Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-base/kdegraphics/files
diff options
context:
space:
mode:
authorCarsten Lohrke <carlo@gentoo.org>2005-12-20 17:45:21 +0000
committerCarsten Lohrke <carlo@gentoo.org>2005-12-20 17:45:21 +0000
commit8b6362abb5df76f70cfcd70ea636e373e089ee86 (patch)
tree1854f6d2e33c79d49f0d7c17914bb2554e73d7c4 /kde-base/kdegraphics/files
parentAdd proper exclusions for app-crypt/shash. (diff)
downloadgentoo-2-8b6362abb5df76f70cfcd70ea636e373e089ee86.tar.gz
gentoo-2-8b6362abb5df76f70cfcd70ea636e373e089ee86.tar.bz2
gentoo-2-8b6362abb5df76f70cfcd70ea636e373e089ee86.zip
Patch applied according to #115851.
(Portage version: 2.0.53)
Diffstat (limited to 'kde-base/kdegraphics/files')
-rw-r--r--kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r31
-rw-r--r--kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r41
-rw-r--r--kde-base/kdegraphics/files/kpdf-3.5.0-cropbox-fix.patch23
-rw-r--r--kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff151
-rw-r--r--kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff158
5 files changed, 306 insertions, 28 deletions
diff --git a/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r3 b/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r3
new file mode 100644
index 000000000000..2cb888ba9f29
--- /dev/null
+++ b/kde-base/kdegraphics/files/digest-kdegraphics-3.4.3-r3
@@ -0,0 +1 @@
+MD5 e2b2926301204a0f587d9e6e163c06d9 kdegraphics-3.4.3.tar.bz2 6554272
diff --git a/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r4 b/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r4
new file mode 100644
index 000000000000..44e671a5ef99
--- /dev/null
+++ b/kde-base/kdegraphics/files/digest-kdegraphics-3.5.0-r4
@@ -0,0 +1 @@
+MD5 389a00d4387e621d4dd325a59c7657c4 kdegraphics-3.5.0.tar.bz2 7094349
diff --git a/kde-base/kdegraphics/files/kpdf-3.5.0-cropbox-fix.patch b/kde-base/kdegraphics/files/kpdf-3.5.0-cropbox-fix.patch
new file mode 100644
index 000000000000..17fbeeaee27c
--- /dev/null
+++ b/kde-base/kdegraphics/files/kpdf-3.5.0-cropbox-fix.patch
@@ -0,0 +1,23 @@
+--- branches/KDE/3.5/kdegraphics/kpdf/xpdf/xpdf/Page.cc 2005/09/09 18:24:18 459064
++++ branches/KDE/3.5/kdegraphics/kpdf/xpdf/xpdf/Page.cc 2005/12/18 21:44:35 489480
+@@ -66,6 +66,20 @@
+ if (!haveCropBox) {
+ cropBox = mediaBox;
+ }
++ else
++ {
++ // cropBox can not be bigger than mediaBox
++ if (cropBox.x2 - cropBox.x1 > mediaBox.x2 - mediaBox.x1)
++ {
++ cropBox.x1 = mediaBox.x1;
++ cropBox.x2 = mediaBox.x2;
++ }
++ if (cropBox.y2 - cropBox.y1 > mediaBox.y2 - mediaBox.y1)
++ {
++ cropBox.y1 = mediaBox.y1;
++ cropBox.y2 = mediaBox.y2;
++ }
++ }
+
+ // other boxes
+ bleedBox = cropBox;
diff --git a/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff b/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff
index c060c4e31324..8c1d3ac42603 100644
--- a/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff
