head 1.5; access; symbols pkgsrc-2014Q2:1.4.0.22 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.20 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.4.0.18 pkgsrc-2013Q4-base:1.4 pkgsrc-2013Q3:1.4.0.16 pkgsrc-2013Q3-base:1.4 pkgsrc-2013Q2:1.4.0.14 pkgsrc-2013Q2-base:1.4 pkgsrc-2013Q1:1.4.0.12 pkgsrc-2013Q1-base:1.4 pkgsrc-2012Q4:1.4.0.10 pkgsrc-2012Q4-base:1.4 pkgsrc-2012Q3:1.4.0.8 pkgsrc-2012Q3-base:1.4 pkgsrc-2012Q2:1.4.0.6 pkgsrc-2012Q2-base:1.4 pkgsrc-2012Q1:1.4.0.4 pkgsrc-2012Q1-base:1.4 pkgsrc-2011Q4:1.4.0.2 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q3:1.3.0.32 pkgsrc-2011Q3-base:1.3 pkgsrc-2011Q2:1.3.0.30 pkgsrc-2011Q2-base:1.3 pkgsrc-2011Q1:1.3.0.28 pkgsrc-2011Q1-base:1.3 pkgsrc-2010Q4:1.3.0.26 pkgsrc-2010Q4-base:1.3 pkgsrc-2010Q3:1.3.0.24 pkgsrc-2010Q3-base:1.3 pkgsrc-2010Q2:1.3.0.22 pkgsrc-2010Q2-base:1.3 pkgsrc-2010Q1:1.3.0.20 pkgsrc-2010Q1-base:1.3 pkgsrc-2009Q4:1.3.0.18 pkgsrc-2009Q4-base:1.3 pkgsrc-2009Q3:1.3.0.16 pkgsrc-2009Q3-base:1.3 pkgsrc-2009Q2:1.3.0.14 pkgsrc-2009Q2-base:1.3 pkgsrc-2009Q1:1.3.0.12 pkgsrc-2009Q1-base:1.3 pkgsrc-2008Q4:1.3.0.10 pkgsrc-2008Q4-base:1.3 pkgsrc-2008Q3:1.3.0.8 pkgsrc-2008Q3-base:1.3 cube-native-xorg:1.3.0.6 cube-native-xorg-base:1.3 pkgsrc-2008Q2:1.3.0.4 pkgsrc-2008Q2-base:1.3 cwrapper:1.3.0.2 pkgsrc-2008Q1:1.2.0.18 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.16 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.14 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.12 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.10 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.8 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.6 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.4 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.2 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.1.0.2; locks; strict; comment @# @; 1.5 date 2014.08.01.12.31.27; author tron; state dead; branches; next 1.4; commitid rFMYsE9XiAVoLEKx; 1.4 date 2011.10.27.02.35.41; author tez; state Exp; branches 1.4.22.1; next 1.3; 1.3 date 2008.04.20.15.48.12; author tonnerre; state Exp; branches 1.3.32.1; next 1.2; 1.2 date 2006.03.29.17.20.09; author joerg; state dead; branches 1.2.18.1; next 1.1; 1.1 date 2006.01.22.23.13.33; author tron; state Exp; branches 1.1.2.1; next ; 1.4.22.1 date 2014.08.03.18.06.12; author spz; state dead; branches; next ; commitid kxoFlgLB5fEfyWKx; 1.3.32.1 date 2011.11.02.20.54.05; author tron; state Exp; branches; next ; 1.2.18.1 date 2008.04.20.19.00.06; author spz; state Exp; branches; next ; 1.1.2.1 date 2006.01.22.23.13.33; author salo; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2006.01.23.10.35.16; author salo; state Exp; branches; next ; desc @@ 1.5 log @Update "xpdf" package to version 3.04. Changes since version 3.03: - New text extractor. - Added the pdftohtml tool. - Added the pdftopng tool. - New trapezoid-based rasterizer core (for performance). - Generate appearance streams for Line, PolyLine, and Polygon annotations. - Added the closeWindowOrQuit command, and changed the default binding for ctrl-W from closeWindow to closeWindowOrQuit. - Implemented the new AES-256 mode (R=6, Acrobat X). - Add an object cache. - Added a small cache for object streams. - Modify PSOutputDev to use LZW compression instead of RLE, with a fallback to RLE if the "psLZW no" setting is given. - Pdfinfo now prints page rotation info. - Modified ImageOutputDev, used by pdfimages, to output the masks and soft masks used when drawing images. - Remove non-printable characters from error output, just in case they might cause problems for the terminal program. - Added initial support for Code3of9 bar codes in XFA forms. - Added the mapExtTrueTypeFontsViaUnicode xpdfrc command. - Apply stroke adjustment to rectangular images and clipping regions (in addition to strokes and fills). - Decode JPEG 2000 images at less than full resolution if the full res image isn't needed (i.e., if the raw image is higher resolution than the output). - Implemented knockout groups. - Removed t1lib support. - Added support for images with 16-bit components. - Rewrote the Dict class to use a hash table; as a side effect, this handles dictionaries with multiple definitions for a key, which are in violation of the spec, but Acrobat appears to handle. - The transformed line width computation -- used to implement the minLineWidth setting, and the hairline threshold in monochrome mode -- was incorrect. - Pdftops was not correctly handling the case where it couldn't find a 16-bit font -- this led to crashes and/or invalid PostScript. - A bug in FlateStream::getBlock() was causing problems with narrow images. - Use the correct _WIN32 define instead of WIN32. - Use copy-on-write for the clip path in SplashState (when doing gsave), for performance. - Added a Solaris-specific entry to the ghostscript font search path. - SplashState was initializing line width to 0 instead of 1. - Abort processing on a content stream after getting 500 errors (undefined operator, wrong number of args) -- this avoids very long processing time for malicious PDF files using bogus RLE encoded content streams. - Added the psUseCropBoxAsPage xpdfrc option; "pdftops -pagecrop" now sets psUseCropBoxAsPage; "pdftops -pagecrop -paper match" now uses the CropBox as the page size. - Re-architected the AcroForm support code into a separate AcroForm module. - Fixed the handling of overprinting/transparency interaction, using the CompatibleOverprint blend mode. - The TIFF predictor code for the 1-bit-per-pixel case was broken. - For triangle and patch mesh shadings (types 4-7) with color functions, interpolate the function parameter not the color. - Check the fontFile/fontDir commands before (instead of after) doing Base-14 substitution in PS output. - Correctly handle non-embedded TrueType fonts that have an Identity ToUnicode mapping (display and PS output were failing). - Added support for XFA form rendering, including an "enableXFA" xpdfrc setting. - Handle PFB Type 1 fonts when generating PostScript output. - Unwind any extraneous saved graphics state at the end of the page (before drawing annotations). - Added some integer overflow checks in the GString class. - Handle 16-bit components in JPEG 2000 images. - ActualText spans can end without a valid font, in which case TextPage::beginWord was crashing. - The Domain entry in function shadings wasn't being parsed correctly. - Fixed a bug in the JPEG decoder - successive approximation (progressive mode) coefficients weren't being handled correctly. - Added a better infinite loop test to the xref parser. - When generating PostScript, merge reused TrueType fonts (if their code-to-GID mappings are the same). - Tweak the Gouraud triangle shaded fill code to end the recursive splitting if the triangles get sufficiently small. - Do bilinear interpolation when upsampling images. - When skipping extraneous image data from an inline image, look for EI instead of just EI. - When writing to stdout on Windows, pdftoppm now sets the file mode to binary. [Thanks to Robert Frunzke.] - Accept strings as well as names for the BaseFont entry in font objects. - Removed the TEXTOUT_WORD_LIST config option (with the new text extractor, this is always enabled). - Fixed a bug in the JBIG2 decoder (the TPGD context for template #3 in readGenericBitmap was incorrect). - Rewrote the PostScriptFunction code for performance. - Handle 8-bit OpenType CFF fonts that are missing required tables in the OpenType wrapper. - Handle tiling patterns with reversed coordinates in their bounding boxes. - Added support for 64-bit file offsets, i.e., PDF files larger than 2GB. - Optimize the code that rasterizes pattern-filled image masks. - Added support for Mac OS X system fonts (Base-14 only). - The backdrop color in luminosity-type soft mask groups was not being handled correctly. - Modified behavior of "pdftops -paper match -duplex ..." - it will now duplex consecutive same-sized pages. - Tweak