From 12f37d60152e8ac818dea0f15f500eddb48e9cff Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Fri, 26 May 2017 23:48:01 -0400 Subject: [PATCH] gnu: graphite2/fixed: Update to 1.3.10. * gnu/packages/fontutils.scm (graphite2/fixed): Update to 1.3.10. Remove patches that have been incorporated upstream. * gnu/packages/patches/graphite2-CVE-2017-5436.patch, gnu/packages/patches/graphite2-check-code-point-limit.patch, gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch, gnu/packages/patches/graphite2-non-linear-classes-even-number.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 4 - gnu/packages/fontutils.scm | 15 +-- .../patches/graphite2-CVE-2017-5436.patch | 25 ----- .../graphite2-check-code-point-limit.patch | 50 ---------- .../graphite2-fix-32-bit-wrap-arounds.patch | 93 ------------------- ...hite2-non-linear-classes-even-number.patch | 26 ------ 6 files changed, 5 insertions(+), 208 deletions(-) delete mode 100644 gnu/packages/patches/graphite2-CVE-2017-5436.patch delete mode 100644 gnu/packages/patches/graphite2-check-code-point-limit.patch delete mode 100644 gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch delete mode 100644 gnu/packages/patches/graphite2-non-linear-classes-even-number.patch diff --git a/gnu/local.mk b/gnu/local.mk index 178ad35482..a97be8b533 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -640,11 +640,7 @@ dist_patch_DATA = \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ - %D%/packages/patches/graphite2-CVE-2017-5436.patch \ - %D%/packages/patches/graphite2-check-code-point-limit.patch \ %D%/packages/patches/graphite2-ffloat-store.patch \ - %D%/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch \ - %D%/packages/patches/graphite2-non-linear-classes-even-number.patch \ %D%/packages/patches/grep-timing-sensitive-test.patch \ %D%/packages/patches/gsl-test-i686.patch \ %D%/packages/patches/gspell-dash-test.patch \ diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index 1c4d7d07ff..efea81dc11 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -415,22 +415,17 @@ and returns a sequence of positioned glyphids from the font.") (package (inherit graphite2) (name "graphite2") - (version "1.3.9") (replacement #f) (source (origin (method url-fetch) - (uri (string-append "https://github.com/silnrsi/graphite/releases/" - "download/" version "/" name "-" version ".tgz")) - (patches (search-patches - "graphite2-ffloat-store.patch" - "graphite2-check-code-point-limit.patch" - "graphite2-CVE-2017-5436.patch" - "graphite2-fix-32-bit-wrap-arounds.patch" - "graphite2-non-linear-classes-even-number.patch")) + (uri (let ((version "1.3.10")) + (string-append "https://github.com/silnrsi/graphite/releases/" + "download/" version "/" name "-" version ".tgz"))) + (patches (search-patches "graphite2-ffloat-store.patch")) (sha256 (base32 - "0rs5h7m340z75kygx8d72cps0q6yvvqa9i788vym7585cfv8a0gc")))))) + "1bm1rl2ww0m8rvmknh8fpajyz9xqv43qs9qrzf7xd5gaz6rf7zch")))))) (define-public potrace (package diff --git a/gnu/packages/patches/graphite2-CVE-2017-5436.patch b/gnu/packages/patches/graphite2-CVE-2017-5436.patch deleted file mode 100644 index d7383ec8de..0000000000 --- a/gnu/packages/patches/graphite2-CVE-2017-5436.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 1ce331d5548b98ed8b818532b2556d6f2c7a3b83 Mon Sep 17 00:00:00 2001 -From: Martin Hosken -Date: Thu, 9 Mar 2017 22:04:04 +0000 -Subject: [PATCH] Ensure features have enough space. Fix from Mozilla - ---- - src/FeatureMap.cpp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/FeatureMap.cpp b/src/FeatureMap.cpp -index b8c8405..83bd5f6 100644 ---- a/src/FeatureMap.cpp -+++ b/src/FeatureMap.cpp -@@ -275,7 +275,7 @@ bool FeatureRef::applyValToFeature(uint32 val, Features & pDest) const - else - if (pDest.m_pMap!