From 6cbee49d6668eb7fd738080666f66febfce8c7e8 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Fri, 16 Mar 2018 07:47:34 -0400 Subject: gnu: All snippets report errors using exceptions, else return #t. * gnu/packages/admin.scm, gnu/packages/algebra.scm, gnu/packages/audio.scm, gnu/packages/backup.scm, gnu/packages/base.scm, gnu/packages/bioinformatics.scm, gnu/packages/cdrom.scm, gnu/packages/chez.scm, gnu/packages/code.scm, gnu/packages/compression.scm, gnu/packages/cross-base.scm, gnu/packages/crypto.scm, gnu/packages/cups.scm, gnu/packages/databases.scm, gnu/packages/dns.scm, gnu/packages/emacs.scm, gnu/packages/emulators.scm, gnu/packages/engineering.scm, gnu/packages/enlightenment.scm, gnu/packages/fpga.scm, gnu/packages/freedesktop.scm, gnu/packages/ftp.scm, gnu/packages/games.scm, gnu/packages/gcc.scm, gnu/packages/geo.scm, gnu/packages/ghostscript.scm, gnu/packages/gl.scm, gnu/packages/glib.scm, gnu/packages/gnome.scm, gnu/packages/gnuzilla.scm, gnu/packages/graphics.scm, gnu/packages/gtk.scm, gnu/packages/guile.scm, gnu/packages/irc.scm, gnu/packages/java.scm, gnu/packages/kerberos.scm, gnu/packages/linux.scm, gnu/packages/lisp.scm, gnu/packages/lxde.scm, gnu/packages/machine-learning.scm, gnu/packages/mail.scm, gnu/packages/maths.scm, gnu/packages/messaging.scm, gnu/packages/monitoring.scm, gnu/packages/mp3.scm, gnu/packages/music.scm, gnu/packages/netpbm.scm, gnu/packages/networking.scm, gnu/packages/node.scm, gnu/packages/nvi.scm, gnu/packages/ocaml.scm, gnu/packages/pdf.scm, gnu/packages/perl.scm, gnu/packages/php.scm, gnu/packages/plotutils.scm, gnu/packages/pretty-print.scm, gnu/packages/profiling.scm, gnu/packages/pulseaudio.scm, gnu/packages/python-crypto.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/robotics.scm, gnu/packages/sawfish.scm, gnu/packages/scanner.scm, gnu/packages/scheme.scm, gnu/packages/scribus.scm, gnu/packages/sdl.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/slang.scm, gnu/packages/smalltalk.scm, gnu/packages/ssh.scm, gnu/packages/sync.scm, gnu/packages/syncthing.scm, gnu/packages/tbb.scm, gnu/packages/terminals.scm, gnu/packages/texinfo.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/tls.scm, gnu/packages/unrtf.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vpn.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/wxwidgets.scm, gnu/packages/xdisorg.scm, gnu/packages/xorg.scm: In all snippets, report errors using exceptions, or else return #t. --- gnu/packages/pdf.scm | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 95f42c6751..f1aa958931 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -579,7 +579,7 @@ extracting content or merging files.") (base32 "0b9j0gqbc3jhmx87r6idcsh8lnb30840c3hyx6dk2gdjqqh3hysp")) (modules '((guix build utils))) - (snippet '(delete-file-recursively "thirdparty")))) + (snippet '(begin (delete-file-recursively "thirdparty") #t)))) (build-system gnu-build-system) (inputs `(("curl" ,curl) @@ -631,12 +631,14 @@ line tools for batch rendering @command{pdfdraw}, rewriting files (snippet ;; Replace shebang with the bi-lingual shell/Perl trick to remove ;; dependency on Perl. - '(substitute* "qpdf/fix-qdf" - (("#!/usr/bin/env perl") - "\ + '(begin + (substitute* "qpdf/fix-qdf" + (("#!