+++ b/kde-base/kdegraphics/files/post-3.4.3-kdegraphics-CAN-2005-3193.diff
@@ -1,7 +1,87 @@
+Index: kpdf/xpdf/xpdf/JBIG2Stream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/JBIG2Stream.cc (revision 466932)
++++ kpdf/xpdf/xpdf/JBIG2Stream.cc (revision 488714)
+@@ -7,6 +7,7 @@
+ //========================================================================
+
+ #include <aconf.h>
++#include <limits.h>
+
+ #ifdef USE_GCC_PRAGMAS
+ #pragma implementation
+@@ -681,6 +682,13 @@ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA,
+ w = wA;
+ h = hA;
+ line = (wA + 7) >> 3;
++
++ if (h < 0 || line <= 0 || h >= INT_MAX / line) {
++ error(-1, "invalid width/height");
++ data = NULL;
++ return;
++ }
++
+ data = (Guchar *)gmalloc(h * line);
+ }
+
+@@ -690,6 +698,13 @@ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA,
+ w = bitmap->w;
+ h = bitmap->h;
+ line = bitmap->line;
++
++ if (h < 0 || line <= 0 || h >= INT_MAX / line) {
++ error(-1, "invalid width/height");
++ data = NULL;
++ return;
++ }
++
+ data = (Guchar *)gmalloc(h * line);
+ memcpy(data, bitmap->data, h * line);
+ }
+@@ -716,7 +731,10 @@ JBIG2Bitmap *JBIG2Bitmap::getSlice(Guint
+ }
+
+ void JBIG2Bitmap::expand(int newH, Guint pixel) {
+- if (newH <= h) {
++ if (newH <= h || line <= 0 || newH >= INT_MAX / line) {
++ error(-1, "invalid width/height");
++ gfree(data);
++ data = NULL;
+ return;
+ }
+ data = (Guchar *)grealloc(data, newH * line);
+@@ -2256,6 +2274,15 @@ void JBIG2Stream::readHalftoneRegionSeg(
+ error(getPos(), "Bad symbol dictionary reference in JBIG2 halftone segment");
+ return;
+ }
++ if (gridH == 0 || gridW >= INT_MAX / gridH) {
++ error(getPos(), "Bad size in JBIG2 halftone segment");
++ return;
++ }
++ if (w == 0 || h >= INT_MAX / w) {
++ error(getPos(), "Bad size in JBIG2 bitmap segment");
++ return;
++ }
++
+ patternDict = (JBIG2PatternDict *)seg;
+ bpp = 0;
+ i = 1;
+@@ -2887,6 +2914,11 @@ JBIG2Bitmap *JBIG2Stream::readGenericRef
+ JBIG2BitmapPtr tpgrCXPtr0, tpgrCXPtr1, tpgrCXPtr2;
+ int x, y, pix;
+
++ if (w < 0 || h <= 0 || w >= INT_MAX / h) {
++ error(-1, "invalid width/height");
++ return NULL;
++ }
++
+ bitmap = new JBIG2Bitmap(0, w, h);
+ bitmap->clearToZero();
+
Index: kpdf/xpdf/xpdf/Stream.cc
===================================================================
---- kpdf/xpdf/xpdf/Stream.cc (revision 486337)
-+++ kpdf/xpdf/xpdf/Stream.cc (revision 487206)
+--- kpdf/xpdf/xpdf/Stream.cc (revision 466932)
++++ kpdf/xpdf/xpdf/Stream.cc (revision 488714)
@@ -15,6 +15,7 @@
#include <stdio.h>
#include <stdlib.h>
@@ -23,7 +103,7 @@ Index: kpdf/xpdf/xpdf/Stream.cc
+ return;
nVals = width * nComps;
-+ if (nVals + 7 <= 0)
++ if (nVals * nBits + 7 <= 0)
+ return;
pixBytes = (nComps * nBits + 7) >> 3;
rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
@@ -49,40 +129,81 @@ Index: kpdf/xpdf/xpdf/Stream.cc
} else {
pred = NULL;
}
-@@ -2899,6 +2918,10 @@ GBool DCTStream::readBaselineSOF() {