=&m_pFace->theSill().theFeatureMap()) - return false; //incompatible -- pDest.reserve(m_index); -+ pDest.reserve(m_index+1); - pDest[m_index] &= ~m_mask; - pDest[m_index] |= (uint32(val) << m_bits); - return true; --- -2.12.2 - diff --git a/gnu/packages/patches/graphite2-check-code-point-limit.patch b/gnu/packages/patches/graphite2-check-code-point-limit.patch deleted file mode 100644 index a9b6caf53f..0000000000 --- a/gnu/packages/patches/graphite2-check-code-point-limit.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 348c11e4571b534efdbd58a575bbea979c880b2f Mon Sep 17 00:00:00 2001 -From: Tim Eves -Date: Wed, 1 Mar 2017 14:23:46 +0700 -Subject: [PATCH] Fix decoding of USV greater than U+110000 - -Add test cases too ---- - src/inc/UtfCodec.h | 4 ++-- - tests/utftest/utftest.cpp | 3 +++ - 2 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/src/inc/UtfCodec.h b/src/inc/UtfCodec.h -index 3417bac..9dc760f 100644 ---- a/src/inc/UtfCodec.h -+++ b/src/inc/UtfCodec.h -@@ -124,7 +124,7 @@ struct _utf_codec<8> - private: - static const int8 sz_lut[16]; - static const byte mask_lut[5]; -- -+ static const uchar_t limit = 0x110000; - - public: - typedef uint8 codeunit_t; -@@ -157,7 +157,7 @@ public: - case 0: l = -1; return 0xFFFD; - } - -- if (l != seq_sz || toolong) -+ if (l != seq_sz || toolong || u >= limit) - { - l = -l; - return 0xFFFD; -diff --git a/tests/utftest/utftest.cpp b/tests/utftest/utftest.cpp -index 21cb188..a23553a 100644 ---- a/tests/utftest/utftest.cpp -+++ b/tests/utftest/utftest.cpp -@@ -8,6 +8,9 @@ struct test8 - unsigned char str[12]; - }; - struct test8 tests8[] = { -+ { 0, 0, {0xF4, 0x90, 0x80, 0x80, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000] -+ { 0, 0, {0xC0, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000] -+ { 0, 0, {0xA0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000] - { 4, -1, {0x7F, 0xDF, 0xBF, 0xEF, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0, 0} }, // U+7F, U+7FF, U+FFFF, U+10FFF - { 2, 3, {0x7F, 0xDF, 0xBF, 0xF0, 0x8F, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0} }, // U+7F, U+7FF, long(U+FFFF), U+10FFF - { 1, 1, {0x7F, 0xE0, 0x9F, 0xBF, 0xEF, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0} }, // U+7F, long(U+7FF), U+FFFF, U+10FFF --- -2.12.2 - diff --git a/gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch b/gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch deleted file mode 100644 index 57d4ce2c6e..0000000000 --- a/gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch +++ /dev/null @@ -1,93 +0,0 @@ -This patch incorporates the following 6 consecutive commits from the upstream -graphite2 repository: - -75b83cd..: Martin Hosken 2017-03-28 Fix 32-bit wrap arounds -1f97e36..: Martin Hosken 2017-03-28 balance comparisons in decompressor -9493785..: Martin Hosken 2017-03-29 Speculative rounding fix -09af043..: Tim Eves 2017-03-31 Move a MINMATCH to rhs of a comparisio -28cc60d..: Tim Eves 2017-03-31 Deal with similar wrap around in literal_len -8afc7d0..: Martin Hosken 2017-04-03 Fix 32-bit rollover in decompressor, again - -This diff was generated by the following command: - - git diff 1ce331d5548b98ed..8afc7d0081959866 - - -diff --git a/src/Decompressor.cpp b/src/Decompressor.cpp -index 084570f..56d531f 100644 ---- a/src/Decompressor.cpp -+++ b/src/Decompressor.cpp -@@ -51,7 +51,7 @@ bool read_sequence(u8 const * &src, u8 const * const end, u8 const * &literal, u - literal = src; - src += literal_len; - -- if (src > end - 2) -+ if (src > end - 2 || src < literal) - return false; - - match_dist = *src++; -@@ -85,7 +85,7 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size) - { - // Copy in literal. At this point the last full sequence must be at - // least MINMATCH + 5 from the end of the output buffer. -- if (dst + align(literal_len) > dst_end - (MINMATCH+5)) -+ if (align(literal_len) > unsigned(dst_end - dst - (MINMATCH+5)) || dst_end - dst < MINMATCH + 5) - return -1; - dst = overrun_copy(dst, literal, literal_len); - } -@@ -94,7 +94,8 