/usr/bin/env perl") + "\ eval '(exit $?0)' && eval 'exec perl -wS \"$0\" ${1+\"$@\"}' & eval 'exec perl -wS \"$0\" $argv:q' - if 0;\n"))))) + if 0;\n")) + #t)))) (build-system gnu-build-system) (arguments `(#:disallowed-references (,perl) -- cgit v1.2.3 From b5e530198ab11c511bed0a2d1d12728bd62f1c2c Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sun, 18 Mar 2018 23:22:59 -0400 Subject: gnu: qpdf: Return #t from all phases. * gnu/packages/pdf.scm (qpdf)[arguments]: Return #t from 'patch-paths' phase. --- gnu/packages/pdf.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index f1aa958931..2d2c4d756e 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -652,7 +652,8 @@ eval '(exit $?0)' && eval 'exec perl -wS \"$0\" ${1+\"$@\"}' (substitute* (append '("qtest/bin/qtest-driver") (find-files "." "\\.test")) - (("/usr/bin/env") (which "env")))))))) + (("/usr/bin/env") (which "env"))) + #t))))) (native-inputs `(("pkg-config" ,pkg-config) ("perl" ,perl))) -- cgit v1.2.3 From 4735610ee34adaa6295f73d1a4d1d37c9aadb78b Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 20 Mar 2018 11:32:12 +0100 Subject: gnu: poppler: Update to 0.63.0. * gnu/packages/pdf.scm (poppler): Update to 0.63.0. --- gnu/packages/pdf.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 2d2c4d756e..23d77d2062 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -79,14 +79,14 @@ (define-public poppler (package (name "poppler") - (version "0.62.0") + (version "0.63.0") (source (origin (method url-fetch) (uri (string-append "https://poppler.freedesktop.org/poppler-" version ".tar.xz")) (sha256 (base32 - "1ii9ly1pngyvs0aiq2wxpya08hidpl54y7nsb8b1vxnnskgp76jv")))) + "04d1z1ygyb3llzc6s6c99wxafvljj2sc5b76djif34f7mzfqmk17")))) (build-system cmake-build-system) ;; FIXME: ;; use libcurl: no -- cgit v1.2.3 From d0e888c39dde9459434dbfe9461faca0dcfb9f24 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 30 Apr 2018 14:12:14 -0400 Subject: gnu: xournal: Update to 0.4.8.2016. * gnu/packages/pdf.scm (xournal): Update to 0.4.8.2016. --- gnu/packages/pdf.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 84b53b00b4..7762b06ff7 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -673,7 +673,7 @@ program capable of converting PDF into other formats.") (define-public xournal (package (name "xournal") - (version "0.4.8") + (version "0.4.8.2016") (source (origin (method url-fetch) @@ -681,7 +681,7 @@ program capable of converting PDF into other formats.") "/xournal-" version ".tar.gz")) (sha256 (base32 - "0c7gjcqhygiyp0ypaipdaxgkbivg6q45vhsj8v5jsi9nh6iqff13")))) + "09i88v3wacmx7f96dmq0l3afpyv95lh6jrx16xzm0jd1szdrhn5j")))) (build-system gnu-build-system) (inputs `(("gtk" ,gtk+-2) -- cgit v1.2.3 From 6d161406659fd9166da81162db8b2f42de1cd50b Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 27 Apr 2018 22:03:03 -0400 Subject: gnu: Add poppler-data. * gnu/packages/pdf.scm (poppler-data): New variable. --- gnu/packages/pdf.scm | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 7762b06ff7..9e5af5f011 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -10,7 +10,7 @@ ;;; Copyright © 2016, 2017 Ludovic Courtès ;;; Copyright © 2016 Julien Lepiller ;;; Copyright © 2016 Arun Isaac -;;; Copyright © 2017 Leo Famulari +;;; Copyright © 2017, 2018 Leo Famulari ;;; Copyright © 2017 Alex Vong ;;; Copyright © 2017 Rene Saavedra ;;; Copyright © 2017 Tobias Geerinckx-Rice @@ -124,6 +124,36 @@ (license license:gpl2+) (home-page "https://poppler.freedesktop.org/"))) +(define-public poppler-data + (package + (name "poppler-data") + (version "0.4.9") + (source (origin + (method url-fetch) + (uri (string-append "https://poppler.freedesktop.org/poppler-data" + "-" version ".tar.gz")) + (sha256 + (base32 + "04i0wgdkn5lhda8cyxd1ll4a2p41pwqrwd47n9mdpl7cx5ypx70z")))) + (build-system gnu-build-system) + (arguments + '(#:tests? #f ; no test suite + #:make-flags (list (string-append "prefix=" (assoc-ref %outputs "out"))) + #:phases + (modify-phases %standard-phases + ;; The package only provides some data files, so there is nothing to + ;; build. + (delete 'configure) + (delete 'build)))) + (synopsis "Poppler encoding files for rendering of CJK and Cyrillic text") + (description "This package provides optional encoding files for Poppler. +When present, Poppler is able to correctly render CJK and Cyrillic text.") + (home-page (package-home-page poppler)) + ;; See COPYING in the source distribution for more information about + ;; the licensing. + (license (list license:bsd-3 + license:gpl2)))) + (define-public poppler-qt4 (package (inherit poppler) (name "poppler-qt4") -- cgit v1.2.3 From 2b79c6833d5b6728edf859f7e885ed397b77bedc Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 14 May 2018 12:04:30 +0300 Subject: gnu: mupdf: Update to 1.13.0. * gnu/packages/pdf.scm (mupdf): Update to 1.13.0. [source]: Remove patches. * gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch, gnu/packages/patches/mupdf-CVE-2017-17858.patch, gnu/packages/patches/mupdf-CVE-2018-6544.patch, gnu/packages/patches/mupdf-CVE-2018-1000051.patch: Remove files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 4 - gnu/packages/patches/mupdf-CVE-2017-17858.patch | 111 --------------------- gnu/packages/patches/mupdf-CVE-2018-1000051.patch | 88 ---------------- gnu/packages/patches/mupdf-CVE-2018-6544.patch | 109 -------------------- .../patches/mupdf-build-with-latest-openjpeg.patch | 27 ----- gnu/packages/pdf.scm | 12 +-- 6 files changed, 4 insertions(+), 347 deletions(-) delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-17858.patch delete mode 100644 gnu/packages/patches/mupdf-CVE-2018-1000051.patch delete mode 100644 gnu/packages/patches/mupdf-CVE-2018-6544.patch delete mode 100644 gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 7987f8ad91..d55276fb33 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -932,10 +932,6 @@ dist_patch_DATA = \ %D%/packages/patches/mozjs38-tracelogger.patch \ %D%/packages/patches/mozjs38-version-detection.patch \ %D%/packages/patches/mumps-build-parallelism.patch \ - %D%/packages/patches/mupdf-build-with-latest-openjpeg.patch \ - %D%/packages/patches/mupdf-CVE-2017-17858.patch \ - %D%/packages/patches/mupdf-CVE-2018-6544.patch \ - %D%/packages/patches/mupdf-CVE-2018-1000051.patch \ %D%/packages/patches/mupen64plus-ui-console-notice.patch \ %D%/packages/patches/mupen64plus-video-z64-glew-correct-path.patch \ %D%/packages/patches/mutt-store-references.patch \ diff --git a/gnu/packages/patches/mupdf-CVE-2017-17858.patch b/gnu/packages/patches/mupdf-CVE-2017-17858.patch deleted file mode 100644 index 66df127509..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-17858.patch +++ /dev/null @@ -1,111 +0,0 @@ -Fix CVE-2017-17858: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17858 -https://bugs.ghostscript.com/show_bug.cgi?id=698819 -https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731 - -From 55c3f68d638ac1263a386e0aaa004bb6e8bde731 Mon Sep 17 00:00:00 2001 -From: Sebastian Rasmussen -Date: Mon, 11 Dec 2017 14:09:15 +0100 -Subject: [PATCH] Bugs 698804/698810/698811: Keep PDF object numbers below - limit. - -This ensures that: - * xref tables with objects pointers