From: Nick Bowler Date: Sun, 4 Sep 2022 19:33:02 +0000 (-0400) Subject: app-text/xpdf: Backport fix for CVE-2022-38171 X-Git-Url: https://git.draconx.ca/gitweb/gentoo-draconx.git/commitdiff_plain/b20c41883ad4d9d3446a57964cbc905897a1c634 app-text/xpdf: Backport fix for CVE-2022-38171 --- diff --git a/app-text/xpdf/Manifest b/app-text/xpdf/Manifest index 53ef6f3..9443512 100644 --- a/app-text/xpdf/Manifest +++ b/app-text/xpdf/Manifest @@ -1,4 +1,5 @@ AUX xpdf-Add-Gentoo-font-path.patch 1981 BLAKE2B 05652a65e0b8c128f229517586a823cd4d96e0984286af7337849b3d5d3e73167b884f8864f24a1bd3206004838234cfa6cb25a0d9cb20ae2bb6630804f43167 SHA512 8d3c91954f141ebe67b340448b557412089e558d99df5c24afb7758756d8ad24c9a4655ce8ea68f5271b4becb14af3c461a6ec596bd7f52056ab0f3f14cf7e19 +AUX xpdf-cve-2022-38171.patch 750 BLAKE2B 09452d7755347226d51abe6cab5871d619b5d8fa71492b0a99eaba18091b5a4b845c76e5cd718ca05510f57e387cce0feee29f8fbd430aeda6d61a7ce7555ba1 SHA512 10c37ce15daec5cb73ec0a0217986b29ea09593738eefce8bf1620d00129f4d808ea7bcc817ee7a76655a3621f280f4b1f572ed51909b6518209659a0e6b2747 AUX xpdf.desktop 2892 BLAKE2B bfd17519f46f9686612ad3d4c1890aad8cafa373013ca12b585e17054f2b5ab2b6b6c7f3da744ae4cf0493e098a7b393e9467a4dda063b9ee16897d836fcbfe3 SHA512 320d34f0a5f73da571140fe450f5bd2d473def70781920b702714933aaab8d4d735cc3ea252b2b13355b639158eecd9a7ec48d4de53946f1675fc2230b012f4d DIST xpdf-3.04.tar.gz 825519 BLAKE2B 69e6f75e64b9b76f08a1b5e2d738042b1b263bf2222245bf051eb137f104d022ccbe58902626173b6a14c54aeef843bfcb93bed07f717df49462ab92f94194a2 SHA512 3fb3c380fdbd13d937449ae3f7d7a163815cc85296d30be7b9907687884385d6171bb48ee5d5c13368d6bba87740b678f491bdcf61b38d130809e9afa260f6cf -EBUILD xpdf-3.04-r2.ebuild 1069 BLAKE2B c34998de54dc6a83ebbf010a5d4153db37bb437d84b08651763d1dc7e73eaa2c4d8916fa14a9cfadab88eb676b856f31feb9debcf41f1824207ec4bf05a96917 SHA512 bac15d35561c3bf93d5ccdd51518706e6363ee8f031bbb9af1097169c6609ea3ce453578f91e0c06630a4664b0500e7582475b663263993737c6a5e920b7f1ed +EBUILD xpdf-3.04-r3.ebuild 1117 BLAKE2B 8d8082763f63cbd314d5d35c991b2156830d7b0d8db5b8b94658776f73fbe2695262ff2c0ca7aadd5e875c9d2ce0cf5d188db2cbb7a5fd32dcdc3586e96551a6 SHA512 74757e0192c59e54be05deb412cda5a750b7f44aad27cc9de83ed18107afc5db8e430a787be7281007969a10951db099f501bd9b4ed4696777b457c305208c44 diff --git a/app-text/xpdf/files/xpdf-cve-2022-38171.patch b/app-text/xpdf/files/xpdf-cve-2022-38171.patch new file mode 100644 index 0000000..9c027f5 --- /dev/null +++ b/app-text/xpdf/files/xpdf-cve-2022-38171.patch @@ -0,0 +1,20 @@ +diff --git a/xpdf/JBIG2Stream.cc b/xpdf/JBIG2Stream.cc +index 8588931..00c8950 100644 +--- a/xpdf/JBIG2Stream.cc ++++ b/xpdf/JBIG2Stream.cc +@@ -1977,7 +1977,14 @@ void JBIG2Stream::readTextRegionSeg(Guint segNum, GBool imm, + for (i = 0; i < nRefSegs; ++i) { + if ((seg = findSegment(refSegs[i]))) { + if (seg->getType() == jbig2SegSymbolDict) { +- numSyms += ((JBIG2SymbolDict *)seg)->getSize(); ++ Guint segSize = ((JBIG2SymbolDict *)seg)->getSize(); ++ if (segSize > INT_MAX || numSyms > INT_MAX - segSize) { ++ error(errSyntaxError, getPos(), ++ "Too many symbols in JBIG2 text region"); ++ delete codeTables; ++ return; ++ } ++ numSyms += segSize; + } else if (seg->getType() == jbig2SegCodeTable) { + codeTables->append(seg); + } diff --git a/app-text/xpdf/xpdf-3.04-r2.ebuild b/app-text/xpdf/xpdf-3.04-r3.ebuild similarity index 86% rename from app-text/xpdf/xpdf-3.04-r2.ebuild rename to app-text/xpdf/xpdf-3.04-r3.ebuild index 29fe8f3..a0dca42 100644 --- a/app-text/xpdf/xpdf-3.04-r2.ebuild +++ b/app-text/xpdf/xpdf-3.04-r3.ebuild @@ -1,4 +1,4 @@ -# Copyright © 2012, 2014-2015, 2020 Nick Bowler +# Copyright © 2012, 2014-2015, 2020, 2022 Nick Bowler # License GPLv3+: GNU General Public License version 3 or any later version. # This is free software: you are free to change and redistribute it. # There is NO WARRANTY, to the extent permitted by law. @@ -23,7 +23,10 @@ DEPEND=">=x11-libs/motif-2.3:0 RDEPEND="$DEPEND media-fonts/urw-fonts" -PATCHES=("$FILESDIR/xpdf-Add-Gentoo-font-path.patch") +PATCHES=( + "$FILESDIR/xpdf-Add-Gentoo-font-path.patch" + "$FILESDIR/xpdf-cve-2022-38171.patch" +) src_configure() { econf --with-freetype2-includes=${EROOT%/}/usr/include/freetype2