aboutsummaryrefslogtreecommitdiffstats
path: root/graphics
diff options
context:
space:
mode:
authornork <nork@FreeBSD.org>2005-08-12 03:16:30 +0800
committernork <nork@FreeBSD.org>2005-08-12 03:16:30 +0800
commit56b5fe3384e36fed6e8296a1d1a15bd6f858398e (patch)
tree4afa67fbd0ff54fe6880b753217198263ab197f2 /graphics
parent84deffa014073ec8c3204666c9849730ce46c446 (diff)
downloadfreebsd-ports-gnome-56b5fe3384e36fed6e8296a1d1a15bd6f858398e.tar.gz
freebsd-ports-gnome-56b5fe3384e36fed6e8296a1d1a15bd6f858398e.tar.zst
freebsd-ports-gnome-56b5fe3384e36fed6e8296a1d1a15bd6f858398e.zip
Fix security issue.
http://www.ubuntulinux.org/support/documentation/usn/usn-163-1 http://secunia.com/advisories/16374/ Submitted by: naddy Reported by: jkoshy Approved by: portmgr (krion)
Diffstat (limited to 'graphics')
-rw-r--r--graphics/xpdf/Makefile2
-rw-r--r--graphics/xpdf/files/patch-security258
2 files changed, 59 insertions, 1 deletions
diff --git a/graphics/xpdf/Makefile b/graphics/xpdf/Makefile
index 9ed2f32ebaaf..71a67628d2d3 100644
--- a/graphics/xpdf/Makefile
+++ b/graphics/xpdf/Makefile
@@ -7,7 +7,7 @@
PORTNAME= xpdf
PORTVERSION= 3.00
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= graphics print
MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \
${MASTER_SITE_TEX_CTAN}
diff --git a/graphics/xpdf/files/patch-security2 b/graphics/xpdf/files/patch-security2
new file mode 100644
index 000000000000..0919d9255a75
--- /dev/null
+++ b/graphics/xpdf/files/patch-security2
@@ -0,0 +1,58 @@
+--- fofi/FoFiTrueType.cc.orig Thu Jan 22 02:26:44 2004
++++ fofi/FoFiTrueType.cc Thu Aug 11 16:55:52 2005
+@@ -1343,6 +1343,27 @@
+ return;
+ }
+
++ // make sure the loca table is sane (correct length and entries are
++ // in bounds)
++ i = seekTable("loca");
++ if (tables[i].len < (nGlyphs + 1) * (locaFmt ? 4 : 2)) {
++ parsedOk = gFalse;
++ return;
++ }
++ for (j = 0; j <= nGlyphs; ++j) {
++ if (locaFmt) {
++ pos = (int)getU32BE(tables[i].offset + j*4, &parsedOk);
++ } else {
++ pos = getU16BE(tables[i].offset + j*2, &parsedOk);
++ }
++ if (pos < 0 || pos > len) {
++ parsedOk = gFalse;
++ }
++ }
++ if (!parsedOk) {
++ return;
++ }
++
+ // read the post table
+ readPostTable();
+ if (!parsedOk) {
+--- xpdf/SplashOutputDev.cc.orig Thu Aug 11 16:51:38 2005
++++ xpdf/SplashOutputDev.cc Thu Aug 11 16:55:52 2005
+@@ -621,16 +621,19 @@
+ }
+ break;
+ case fontTrueType:
+- if (!(ff = FoFiTrueType::load(fileName->getCString()))) {
+- goto err2;
++ if ((ff = FoFiTrueType::load(fileName->getCString()))) {
++ codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff);
++ n = 256;
++ delete ff;
++ } else {
++ codeToGID = NULL;
++ n = 0;
+ }
+- codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff);
+- delete ff;
+ if (!(fontFile = fontEngine->loadTrueTypeFont(
+ id,
+ fileName->getCString(),
+ fileName == tmpFileName,
+- codeToGID, 256))) {
++ codeToGID, n))) {
+ error(-1, "Couldn't create a font for '%s'",
+ gfxFont->getName() ? gfxFont->getName()->getCString()
+ : "(unnamed)");
+