do not grow out of bounds. - * other readers, e.g. Adobe Acrobat can parse PDFs written by mupdf. ---- - include/mupdf/pdf/object.h | 3 +++ - source/pdf/pdf-repair.c | 5 +---- - source/pdf/pdf-xref.c | 21 ++++++++++++--------- - 3 files changed, 16 insertions(+), 13 deletions(-) - -diff --git a/include/mupdf/pdf/object.h b/include/mupdf/pdf/object.h -index 21ed8595..4177112b 100644 ---- a/include/mupdf/pdf/object.h -+++ b/include/mupdf/pdf/object.h -@@ -3,6 +3,9 @@ - - typedef struct pdf_document_s pdf_document; - -+/* Defined in PDF 1.7 according to Acrobat limit. */ -+#define PDF_MAX_OBJECT_NUMBER 8388607 -+ - /* - * Dynamic objects. - * The same type of objects as found in PDF and PostScript. -diff --git a/source/pdf/pdf-repair.c b/source/pdf/pdf-repair.c -index ca149bd3..0c29758e 100644 ---- a/source/pdf/pdf-repair.c -+++ b/source/pdf/pdf-repair.c -@@ -6,9 +6,6 @@ - - /* Scan file for objects and reconstruct xref table */ - --/* Define in PDF 1.7 to be 8388607, but mupdf is more lenient. */ --#define MAX_OBJECT_NUMBER (10 << 20) -- - struct entry - { - int num; -@@ -436,7 +433,7 @@ pdf_repair_xref(fz_context *ctx, pdf_document *doc) - break; - } - -- if (num <= 0 || num > MAX_OBJECT_NUMBER) -+ if (num <= 0 || num > PDF_MAX_OBJECT_NUMBER) - { - fz_warn(ctx, "ignoring object with invalid object number (%d %d R)", num, gen); - goto have_next_token; -diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c -index 00586dbd..6284e70b 100644 ---- a/source/pdf/pdf-xref.c -+++ b/source/pdf/pdf-xref.c -@@ -868,11 +868,12 @@ pdf_read_old_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf) - fz_seek(ctx, file, -(2 + (int)strlen(s)), SEEK_CUR); - } - -- if (ofs < 0) -- fz_throw(ctx, FZ_ERROR_GENERIC, "out of range object num in xref: %d", (int)ofs); -- if (ofs > INT64_MAX - len) -- fz_throw(ctx, FZ_ERROR_GENERIC, "xref section object numbers too big"); -- -+ if (ofs < 0 || ofs > PDF_MAX_OBJECT_NUMBER -+ || len < 0 || len > PDF_MAX_OBJECT_NUMBER -+ || ofs + len - 1 > PDF_MAX_OBJECT_NUMBER) -+ { -+ fz_throw(ctx, FZ_ERROR_GENERIC, "xref subsection object numbers are out of range"); -+ } - /* broken pdfs where size in trailer undershoots entries in xref sections */ - if (ofs + len > xref_len) - { -@@ -933,10 +934,8 @@ pdf_read_new_xref_section(fz_context *ctx, pdf_document *doc, fz_stream *stm, in - pdf_xref_entry *table; - int i, n; - -- if (i0 < 0 || i1 < 0 || i0 > INT_MAX - i1) -- fz_throw(ctx, FZ_ERROR_GENERIC, "negative xref stream entry index"); -- //if (i0 + i1 > pdf_xref_len(ctx, doc)) -- // fz_throw(ctx, FZ_ERROR_GENERIC, "xref stream has too many entries"); -+ if (i0 < 0 || i0 > PDF_MAX_OBJECT_NUMBER || i1 < 0 || i1 > PDF_MAX_OBJECT_NUMBER || i0 + i1 - 1 > PDF_MAX_OBJECT_NUMBER) -+ fz_throw(ctx, FZ_ERROR_GENERIC, "xref subsection object numbers are out of range"); - - table = pdf_xref_find_subsection(ctx, doc, i0, i1); - for (i = i0; i < i0 + i1; i++) -@@ -2086,6 +2085,10 @@ pdf_create_object(fz_context *ctx, pdf_document *doc) - /* TODO: reuse free object slots by properly linking free object chains in the ofs field */ - pdf_xref_entry *entry; - int num = pdf_xref_len(ctx, doc); -+ -+ if (num > PDF_MAX_OBJECT_NUMBER) -+ fz_throw(ctx, FZ_ERROR_GENERIC, "too many objects stored in pdf"); -+ - entry = pdf_get_incremental_xref_entry(ctx, doc, num); - entry->type = 'f'; - entry->ofs = -1; --- -2.16.1 - diff --git a/gnu/packages/patches/mupdf-CVE-2018-1000051.patch b/gnu/packages/patches/mupdf-CVE-2018-1000051.patch deleted file mode 100644 index bb78c46f80..