+@@ -1261,6 +1280,10 @@ CCITTFaxStream::CCITTFaxStream(Stream *s
+ endOfLine = endOfLineA;
+ byteAlign = byteAlignA;
+ columns = columnsA;
++ if (columns < 1 || columns >= INT_MAX / sizeof(short)) {
++ error(-1, "invalid number of columns");
++ exit(1);
++ }
+ rows = rowsA;
+ endOfBlock = endOfBlockA;
+ black = blackA;
+@@ -2899,6 +2922,11 @@ GBool DCTStream::readBaselineSOF() {
height = read16();
width = read16();
numComps = str->getChar();
+ if (numComps <= 0 || numComps > 4) {
++ numComps = 0;
+ error(getPos(), "Bad number of components in DCT stream");
+ return gFalse;
+ }
if (prec != 8) {
error(getPos(), "Bad DCT precision %d", prec);
return gFalse;
-@@ -2925,6 +2948,10 @@ GBool DCTStream::readProgressiveSOF() {
+@@ -2925,6 +2953,11 @@ GBool DCTStream::readProgressiveSOF() {
height = read16();
width = read16();
numComps = str->getChar();
+ if (numComps <= 0 || numComps > 4) {
++ numComps = 0;
+ error(getPos(), "Bad number of components in DCT stream");
+ return gFalse;
+ }
if (prec != 8) {
error(getPos(), "Bad DCT precision %d", prec);
return gFalse;
-@@ -2947,6 +2974,10 @@ GBool DCTStream::readScanInfo() {
+@@ -2947,6 +2980,11 @@ GBool DCTStream::readScanInfo() {
length = read16() - 2;
scanInfo.numComps = str->getChar();
+ if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) {
++ scanInfo.numComps = 0;
+ error(getPos(), "Bad number of components in DCT stream");
+ return gFalse;
+ }
--length;
if (length != 2 * scanInfo.numComps + 3) {
error(getPos(), "Bad DCT scan info block");
-@@ -3258,6 +3289,10 @@ FlateStream::FlateStream(Stream *strA, i
+@@ -3021,12 +3059,12 @@ GBool DCTStream::readHuffmanTables() {
+ while (length > 0) {
+ index = str->getChar();
+ --length;
+- if ((index & 0x0f) >= 4) {
++ if ((index & ~0x10) >= 4 || (index & ~0x10) < 0) {
+ error(getPos(), "Bad DCT Huffman table");
+ return gFalse;
+ }
+ if (index & 0x10) {
+- index &= 0x0f;
++ index &= 0x03;
+ if (index >= numACHuffTables)
+ numACHuffTables = index+1;
+ tbl = &acHuffTables[index];
+@@ -3144,9 +3182,11 @@ int DCTStream::readMarker() {
+ do {
+ do {
+ c = str->getChar();
++ if(c == EOF) return EOF;
+ } while (c != 0xff);
+ do {
+ c = str->getChar();
++ if(c == EOF) return EOF;
+ } while (c == 0xff);
+ } while (c == 0x00);
+ return c;
+@@ -3258,6 +3298,10 @@ FlateStream::FlateStream(Stream *strA, i
FilterStream(strA) {
if (predictor != 1) {
pred = new StreamPredictor(this, predictor, columns, colors, bits);
@@ -95,8 +216,8 @@ Index: kpdf/xpdf/xpdf/Stream.cc
}
Index: kpdf/xpdf/xpdf/Stream.h
===================================================================
---- kpdf/xpdf/xpdf/Stream.h (revision 486337)
-+++ kpdf/xpdf/xpdf/Stream.h (revision 487206)
+--- kpdf/xpdf/xpdf/Stream.h (revision 466932)
++++ kpdf/xpdf/xpdf/Stream.h (revision 488714)
@@ -233,6 +233,8 @@ public:
~StreamPredictor();
@@ -116,8 +237,8 @@ Index: kpdf/xpdf/xpdf/Stream.h