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size) - // decoded output. - u8 const * const pcpy = dst - match_dist; - if (pcpy < static_cast(out) -- || dst + match_len + MINMATCH > dst_end - 5) -+ || match_len > unsigned(dst_end - dst - (MINMATCH+5)) -+ || dst_end - dst < MINMATCH + 5) - return -1; - if (dst > pcpy+sizeof(unsigned long) - && dst + align(match_len + MINMATCH) <= dst_end) -@@ -103,8 +104,8 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size) - dst = safe_copy(dst, pcpy, match_len + MINMATCH); - } - -- if (literal + literal_len > src_end -- || dst + literal_len > dst_end) -+ if (literal_len > src_end - literal -+ || literal_len > dst_end - dst) - return -1; - dst = fast_copy(dst, literal, literal_len); - -diff --git a/src/Pass.cpp b/src/Pass.cpp -index a4bac2e..683143c 100644 ---- a/src/Pass.cpp -+++ b/src/Pass.cpp -@@ -171,7 +171,7 @@ bool Pass::readPass(const byte * const pass_start, size_t pass_length, size_t su - const uint16 * const o_actions = reinterpret_cast(p); - be::skip(p, m_numRules + 1); - const byte * const states = p; -- if (e.test(p + 2u*m_numTransition*m_numColumns >= pass_end, E_BADPASSLENGTH)) return face.error(e); -+ if (e.test(2u*m_numTransition*m_numColumns >= (unsigned)(pass_end - p), E_BADPASSLENGTH)) return face.error(e); - be::skip(p, m_numTransition*m_numColumns); - be::skip(p); - if (e.test(p != pcCode, E_BADPASSCCODEPTR)) return face.error(e); -@@ -192,7 +192,7 @@ bool Pass::readPass(const byte * const pass_start, size_t pass_length, size_t su - m_cPConstraint = vm::Machine::Code(true, pcCode, pcCode + pass_constraint_len, - precontext[0], be::peek(sort_keys), *m_silf, face, PASS_TYPE_UNKNOWN); - if (e.test(!m_cPConstraint, E_OUTOFMEM) -- || e.test(!m_cPConstraint, m_cPConstraint.status() + E_CODEFAILURE)) -+ || e.test(m_cPConstraint.status() != Code::loaded, m_cPConstraint.status() + E_CODEFAILURE)) - return face.error(e); - face.error_context(face.error_context() - 1); - } -diff --git a/src/Silf.cpp b/src/Silf.cpp -index 72a22cd..d661992 100644 ---- a/src/Silf.cpp -+++ b/src/Silf.cpp -@@ -191,7 +191,7 @@ bool Silf::readGraphite(const byte * const silf_start, size_t lSilf, Face& face, - - const size_t clen = readClassMap(p, passes_start - p, version, e); - m_passes = new Pass[m_numPasses]; -- if (e || e.test(p + clen > passes_start, E_BADPASSESSTART) -+ if (e || e.test(clen > unsigned(passes_start - p), E_BADPASSESSTART) - || e.test(!m_passes, E_OUTOFMEM)) - { releaseBuffers(); return face.error(e); } - diff --git a/gnu/packages/patches/graphite2-non-linear-classes-even-number.patch b/gnu/packages/patches/graphite2-non-linear-classes-even-number.patch deleted file mode 100644 index 2bb1c9f94e..0000000000 --- a/gnu/packages/patches/graphite2-non-linear-classes-even-number.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0646e4ee471183994f78a759269f0505617711f3 Mon Sep 17 00:00:00 2001 -From: Martin Hosken -Date: Tue, 18 Apr 2017 13:17:14 +0100 -Subject: [PATCH] Ensure non linear classes have even number of elements - ---- - src/Silf.cpp | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/Silf.cpp b/src/Silf.cpp -index d661992..9f2f954 100644 ---- a/src/Silf.cpp -+++ b/src/Silf.cpp -@@ -293,7 +293,8 @@ size_t Silf::readClassMap(const byte *p, size_t data_len, uint32 version, Error - if (e.test(*o + 4 > max_off, E_HIGHCLASSOFFSET) // LookupClass doesn't stretch over max_off - || e.test(lookup[0] == 0 // A LookupClass with no looks is a suspicious thing ... - || lookup[0] * 2 + *o + 4 > max_off // numIDs lookup pairs fits within (start of LookupClass' lookups array, max_off] -- || lookup[3] + lookup[1] != lookup[0], E_BADCLASSLOOKUPINFO)) // rangeShift: numIDs - searchRange -+ || lookup[3] + lookup[1] != lookup[0], E_BADCLASSLOOKUPINFO) // rangeShift: numIDs - searchRange -+ || e.test(((o[1] - *o) & 1) != 0, ERROROFFSET)) // glyphs are in pairs so difference must be even. - return ERROROFFSET; - } - --- -2.12.2 -