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2018-1000051.patch +++ /dev/null @@ -1,88 +0,0 @@ -Fix CVE-2018-1000051: - -https://bugs.ghostscript.com/show_bug.cgi?id=698873 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000051 - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=mupdf.git;a=commit;h=321ba1de287016b0036bf4a56ce774ad11763384 - -From 321ba1de287016b0036bf4a56ce774ad11763384 Mon Sep 17 00:00:00 2001 -From: Sebastian Rasmussen -Date: Tue, 19 Dec 2017 23:47:47 +0100 -Subject: [PATCH] Bug 698825: Do not drop borrowed colorspaces. - -Previously the borrowed colorspace was dropped when updating annotation -appearances, leading to use after free warnings from valgrind/ASAN. ---- - source/pdf/pdf-appearance.c | 8 ++------ - 1 file changed, 2 insertions(+), 6 deletions(-) - -diff --git a/source/pdf/pdf-appearance.c b/source/pdf/pdf-appearance.c -index 70f684f4..d7a1dddd 100644 ---- a/source/pdf/pdf-appearance.c -+++ b/source/pdf/pdf-appearance.c -@@ -2170,7 +2170,6 @@ void pdf_update_free_text_annot_appearance(fz_context *ctx, pdf_document *doc, p - fz_device *dev = NULL; - font_info font_rec; - fz_text *text = NULL; -- fz_colorspace *cs = NULL; - fz_matrix page_ctm; - - pdf_page_transform(ctx, annot->page, NULL, &page_ctm); -@@ -2184,11 +2183,11 @@ void pdf_update_free_text_annot_appearance(fz_context *ctx, pdf_document *doc, p - fz_var(dlist); - fz_var(dev); - fz_var(text); -- fz_var(cs); - fz_try(ctx) - { - char *contents = pdf_to_str_buf(ctx, pdf_dict_get(ctx, obj, PDF_NAME_Contents)); - char *da = pdf_to_str_buf(ctx, pdf_dict_get(ctx, obj, PDF_NAME_DA)); -+ fz_colorspace *cs; - fz_point pos; - fz_rect rect; - -@@ -2223,7 +2222,6 @@ void pdf_update_free_text_annot_appearance(fz_context *ctx, pdf_document *doc, p - fz_drop_display_list(ctx, dlist); - font_info_fin(ctx, &font_rec); - fz_drop_text(ctx, text); -- fz_drop_colorspace(ctx, cs); - } - fz_catch(ctx) - { -@@ -2359,7 +2357,6 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot - fz_device *dev = NULL; - font_info font_rec; - fz_text *text = NULL; -- fz_colorspace *cs = NULL; - fz_path *path = NULL; - fz_buffer *fzbuf = NULL; - fz_matrix page_ctm; -@@ -2375,7 +2372,6 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot - fz_var(dlist); - fz_var(dev); - fz_var(text); -- fz_var(cs); - fz_var(fzbuf); - fz_try(ctx) - { -@@ -2384,6 +2380,7 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot - fz_rect logo_bounds; - fz_matrix logo_tm; - fz_rect rect; -+ fz_colorspace *cs = fz_device_rgb(ctx); /* Borrowed reference */ - - pdf_to_rect(ctx, pdf_dict_get(ctx, annot->obj, PDF_NAME_Rect), &annot_rect); - rect = annot_rect; -@@ -2396,7 +2393,6 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot - fz_bound_path(ctx, path, NULL, &fz_identity, &logo_bounds); - center_rect_within_rect(&logo_bounds, &rect, &logo_tm); - fz_concat(&logo_tm, &logo_tm, &page_ctm); -- cs = fz_device_rgb(ctx); /* Borrowed reference */ - fz_fill_path(ctx, dev, path, 0, &logo_tm, cs, logo_color, 1.0f, NULL); - - get_font_info(ctx, doc, dr, da, &font_rec); --- -2.16.3 - diff --git a/gnu/packages/patches/mupdf-CVE-2018-6544.patch b/gnu/packages/patches/mupdf-CVE-2018-6544.patch deleted file mode 100644 index b2c8f849f3..