aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorB. Watson <yalhcru@gmail.com>2014-02-25 08:02:21 +0700
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2014-02-25 08:20:33 +0700
commit4b6d7eae729f9f3ed6d8bbe2b7de4cc5873c97a2 (patch)
treef7566979c573b07f6fdbd0e57e01dbf2dabf4f0e
parent83fb4c734785db4ca563d653461510fcfb79e1f4 (diff)
office/mupdf: Fixed CVE-2014-2013.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
-rw-r--r--office/mupdf/mupdf.SlackBuild21
-rw-r--r--office/mupdf/xps_parse_color_overflow_fix.diff60
2 files changed, 80 insertions, 1 deletions
diff --git a/office/mupdf/mupdf.SlackBuild b/office/mupdf/mupdf.SlackBuild
index e7d9d94b8623f..f7e98c4bdb835 100644
--- a/office/mupdf/mupdf.SlackBuild
+++ b/office/mupdf/mupdf.SlackBuild
@@ -17,9 +17,23 @@
# - Updated README & slack-desc to mention XPS and CBZ
# - Fix the man pages slightly
+# Modified 20140224 by B. Watson (yalhcru@gmail.com):
+# - backported security fix for CVE-2014-2013. I will be upgrading this
+# build to mupdf-1.3, but it'll take more work than I currently have
+# time for:
+# + mupdf's internals have changed, will have to redo my patches
+# + it depends on openjpeg 2.0 which SBo hasn't got yet. 2.0 uses an
+# incompatible API, so an openjpeg 2.0 SlackBuild would require
+# updates for everything that depends on it.
+# + zathura-pdf-mupdf will need updating (mupdf's API has changed)
+# + probably all the other zathura-* builds will need updating to
+# be compatible with new zathura-pdf-mupdf
+# The security fix is needed now, it's a tiny patch, and shouldn't have
+# to wait on all that other stuff.
+
PRGNAM=mupdf
VERSION=${VERSION:-1.2}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
@@ -80,6 +94,11 @@ patch -p1 < $CWD/man_page.diff
sed -i 's,libopenjpeg,libopenjpeg1,' Makerules
rm -rf thirdparty
+# patch from upstream git, fix security vulnerability CVE-2014-2013.
+# from here: http://git.ghostscript.com/?p=user/zeniko/mupdf.git;h=60dabde18d
+# Patch is for mupdf-1.3, I've backported it to 1.2 for now.
+patch -p1 < $CWD/xps_parse_color_overflow_fix.diff
+
make build=release prefix=/usr XCFLAGS="$SLKCFLAGS"
make \
build=release \
diff --git a/office/mupdf/xps_parse_color_overflow_fix.diff b/office/mupdf/xps_parse_color_overflow_fix.diff
new file mode 100644
index 0000000000000..3995b665ccc7a
--- /dev/null
+++ b/office/mupdf/xps_parse_color_overflow_fix.diff
@@ -0,0 +1,60 @@
+diff -Naur mupdf-1.2-source/xps/xps_common.c mupdf-1.2-source.patched/xps/xps_common.c
+--- mupdf-1.2-source/xps/xps_common.c 2013-02-13 15:25:08.000000000 -0500
++++ mupdf-1.2-source.patched/xps/xps_common.c 2014-02-24 15:25:35.000000000 -0500
+@@ -89,7 +89,7 @@
+ if (scb_color_att)
+ {
+ fz_colorspace *colorspace;
+- float samples[32];
++ float samples[FZ_MAX_COLORS];
+ xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples);
+ opacity = opacity * samples[0];
+ }
+@@ -273,6 +273,11 @@
+
+ *p++ = 0;
+ n = count_commas(p) + 1;
++ if (n > FZ_MAX_COLORS)
++ {
++ fz_warn(doc->ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS);
++ n = FZ_MAX_COLORS;
++ }
+ i = 0;
+ while (i < n)
+ {
+diff -Naur mupdf-1.2-source/xps/xps_glyphs.c mupdf-1.2-source.patched/xps/xps_glyphs.c
+--- mupdf-1.2-source/xps/xps_glyphs.c 2013-02-13 15:25:08.000000000 -0500
++++ mupdf-1.2-source.patched/xps/xps_glyphs.c 2014-02-24 15:25:57.000000000 -0500
+@@ -591,7 +591,7 @@
+
+ if (fill_att)
+ {
+- float samples[32];
++ float samples[FZ_MAX_COLORS];
+ fz_colorspace *colorspace;
+
+ xps_parse_color(doc, base_uri, fill_att, &colorspace, samples);
+diff -Naur mupdf-1.2-source/xps/xps_gradient.c mupdf-1.2-source.patched/xps/xps_gradient.c
+--- mupdf-1.2-source/xps/xps_gradient.c 2013-02-13 15:25:08.000000000 -0500
++++ mupdf-1.2-source.patched/xps/xps_gradient.c 2014-02-24 15:26:30.000000000 -0500
+@@ -38,7 +38,7 @@
+ struct stop *stops, int maxcount)
+ {
+ fz_colorspace *colorspace;
+- float sample[8];
++ float sample[FZ_MAX_COLORS];
+ float rgb[3];
+ int before, after;
+ int count;
+diff -Naur mupdf-1.2-source/xps/xps_path.c mupdf-1.2-source.patched/xps/xps_path.c
+--- mupdf-1.2-source/xps/xps_path.c 2013-02-13 15:25:08.000000000 -0500
++++ mupdf-1.2-source.patched/xps/xps_path.c 2014-02-24 15:27:07.000000000 -0500
+@@ -826,7 +826,7 @@
+
+ fz_stroke_state *stroke = NULL;
+ fz_matrix transform;
+- float samples[32];
++ float samples[FZ_MAX_COLORS];
+ fz_colorspace *colorspace;
+ fz_path *path;
+ fz_path *stroke_path = NULL;