OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Christoph Schug
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 10-Aug-2005 23:09:26
Branch: HEAD Handle: 2005081022092500
Added files:
openpkg-src/xpdf xpdf.patch
Modified files:
openpkg-src/xpdf xpdf.spec
Log:
security patch regarding CAN-2005-2097 ("loca" table verification)
Summary:
Revision Changes Path
1.3 +57 -0 openpkg-src/xpdf/xpdf.patch
1.16 +2 -0 openpkg-src/xpdf/xpdf.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/xpdf/xpdf.patch
============================================================================
$ cvs diff -u -r0 -r1.3 xpdf.patch
--- /dev/null 2005-08-10 23:09:20 +0200
+++ xpdf.patch 2005-08-10 23:09:25 +0200
@@ -0,0 +1,57 @@
+--- xpdf-3.00/xpdf/SplashOutputDev.cc
++++ xpdf-3.00/xpdf/SplashOutputDev.cc
+@@ -621,16 +621,19 @@
+ }
+ break;
+ case fontTrueType:
+- if (!(ff = FoFiTrueType::load(fileName->getCString()))) {
+- goto err2;
++ if ((ff = FoFiTrueType::load(fileName->getCString()))) {
++ codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff);
++ n = 256;
++ delete ff;
++ } else {
++ codeToGID = NULL;
++ n = 0;
+ }
+- codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff);
+- delete ff;
+ if (!(fontFile = fontEngine->loadTrueTypeFont(
+ id,
+ fileName->getCString(),
+ fileName == tmpFileName,
+- codeToGID, 256))) {
++ codeToGID, n))) {
+ error(-1, "Couldn't create a font for '%s'",
+ gfxFont->getName() ? gfxFont->getName()->getCString()
+ : "(unnamed)");
+--- xpdf-3.00/fofi/FoFiTrueType.cc
++++ xpdf-3.00/fofi/FoFiTrueType.cc
+@@ -1343,6 +1343,27 @@
+ return;
+ }
+
++ // make sure the loca table is sane (correct length and entries are
++ // in bounds)
++ i = seekTable("loca");
++ if (tables[i].len < (nGlyphs + 1) * (locaFmt ? 4 : 2)) {
++ parsedOk = gFalse;
++ return;
++ }
++ for (j = 0; j <= nGlyphs; ++j) {
++ if (locaFmt) {
++ pos = (int)getU32BE(tables[i].offset + j*4, &parsedOk);
++ } else {
++ pos = getU16BE(tables[i].offset + j*2, &parsedOk);
++ }
++ if (pos < 0 || pos > len) {
++ parsedOk = gFalse;
++ }
++ }
++ if (!parsedOk) {
++ return;
++ }
++
+ // read the post table
+ readPostTable();
+ if (!parsedOk) {
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/xpdf/xpdf.spec
============================================================================
$ cvs diff -u -r1.15 -r1.16 xpdf.spec
--- openpkg-src/xpdf/xpdf.spec 10 Aug 2005 21:05:31 -0000 1.15
+++ openpkg-src/xpdf/xpdf.spec 10 Aug 2005 21:09:25 -0000 1.16
@@ -44,6 +44,7 @@
Patch0: ftp://ftp.foolabs.com/pub/xpdf/xpdf-%{V_base}pl1.patch
Patch1: ftp://ftp.foolabs.com/pub/xpdf/xpdf-%{V_base}pl2.patch
Patch2: ftp://ftp.foolabs.com/pub/xpdf/xpdf-%{V_base}pl3.patch
+Patch3: xpdf.patch
# build information
Prefix: %{l_prefix}
@@ -74,6 +75,7 @@
%prep
%setup -q -n xpdf-%{V_base}
%patch -p0 -d xpdf -P 0 1 2
+ %patch -p1 -P 3
%build
CC="%{l_cc}" \
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