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2018-6544.patch +++ /dev/null @@ -1,109 +0,0 @@ -Fix CVE-2018-6544: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6544 -https://bugs.ghostscript.com/show_bug.cgi?id=698830 -https://bugs.ghostscript.com/show_bug.cgi?id=698965 - -Patches copied from upstream source repository: - -https://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d -https://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89 - -From b03def134988da8c800adac1a38a41a1f09a1d89 Mon Sep 17 00:00:00 2001 -From: Sebastian Rasmussen -Date: Thu, 1 Feb 2018 16:36:14 +0100 -Subject: [PATCH] Bug 698830: Avoid recursion when loading object streams - objects. - -If there were indirect references in the object stream dictionary and -one of those indirect references referred to an object inside the object -stream itself, mupdf would previously enter recursion only bounded by the -exception stack. After this commit the object stream is checked if it is -marked immediately after being loaded. If it is marked then we terminate -the recursion at this point, if it is not marked then mark it and -attempt to load the desired object within. We also take care to unmark -the stream object when done or upon exception. ---- - source/pdf/pdf-xref.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c -index 723b543c..ed09094c 100644 ---- a/source/pdf/pdf-xref.c -+++ b/source/pdf/pdf-xref.c -@@ -1576,6 +1576,19 @@ pdf_load_obj_stm(fz_context *ctx, pdf_document *doc, int num, pdf_lexbuf *buf, i - { - objstm = pdf_load_object(ctx, doc, num); - -+ if (pdf_obj_marked(ctx, objstm)) -+ fz_throw(ctx, FZ_ERROR_GENERIC, "recursive object stream lookup"); -+ } -+ fz_catch(ctx) -+ { -+ pdf_drop_obj(ctx, objstm); -+ fz_rethrow(ctx); -+ } -+ -+ fz_try(ctx) -+ { -+ pdf_mark_obj(ctx, objstm); -+ - count = pdf_to_int(ctx, pdf_dict_get(ctx, objstm, PDF_NAME_N)); - first = pdf_to_int(ctx, pdf_dict_get(ctx, objstm, PDF_NAME_First)); - -@@ -1655,6 +1668,7 @@ pdf_load_obj_stm(fz_context *ctx, pdf_document *doc, int num, pdf_lexbuf *buf, i - fz_drop_stream(ctx, stm); - fz_free(ctx, ofsbuf); - fz_free(ctx, numbuf); -+ pdf_unmark_obj(ctx, objstm); - pdf_drop_obj(ctx, objstm); - } - fz_catch(ctx) --- -2.16.3 - -From 26527eef77b3e51c2258c8e40845bfbc015e405d Mon Sep 17 00:00:00 2001 -From: Sebastian Rasmussen -Date: Mon, 29 Jan 2018 02:00:48 +0100 -Subject: [PATCH] Bug 698830: Don't drop unkept stream if running out of error - stack. - -Under normal conditions where fz_keep_stream() is called inside -fz_try() we may call fz_drop_stream() in fz_catch() upon exceptions. -The issue comes when fz_keep_stream() has not yet been called but is -dropped in fz_catch(). This happens in the PDF from the bug when -fz_try() runs out of exception stack, and next the code in fz_catch() -runs, dropping the caller's reference to the filter chain stream! - -The simplest way of fixing this it to always keep the filter chain -stream before fz_try() is called. That way fz_catch() may drop the -stream whether an exception has occurred or if the fz_try() ran out of -exception stack. ---- - source/pdf/pdf-stream.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/source/pdf/pdf-stream.c b/source/pdf/pdf-stream.c -index c89da5c4..c6ba7ad3 100644 ---- a/source/pdf/pdf-stream.c -+++ b/source/pdf/pdf-stream.c -@@ -303,14 +303,13 @@ pdf_open_raw_filter(fz_context *ctx, fz_stream *chain, pdf_document *doc, pdf_ob - *orig_gen = 0; - } - -- fz_var(chain); -+ chain = fz_keep_stream(ctx, chain); - - fz_try(ctx) - { - len = pdf_to_int(ctx, pdf_dict_get(ctx, stmobj, PDF_NAME_Length)); - -- /* don't close chain when we close this filter */ -- chain2 = fz_keep_stream(ctx, chain); -+ chain2 = chain; - chain = NULL; - chain = fz_open_null(ctx, chain2, len, offset); - --- -2.16.3 - diff --git a/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch b/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch deleted file mode 100644 index d5c9c60242..0000000000 --- a/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch +++ /dev/null @@ -1,27 +0,0 @@ -Make it possible to build MuPDF with OpenJPEG 2.3, which is the latest -release series and contains many important bug fixes. - -Patch adapted from Debian: - -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745246 - -And related to this upstream commit: - -http://git.ghostscript.com/?p=mupdf.git;a=commit;h=f88bfe2e62dbadb96d4f52d7aa025f0a516078da - -diff --git a/source/fitz/load-jpx.c b/source/fitz/load-jpx.c -index 65699ba..ea84778 100644 ---- a/source/fitz/load-jpx.c -+++ b/source/fitz/load-jpx.c -@@ -445,11 +445,6 @@ fz_load_jpx_info(fz_context *ctx, const unsigned char *data, size_t size, int *w - - #else /* HAVE_LURATECH */ - --#define OPJ_STATIC --#define OPJ_HAVE_INTTYPES_H --#if !defined(_MSC_VER) || _MSC_VER >= 1600 --#define OPJ_HAVE_STDINT_H --#endif - #define USE_JPIP - - #include diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 9e5af5f011..fd494739c3 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -5,7 +5,7 @@ ;;; Copyright © 2015 Paul van der Walt ;;; Copyright © 2016 Roel Janssen ;;; Copyright © 2016 Nils Gillmann -;;; Copyright © 2016, 2017 Efraim Flashner +;;; Copyright © 2016, 2017, 2018 Efraim Flashner ;;; Copyright © 2016, 2017 Marius Bakke ;;; Copyright © 2016, 2017 Ludovic Courtès ;;; Copyright © 2016 Julien Lepiller @@ -597,21 +597,17 @@ extracting content or merging files.") (define-public mupdf (package (name "mupdf") - (version "1.12.0") + (version "1.13.0") (source (origin (method url-fetch) (uri (string-append "https://mupdf.com/downloads/archive/" name "-" version "-source.tar.xz")) - (patches (search-patches "mupdf-build-with-latest-openjpeg.patch" - "mupdf-CVE-2017-17858.patch" - "mupdf-CVE-2018-6544.patch" - "mupdf-CVE-2018-1000051.patch")) (sha256 (base32 - "0b9j0gqbc3jhmx87r6idcsh8lnb30840c3hyx6dk2gdjqqh3hysp")) + "0129k92bav692l6lyw10ryldx7h2f9khjpgnp3f3n4fdsph9hrkl")) (modules '((guix build utils))) - (snippet '(delete-file-recursively "thirdparty")))) + (snippet '(begin (delete-file-recursively "thirdparty") #t)))) (build-system gnu-build-system) (inputs `(("curl" ,curl) -- cgit v1.2.3 From 49d85a19fbb072e3d02e96e1f72eca745a73e4e3 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 4 Jun 2018 01:11:16 +0200 Subject: gnu: pdfgrep: Update to 2.1.1. * gnu/packages/pdf.scm (pdfgrep): Update to 2.1.1. --- gnu/packages/pdf.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/pdf.scm') diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index fd494739c3..e531210d42 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -982,7 +982,7 @@ PDF. Indeed @command{pdfposter} was inspired by @command{poster}.") (define-public pdfgrep (package (name "pdfgrep") - (version "2.0.1") + (version "2.1.1") (source (origin (method url-fetch) @@ -990,7 +990,7 @@ PDF. Indeed @command{pdfposter} was inspired by @command{poster}.") name "-" version ".tar.gz")) (sha256 (base32 - "07llkrkcfjwd3ybai9ad10ybhr0biffcplmy7lw4fb87nd2dfw03")))) + "02qcl5kmr5qzjfc99qpbpfb1890bxlrq3r208gnding51zrmb09c")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) -- cgit v1.2.3