//------------------------------------------------------------------------
Index: kpdf/xpdf/xpdf/JPXStream.cc
===================================================================
---- kpdf/xpdf/xpdf/JPXStream.cc (revision 486337)
-+++ kpdf/xpdf/xpdf/JPXStream.cc (revision 487206)
+--- kpdf/xpdf/xpdf/JPXStream.cc (revision 466932)
++++ kpdf/xpdf/xpdf/JPXStream.cc (revision 488714)
@@ -7,6 +7,7 @@
//========================================================================
@@ -152,8 +273,8 @@ Index: kpdf/xpdf/xpdf/JPXStream.cc
sizeof(JPXTileComp));
Index: kpdf/xpdf/goo/gmem.c
===================================================================
---- kpdf/xpdf/goo/gmem.c (revision 486337)
-+++ kpdf/xpdf/goo/gmem.c (revision 487206)
+--- kpdf/xpdf/goo/gmem.c (revision 466932)
++++ kpdf/xpdf/goo/gmem.c (revision 488714)
@@ -11,6 +11,7 @@
#include <stdlib.h>
#include <stddef.h>
@@ -193,8 +314,8 @@ Index: kpdf/xpdf/goo/gmem.c
GMemHdr *p;
Index: kpdf/xpdf/goo/gmem.h
===================================================================
---- kpdf/xpdf/goo/gmem.h (revision 486337)
-+++ kpdf/xpdf/goo/gmem.h (revision 487206)
+--- kpdf/xpdf/goo/gmem.h (revision 466932)
++++ kpdf/xpdf/goo/gmem.h (revision 488714)
@@ -28,6 +28,15 @@ extern void *gmalloc(size_t size);
extern void *grealloc(void *p, size_t size);
diff --git a/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff b/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff
index a30fe74a789a..0b6f22303de8 100644
--- a/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff
+++ b/kde-base/kdegraphics/files/post-3.5.0-kdegraphics-CAN-2005-3193.diff
@@ -1,7 +1,81 @@
+Index: kpdf/xpdf/xpdf/JBIG2Stream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/JBIG2Stream.cc (revision 481099)
++++ kpdf/xpdf/xpdf/JBIG2Stream.cc (revision 488715)
+@@ -7,6 +7,7 @@
+ //========================================================================
+
+ #include <aconf.h>
++#include <limits.h>
+
+ #ifdef USE_GCC_PRAGMAS
+ #pragma implementation
+@@ -681,6 +682,12 @@ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA,
+ w = wA;
+ h = hA;
+ line = (wA + 7) >> 3;
++
++ if (h < 0 || line <= 0 || h >= (INT_MAX - 1) / line ) {
++ data = NULL;
++ return;
++ }
++
+ // need to allocate one extra guard byte for use in combine()
+ data = (Guchar *)gmalloc(h * line + 1);
+ data[h * line] = 0;
+@@ -692,6 +699,12 @@ JBIG2Bitmap::JBIG2Bitmap(Guint segNumA,
+ w = bitmap->w;
+ h = bitmap->h;
+ line = bitmap->line;
++
++ if (h < 0 || line <= 0 || h >= (INT_MAX - 1) / line) {
++ data = NULL;
++ return;
++ }
++
+ // need to allocate one extra guard byte for use in combine()
+ data = (Guchar *)gmalloc(h * line + 1);
+ memcpy(data, bitmap->data, h * line);
+@@ -720,7 +733,8 @@ JBIG2Bitmap *JBIG2Bitmap::getSlice(Guint
+ }
+
+ void JBIG2Bitmap::expand(int newH, Guint pixel) {
+- if (newH <= h) {
++
++ if (newH <= h || line <= 0 || newH >= (INT_MAX - 1) / line) {
