head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.20 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.18 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.16 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.14 pkgsrc-2011Q2-base:1.4 pkgsrc-2009Q4:1.4.0.12 pkgsrc-2009Q4-base:1.4 pkgsrc-2008Q4:1.4.0.10 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.8 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.6 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.4 pkgsrc-2008Q2-base:1.4 pkgsrc-2008Q1:1.4.0.2 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.3.0.2 pkgsrc-2007Q4-base:1.3 pkgsrc-2007Q3:1.1.0.2 pkgsrc-2007Q3-base:1.1; locks; strict; comment @# @; 1.4 date 2008.02.01.21.12.42; author drochner; state dead; branches; next 1.3; 1.3 date 2007.11.28.20.54.38; author drochner; state Exp; branches; next 1.2; 1.2 date 2007.11.03.16.10.39; author drochner; state dead; branches; next 1.1; 1.1 date 2007.08.02.14.41.19; author drochner; state Exp; branches; next ; desc @@ 1.4 log @update to 0.6.4 changes: -Fix crash in the Splash renderer when T3 fonts are badly defined -Draw underlined Links correctly -utils: Fix two use after free bugs in HtmlOutputDev.cc -some fixes to the qt4 frontend @ text @$NetBSD: patch-af,v 1.3 2007/11/28 20:54:38 drochner Exp $ --- glib/poppler-document.cc.orig 2007-11-28 21:04:53.000000000 +0100 +++ glib/poppler-document.cc @@@@ -137,8 +137,20 @@@@ poppler_document_new_from_file (const ch g_free (filename); password_g = NULL; - if (password != NULL) - password_g = new GooString (password); + if (password != NULL) { + if (g_utf8_validate (password, -1, NULL)) { + gchar *password_latin; + + password_latin = g_convert (password, -1, + "ISO-8859-1", + "UTF-8", + NULL, NULL, NULL); + password_g = new GooString (password_latin); + g_free (password_latin); + } else { + password_g = new GooString (password); + } + } newDoc = new PDFDoc(filename_g, password_g, password_g); if (password_g) @ 1.3 log @update to 0.6.2 changes: -security fixes (patched in pkgsrc) were integrated upstream -fix some possible crashes -cleanup @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @update to 0.6.1 This switches to the new 0.6 branch which is not source compatible to 0.5.x. Most notable changes: -Merge xpdf 3.02 changes -Support for Sound objects -Support for Opening/Closing page actions -Support for page duration -Improve PS Tokenizer performance -Beginning of Interactive Form support -xpdfrc is no longer used for anything -Fix security issue MOAB-06-01-2007 -Lots of bugs fixed @ text @d1 1 a1 1 $NetBSD: patch-af,v 1.1 2007/08/02 14:41:19 drochner Exp $ d3 4 a6 4 --- poppler/Stream.cc.orig 2007-08-02 10:28:59.000000000 +0200 +++ poppler/Stream.cc @@@@ -422,12 +422,6 @@@@ StreamPredictor::StreamPredictor(Stream ok = gFalse; d8 20 a27 23 nVals = width * nComps; - if (width <= 0 || nComps <= 0 || nBits <= 0 || - nComps >= INT_MAX/nBits || - width >= INT_MAX/nComps/nBits || - nVals * nBits + 7 < 0) { - return; - } totalBits = nVals * nBits; if (totalBits == 0 || (totalBits / nBits) / nComps != width || @@@@ -436,7 +430,11 @@@@ StreamPredictor::StreamPredictor(Stream } pixBytes = (nComps * nBits + 7) >> 3; rowBytes = ((totalBits + 7) >> 3) + pixBytes; - if (rowBytes < 0) { + if (width <= 0 || nComps <= 0 || nBits <= 0 || + nComps > gfxColorMaxComps || + nBits > 16 || + width >= INT_MAX / nComps || // check for overflow in nVals + nVals >= (INT_MAX - 7) / nBits) { // check for overflow in rowBytes return; } predLine = (Guchar *)gmalloc(rowBytes); @ 1.1 log @apply a patch from xpdf to fix an integer overflow vulnerability (CVE-2007-3387) bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ @