diff options
author | nork <nork@FreeBSD.org> | 2005-08-12 03:16:30 +0800 |
---|---|---|
committer | nork <nork@FreeBSD.org> | 2005-08-12 03:16:30 +0800 |
commit | 56b5fe3384e36fed6e8296a1d1a15bd6f858398e (patch) | |
tree | 4afa67fbd0ff54fe6880b753217198263ab197f2 /graphics | |
parent | 84deffa014073ec8c3204666c9849730ce46c446 (diff) | |
download | freebsd-ports-gnome-56b5fe3384e36fed6e8296a1d1a15bd6f858398e.tar.gz freebsd-ports-gnome-56b5fe3384e36fed6e8296a1d1a15bd6f858398e.tar.zst freebsd-ports-gnome-56b5fe3384e36fed6e8296a1d1a15bd6f858398e.zip |
Fix security issue.
http://www.ubuntulinux.org/support/documentation/usn/usn-163-1
http://secunia.com/advisories/16374/
Submitted by: naddy
Reported by: jkoshy
Approved by: portmgr (krion)
Diffstat (limited to 'graphics')
-rw-r--r-- | graphics/xpdf/Makefile | 2 | ||||
-rw-r--r-- | graphics/xpdf/files/patch-security2 | 58 |
2 files changed, 59 insertions, 1 deletions
diff --git a/graphics/xpdf/Makefile b/graphics/xpdf/Makefile index 9ed2f32ebaaf..71a67628d2d3 100644 --- a/graphics/xpdf/Makefile +++ b/graphics/xpdf/Makefile @@ -7,7 +7,7 @@ PORTNAME= xpdf PORTVERSION= 3.00 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= graphics print MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \ ${MASTER_SITE_TEX_CTAN} diff --git a/graphics/xpdf/files/patch-security2 b/graphics/xpdf/files/patch-security2 new file mode 100644 index 000000000000..0919d9255a75 --- /dev/null +++ b/graphics/xpdf/files/patch-security2 @@ -0,0 +1,58 @@ +--- fofi/FoFiTrueType.cc.orig Thu Jan 22 02:26:44 2004 ++++ fofi/FoFiTrueType.cc Thu Aug 11 16:55:52 2005 +@@ -1343,6 +1343,27 @@ + return; + } + ++ // make sure the loca table is sane (correct length and entries are ++ // in bounds) ++ i = seekTable("loca"); ++ if (tables[i].len < (nGlyphs + 1) * (locaFmt ? 4 : 2)) { ++ parsedOk = gFalse; ++ return; ++ } ++ for (j = 0; j <= nGlyphs; ++j) { ++ if (locaFmt) { ++ pos = (int)getU32BE(tables[i].offset + j*4, &parsedOk); ++ } else { ++ pos = getU16BE(tables[i].offset + j*2, &parsedOk); ++ } ++ if (pos < 0 || pos > len) { ++ parsedOk = gFalse; ++ } ++ } ++ if (!parsedOk) { ++ return; ++ } ++ + // read the post table + readPostTable(); + if (!parsedOk) { +--- xpdf/SplashOutputDev.cc.orig Thu Aug 11 16:51:38 2005 ++++ xpdf/SplashOutputDev.cc Thu Aug 11 16:55:52 2005 +@@ -621,16 +621,19 @@ + } + break; + case fontTrueType: +- if (!(ff = FoFiTrueType::load(fileName->getCString()))) { +- goto err2; ++ if ((ff = FoFiTrueType::load(fileName->getCString()))) { ++ codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff); ++ n = 256; ++ delete ff; ++ } else { ++ codeToGID = NULL; ++ n = 0; + } +- codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff); +- delete ff; + if (!(fontFile = fontEngine->loadTrueTypeFont( + id, + fileName->getCString(), + fileName == tmpFileName, +- codeToGID, 256))) { ++ codeToGID, n))) { + error(-1, "Couldn't create a font for '%s'", + gfxFont->getName() ? gfxFont->getName()->getCString() + : "(unnamed)"); + |