+ return;
+ }
+ // need to allocate one extra guard byte for use in combine()
+@@ -2305,6 +2319,15 @@ void JBIG2Stream::readHalftoneRegionSeg(
+ error(getPos(), "Bad symbol dictionary reference in JBIG2 halftone segment");
+ return;
+ }
++ if (gridH == 0 || gridW >= INT_MAX / gridH) {
++ error(getPos(), "Bad size in JBIG2 halftone segment");
++ return;
++ }
++ if (h < 0 || w == 0 || h >= INT_MAX / w) {
++ error(getPos(), "Bad size in JBIG2 bitmap segment");
++ return;
++ }
++
+ patternDict = (JBIG2PatternDict *)seg;
+ bpp = 0;
+ i = 1;
+@@ -2936,6 +2959,9 @@ JBIG2Bitmap *JBIG2Stream::readGenericRef
+ JBIG2BitmapPtr tpgrCXPtr0, tpgrCXPtr1, tpgrCXPtr2;
+ int x, y, pix;
+
++ if (w < 0 || h <= 0 || w >= INT_MAX / h)
++ return NULL;
++
+ bitmap = new JBIG2Bitmap(0, w, h);
+ bitmap->clearToZero();
+
Index: kpdf/xpdf/xpdf/Stream.cc
===================================================================
---- kpdf/xpdf/xpdf/Stream.cc (revision 473213)
-+++ kpdf/xpdf/xpdf/Stream.cc (revision 487206)
+--- kpdf/xpdf/xpdf/Stream.cc (revision 481099)
++++ kpdf/xpdf/xpdf/Stream.cc (revision 488715)
@@ -15,6 +15,7 @@
#include <stdio.h>
#include <stdlib.h>
@@ -23,7 +97,7 @@ Index: kpdf/xpdf/xpdf/Stream.cc
+ return;
nVals = width * nComps;
-+ if (nVals + 7 <= 0)
++ if (nVals * nBits + 7 <= 0)
+ return;
pixBytes = (nComps * nBits + 7) >> 3;
rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
@@ -49,12 +123,25 @@ Index: kpdf/xpdf/xpdf/Stream.cc
} else {
pred = NULL;
}
-@@ -2903,7 +2922,11 @@ GBool DCTStream::readBaselineSOF() {
+@@ -1258,8 +1277,9 @@ CCITTFaxStream::CCITTFaxStream(Stream *s
+ endOfLine = endOfLineA;
+ byteAlign = byteAlignA;
+ columns = columnsA;
+- if (columns < 1) {
+- columns = 1;
++ if (columns < 1 || columns >= INT_MAX / sizeof(short)) {
++ error(getPos(), "Bad number of columns in CCITTFaxStream");
++ exit(1);
+ }
+ rows = rowsA;
+ endOfBlock = endOfBlockA;
+@@ -2903,7 +2923,12 @@ GBool DCTStream::readBaselineSOF() {
height = read16();
width = read16();
numComps = str->getChar();
- if (prec != 8) {
+ if (numComps <= 0 || numComps > 4) {
++ numComps = 0;
+ error(getPos(), "Bad number of components in DCT stream", prec);
+ return gFalse;
+ }
@@ -62,29 +149,46 @@ Index: kpdf/xpdf/xpdf/Stream.cc
error(getPos(), "Bad DCT precision %d", prec);
return gFalse;
}
-@@ -2929,6 +2952,10 @@ GBool DCTStream::readProgressiveSOF() {
+@@ -2929,6 +2954,11 @@ GBool DCTStream::readProgressiveSOF() {
height = read16();
width = read16();
numComps = str->getChar();
+ if (numComps <= 0 || numComps > 4) {
++ numComps = 0;
+ error(getPos(), "Bad number of components in DCT stream");
+ return gFalse;
+ }
if (prec != 8) {
error(getPos(), "Bad DCT precision %d", prec);
return gFalse;
-@@ -2951,6 +2978,10 @@ GBool DCTStream::readScanInfo() {
+@@ -2951,6 +2981,11 @@ GBool DCTStream::readScanInfo() {
length = read16() - 2;
scanInfo.numComps = str->getChar();
