEGM 1
+#endif
+
-+/* Define if you have the iconv() function and it works. */
-+/* #undef HAVE_ICONV */
-+
+/* Define to 1 if you have the `z' library (-lz). */
+/* #undef HAVE_LIBZ */
+
@@ -176,7 +173,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 21.11.0"
++#define PACKAGE_STRING "poppler 22.09.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -185,7 +182,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "21.11.0"
++#define PACKAGE_VERSION "22.09.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -203,7 +200,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "21.11.0"
++#define VERSION "22.09.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -229,7 +226,7 @@ index 0fbd336a..451213f8 100644
+#define popen _popen
+#define pclose _pclose
+#define strncasecmp _strnicmp
-+// error C4005: "strcasecmp": macro redefinition #define strcasecmp
_stricmp
++#define strcasecmp _stricmp
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
@@ -250,7 +247,7 @@ index 0fbd336a..451213f8 100644
+//
+// poppler-config.h
+//
-+// Copyright 1996-2011 Glyph & Cog, LLC
++// Copyright 1996-2011, 2022 Glyph & Cog, LLC
+//
+//========================================================================
+
@@ -284,7 +281,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "21.11.0"
++#define POPPLER_VERSION "22.09.0"
+#endif
+
+/* Use single precision arithmetic in the Splash backend */
@@ -376,8 +373,8 @@ index 0fbd336a..451213f8 100644
+//------------------------------------------------------------------------
+
+// copyright notice
-+#define popplerCopyright "Copyright 2005-2021 The Poppler Developers -
http://poppler.freedesktop.org";
-+#define xpdfCopyright "Copyright 1996-2011 Glyph & Cog, LLC"
++#define popplerCopyright "Copyright 2005-2022 The Poppler Developers -
http://poppler.freedesktop.org";
++#define xpdfCopyright "Copyright 1996-2011, 2022 Glyph & Cog, LLC"
+
+//------------------------------------------------------------------------
+// Win32 stuff
@@ -436,9 +433,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "21.11.0"
-+#define POPPLER_VERSION_MAJOR 21
-+#define POPPLER_VERSION_MINOR 11
++#define POPPLER_VERSION "22.09.0"
++#define POPPLER_VERSION_MAJOR 22
++#define POPPLER_VERSION_MINOR 9
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
diff --git a/sdext/Executable_xpdfimport.mk b/sdext/Executable_xpdfimport.mk
index 495671a4ecae..e8b6f7a90837 100644
--- a/sdext/Executable_xpdfimport.mk
+++ b/sdext/Executable_xpdfimport.mk
@@ -22,6 +22,10 @@ $(eval $(call
gb_Executable_add_exception_objects,xpdfimport,\
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl \
))
+$(eval $(call gb_Executable_use_system_win32_libs,xpdfimport,\
+ shell32 \
+))
+
$(eval $(call gb_Executable_add_default_nativeres,xpdfimport))
ifneq ($(SYSTEM_POPPLER),)
