gnu: Poppler: Fix CVE-2018-19149.
* gnu/packages/patches/poppler-CVE-2018-19149.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pdf.scm (poppler)[replacement]: New field. (poppler/fixed): New variable. (poppler-qt4, poppler-qt5): Use package/inherit.
This commit is contained in:
parent
8263b9f71f
commit
021bf6af18
|
@ -1046,6 +1046,7 @@ dist_patch_DATA = \
|
||||||
%D%/packages/patches/plink-1.07-unclobber-i.patch \
|
%D%/packages/patches/plink-1.07-unclobber-i.patch \
|
||||||
%D%/packages/patches/plink-endian-detection.patch \
|
%D%/packages/patches/plink-endian-detection.patch \
|
||||||
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
|
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
|
||||||
|
%D%/packages/patches/poppler-CVE-2018-19149.patch \
|
||||||
%D%/packages/patches/portaudio-audacity-compat.patch \
|
%D%/packages/patches/portaudio-audacity-compat.patch \
|
||||||
%D%/packages/patches/portmidi-modular-build.patch \
|
%D%/packages/patches/portmidi-modular-build.patch \
|
||||||
%D%/packages/patches/potrace-tests.patch \
|
%D%/packages/patches/potrace-tests.patch \
|
||||||
|
|
|
@ -0,0 +1,80 @@
|
||||||
|
Fix CVE-2018-19149:
|
||||||
|
|
||||||
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
|
||||||
|
https://gitlab.freedesktop.org/poppler/poppler/issues/664
|
||||||
|
|
||||||
|
Patch copied from upstream source repository:
|
||||||
|
|
||||||
|
https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
|
||||||
|
|
||||||
|
From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Marek Kasik <mkasik@redhat.com>
|
||||||
|
Date: Fri, 20 Apr 2018 11:38:13 +0200
|
||||||
|
Subject: [PATCH] Fix crash on missing embedded file
|
||||||
|
|
||||||
|
Check whether an embedded file is actually present in the PDF
|
||||||
|
and show warning in that case.
|
||||||
|
|
||||||
|
https://bugs.freedesktop.org/show_bug.cgi?id=106137
|
||||||
|
https://gitlab.freedesktop.org/poppler/poppler/issues/236
|
||||||
|
---
|
||||||
|
glib/poppler-attachment.cc | 26 +++++++++++++++++---------
|
||||||
|
glib/poppler-document.cc | 3 ++-
|
||||||
|
2 files changed, 19 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc
|
||||||
|
index c6502e9d..11ba5bb5 100644
|
||||||
|
--- a/glib/poppler-attachment.cc
|
||||||
|
+++ b/glib/poppler-attachment.cc
|
||||||
|
@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file)
|
||||||
|
attachment->description = _poppler_goo_string_to_utf8 (emb_file->getDescription ());
|
||||||
|
|
||||||
|
embFile = emb_file->getEmbeddedFile();
|
||||||
|
- attachment->size = embFile->size ();
|
||||||
|
+ if (embFile != NULL && embFile->streamObject()->isStream())
|
||||||
|
+ {
|
||||||
|
+ attachment->size = embFile->size ();
|
||||||
|
|
||||||
|
- if (embFile->createDate ())
|
||||||
|
- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
|
||||||
|
- if (embFile->modDate ())
|
||||||
|
- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
|
||||||
|
+ if (embFile->createDate ())
|
||||||
|
+ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
|
||||||
|
+ if (embFile->modDate ())
|
||||||
|
+ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
|
||||||
|
|
||||||
|
- if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
|
||||||
|
- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
|
||||||
|
- embFile->checksum ()->getLength ());
|
||||||
|
- priv->obj_stream = embFile->streamObject()->copy();
|
||||||
|
+ if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
|
||||||
|
+ attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
|
||||||
|
+ embFile->checksum ()->getLength ());
|
||||||
|
+ priv->obj_stream = embFile->streamObject()->copy();
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ g_warning ("Missing stream object for embedded file");
|
||||||
|
+ g_clear_object (&attachment);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
return attachment;
|
||||||
|
}
|
||||||
|
diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc
|
||||||
|
index 83f6aea6..ea319344 100644
|
||||||
|
--- a/glib/poppler-document.cc
|
||||||
|
+++ b/glib/poppler-document.cc
|
||||||
|
@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument *document)
|
||||||
|
attachment = _poppler_attachment_new (emb_file);
|
||||||
|
delete emb_file;
|
||||||
|
|
||||||
|
- retval = g_list_prepend (retval, attachment);
|
||||||
|
+ if (attachment != NULL)
|
||||||
|
+ retval = g_list_prepend (retval, attachment);
|
||||||
|
}
|
||||||
|
return g_list_reverse (retval);
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.19.1
|
||||||
|
|
|
@ -82,6 +82,7 @@
|
||||||
(define-public poppler
|
(define-public poppler
|
||||||
(package
|
(package
|
||||||
(name "poppler")
|
(name "poppler")
|
||||||
|
(replacement poppler/fixed)
|
||||||
(version "0.63.0")
|
(version "0.63.0")
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
|
@ -127,6 +128,14 @@
|
||||||
(license license:gpl2+)
|
(license license:gpl2+)
|
||||||
(home-page "https://poppler.freedesktop.org/")))
|
(home-page "https://poppler.freedesktop.org/")))
|
||||||
|
|
||||||
|
(define poppler/fixed
|
||||||
|
(package
|
||||||
|
(inherit poppler)
|
||||||
|
(source (origin
|
||||||
|
(inherit (package-source poppler))
|
||||||
|
(patches (append (origin-patches (package-source poppler))
|
||||||
|
(search-patches "poppler-CVE-2018-19149.patch")))))))
|
||||||
|
|
||||||
(define-public poppler-data
|
(define-public poppler-data
|
||||||
(package
|
(package
|
||||||
(name "poppler-data")
|
(name "poppler-data")
|
||||||
|
@ -158,14 +167,14 @@ When present, Poppler is able to correctly render CJK and Cyrillic text.")
|
||||||
license:gpl2))))
|
license:gpl2))))
|
||||||
|
|
||||||
(define-public poppler-qt4
|
(define-public poppler-qt4
|
||||||
(package (inherit poppler)
|
(package/inherit poppler
|
||||||
(name "poppler-qt4")
|
(name "poppler-qt4")
|
||||||
(inputs `(("qt-4" ,qt-4)
|
(inputs `(("qt-4" ,qt-4)
|
||||||
,@(package-inputs poppler)))
|
,@(package-inputs poppler)))
|
||||||
(synopsis "Qt4 frontend for the Poppler PDF rendering library")))
|
(synopsis "Qt4 frontend for the Poppler PDF rendering library")))
|
||||||
|
|
||||||
(define-public poppler-qt5
|
(define-public poppler-qt5
|
||||||
(package (inherit poppler)
|
(package/inherit poppler
|
||||||
(name "poppler-qt5")
|
(name "poppler-qt5")
|
||||||
(inputs `(("qtbase" ,qtbase)
|
(inputs `(("qtbase" ,qtbase)
|
||||||
,@(package-inputs poppler)))
|
,@(package-inputs poppler)))
|
||||||
|
|
Loading…
Reference in New Issue