+ if (scanInfo.numComps <= 0 || scanInfo.numComps > 4) {
++ scanInfo.numComps = 0;
+ error(getPos(), "Bad number of components in DCT stream");
+ return gFalse;
+ }
--length;
if (length != 2 * scanInfo.numComps + 3) {
error(getPos(), "Bad DCT scan info block");
-@@ -3833,6 +3864,10 @@ FlateStream::FlateStream(Stream *strA, i
+@@ -3035,12 +3070,12 @@ GBool DCTStream::readHuffmanTables() {
+ while (length > 0) {
+ index = str->getChar();
+ --length;
+- if ((index & 0x0f) >= 4) {
++ if ((index & ~0x10) >= 4 || (index & ~0x10) < 0) {
+ error(getPos(), "Bad DCT Huffman table");
+ return gFalse;
+ }
+ if (index & 0x10) {
+- index &= 0x0f;
++ index &= 0x03;
+ if (index >= numACHuffTables)
+ numACHuffTables = index+1;
+ tbl = &acHuffTables[index];
+@@ -3833,6 +3868,10 @@ FlateStream::FlateStream(Stream *strA, i
FilterStream(strA) {
if (predictor != 1) {
pred = new StreamPredictor(this, predictor, columns, colors, bits);
@@ -97,8 +201,8 @@ Index: kpdf/xpdf/xpdf/Stream.cc
}
Index: kpdf/xpdf/xpdf/Stream.h
===================================================================
---- kpdf/xpdf/xpdf/Stream.h (revision 473213)
-+++ kpdf/xpdf/xpdf/Stream.h (revision 487206)
+--- kpdf/xpdf/xpdf/Stream.h (revision 481099)
++++ kpdf/xpdf/xpdf/Stream.h (revision 488715)
@@ -232,6 +232,8 @@ public:
~StreamPredictor();
@@ -116,10 +220,8 @@ Index: kpdf/xpdf/xpdf/Stream.h
};
//------------------------------------------------------------------------
-Index: kpdf/xpdf/xpdf/JPXStream.cc
-===================================================================
---- kpdf/xpdf/xpdf/JPXStream.cc (revision 473213)
-+++ kpdf/xpdf/xpdf/JPXStream.cc (revision 487206)
+--- kpdf/xpdf/xpdf/JPXStream.cc (revision 481099)
++++ kpdf/xpdf/xpdf/JPXStream.cc (revision 488715)
@@ -7,6 +7,7 @@
//========================================================================
@@ -153,3 +255,33 @@ Index: kpdf/xpdf/xpdf/JPXStream.cc
for (i = 0; i < img.nXTiles * img.nYTiles; ++i) {
img.tiles[i].tileComps = (JPXTileComp *)gmallocn(img.nComps,
sizeof(JPXTileComp));
+Index: kpdf/xpdf/goo/gmem.c
+===================================================================
+--- kpdf/xpdf/goo/gmem.c (revision 481099)
++++ kpdf/xpdf/goo/gmem.c (revision 488715)
+@@ -11,6 +11,7 @@
+ #include <stdlib.h>
+ #include <stddef.h>
+ #include <string.h>
++#include <limits.h>
+ #include "gmem.h"
+
+ #ifdef DEBUG_MEM
+@@ -141,7 +142,7 @@ void *gmallocn(int nObjs, int objSize) {
+ int n;
+
+ n = nObjs * objSize;
+- if (objSize == 0 || n / objSize != nObjs) {
++ if (objSize <= 0 || nObjs < 0 || nObjs >= INT_MAX / objSize) {
+ fprintf(stderr, "Bogus memory allocation size\n");
+ exit(1);
+ }
+@@ -152,7 +153,7 @@ void *greallocn(void *p, int nObjs, int
+ int n;
+
+ n = nObjs * objSize;
+- if (objSize == 0 || n / objSize != nObjs) {
++ if (objSize <= 0 || nObjs < 0 || nObjs >= INT_MAX / objSize) {
+ fprintf(stderr, "Bogus memory allocation size\n");
+ exit(1);
+ }