the handling of degenerate fills ('moveto lineto fill') to match Adobe. - Don't honor the OPM=1 setting with ICCBased CMYK color spaces. - Whole-word searches were treating certain punctuation (Unicode number separators and terminators) as part of the word, e.g., searching for "foo" would not match "foo,". - Use the TextString class everywhere it makes sense. - Removed the unnecessary segment sort in Splash (performance optimization). - Handle hyperlinks that use Widget-type annotations. - Fix up the integer overflow checks to avoid issues with clever compilers. [Thanks to Nickolai Zeldovich.] - Correctly handle streams with missing Length entries in damaged PDF files. - Added a compile-time option (LOAD_FONTS_FROM_MEM) to load fonts from memory rather than temporary files on disk. - Added the psRasterSliceSize xpdfrc option. - Fixed a case in the JPEG 2000 arithmetic decoder where extra data is present in packet i, and needs to be saved for use in packet i+1. - Fixed a bug in the JPEG 2000 decoder related to images with fewer than 8 bits per component. - Handle the case in PSOutputDev where slice size overflows a 32-bit integer. - Add (partial) support for TrueType cmap format 2. - Always pass FT_LOAD_NO_BITMAP to FreeType -- bitmaps apparently fail with rotated characters. - Support fonts specified in ExtGState dictionaries. - Annotations with empty Border arrays should not draw a border. - Fix the CMap parser to handle large CID ranges. - Check for Type 3 CharProcs that call q or Q before the d0/d1 operator, and treat them as uncacheable. - Invert the selection color when starting in reverse video mode. - Device{Gray,RGB,CMYK} cannot be mapped via a resource dict. - Changed the PS output for masked images (explicit and color key masking): use a plain old clip path instead of rectclip to avoid array overflows. - Check the StemSnapH/V arrays when converting Type 1C fonts to Type 1 - if there are any duplicate or out-of-order values, skip that StemSnapH/V array. - Added the psMinLineWidth xpdfrc setting. - Fix an obscure issue in converting TrueType fonts to Type 42, related to empty glyph descriptions (12 zero bytes). - Pdftops now reports an error if there were any I/O errors writing to the PS output file. - Fix vertical text (CJK fonts) in PS output -- offset the character origin correctly. - Increased the number of digits used by pdfimages for the image number from three to four. - Handle right-to-left (e.g., Arabic) ligatures correctly in the text extractor. - Added the -loc and -locPS options to pdffonts. - Extend the object parser recursion limit to cover Stream::addFilters() / Stream::makeFilters() - to avoid another possibility of stack overflow. - Disable FreeType autohinting, because it can fail badly with font subsets that use invalid glyph names -- except in the case of Type 1 fonts, which look much better with light autohinting. - Modified the rasterizer pipeline functions to process a scan line at a time (for performance). - Removed VMS build support (it hasn't been updated in ages). - Removed pdftotext's '-htmlmeta' option (use pdftohtml instead). - PSOutputDev's font/form setup code, and pdffonts, were not scanning soft mask groups in ExtGState dictionaries. - Invalid DCT input (e.g., from a damaged PDF file) could overflow the dctClip array. - When upsampling an image mask or image with a large resulting image size, do it in stream mode instead of prescaling the whole image (to avoid running out of memory). - Added infinite loop detection to pdffonts. @ text @$NetBSD: patch-aq,v 1.4 2011/10/27 02:35:41 tez Exp $ Fix arbitrary code execution with embedded fonts (CVE-2008-1693). --- xpdf/Object.h.orig 2011-08-15 16:08:53.000000000 -0500 +++ xpdf/Object.h 2011-10-26 20:48:41.411023600 -0500 @@@@ -68,17 +68,18 @@@@ //------------------------------------------------------------------------ #ifdef DEBUG_MEM -#define initObj(t) ++numAlloc[type = t] +#define initObj(t) zeroUnion(); ++numAlloc[type = t] #else -#define initObj(t) type = t +#define initObj(t) zeroUnion(); type = t #endif class Object { public: - + // attempt to clear the anonymous union + void zeroUnion() { this->name = NULL; } // Default constructor. Object(): - type(objNone) {} + type(objNone) { zeroUnion(); } // Initialize an object. Object *initBool(GBool boolnA) @@@@ -220,16 +221,16 @@@@ #include "Array.h" inline int Object::arrayGetLength() - { return array->getLength(); } + { if (type != objArray) return 0; return array->getLength(); } inline void Object::arrayAdd(Object *elem) - { array->add(elem); } + { if (type == objArray) array->add(elem); } inline Object *Object::arrayGet(int i, Object *obj) - { return array->get(i, obj); } + { if (type != objArray) return obj->initNull(); return array->get(i, obj); } inline Object *Object::arrayGetNF(int i, Object *obj) - { return array->getNF(i, obj); } + { if (type != objArray) return obj->initNull(); return array->getNF(i, obj); } //------------------------------------------------------------------------ // Dict accessors. @@@@ -238,31 +239,31 @@@@ #include "Dict.h" inline int Object::dictGetLength() - { return dict->getLength(); } + { if (type != objDict) return 0; return dict->getLength(); } inline void Object::dictAdd(char *key, Object *val) - { dict->add(key, val); } + { if (type == objDict) dict->add(key, val); } inline GBool Object::dictIs(const char *dictType) - { return dict->is(dictType); } + { return (type == objDict) && dict->is(dictType); } inline GBool Object::isDict(const char *dictType) { return type == objDict && dictIs(dictType); } inline Object *Object::dictLookup(const char *key, Object *obj, int recursion) - { return dict->lookup(key, obj, recursion); } + { if (type != objDict) return obj->initNull(); return dict->lookup(key, obj, recursion); } inline Object *Object::dictLookupNF(const char *key, Object *obj) - { return dict->lookupNF(key, obj); } + { if (type != objDict) return obj->initNull(); return dict->lookupNF(key, obj); } inline char *Object::dictGetKey(int i) - { return dict->getKey(i); } + { if (type != objDict) return NULL; return dict->getKey(i); } inline Object *Object::dictGetVal(int i, Object *obj) - { return dict->getVal(i, obj); } + { if (type != objDict) return obj->initNull(); return dict->getVal(i, obj); } inline Object *Object::dictGetValNF(int i, Object *obj) - { return dict->getValNF(i, obj); } + { if (type != objDict) return obj->initNull(); return dict->getValNF(i, obj); } //------------------------------------------------------------------------ // Stream accessors. @@@@ -271,33 +272,33 @@@@ #include "Stream.h" inline GBool Object::streamIs(char *dictType) - { return stream->getDict()->is(dictType); } + { return (type == objStream) && stream->getDict()->is(dictType); } inline GBool Object::isStream(char *dictType) - { return type == objStream && streamIs(dictType); } + { return (type == objStream) && streamIs(dictType); } inline void Object::streamReset() - { stream->reset(); } + { if (type == objStream) stream->reset(); } inline void Object::streamClose() - { stream->close(); } + { if (type == objStream) stream->close(); } inline int Object::streamGetChar() - { return stream->getChar(); } + { if (type != objStream) return EOF; return stream->getChar(); } inline int Object::streamLookChar() - { return stream->lookChar(); } + { if (type != objStream) return EOF; return stream->lookChar(); } inline char *Object::streamGetLine(char *buf, int size) - { return stream->getLine(buf, size); } + { if (type != objStream) return NULL; return stream->getLine(buf, size); } inline Guint Object::streamGetPos() - { return stream->getPos(); } + { if (type != objStream) return 0; return stream->getPos(); } inline void Object::streamSetPos(Guint pos, int dir) - { stream->setPos(pos, dir); } + { if (type == objStream) stream->setPos(pos, dir); } inline Dict *Object::streamGetDict() - { return stream->getDict(); } + { if (type != objStream) return NULL; return stream->getDict(); } #endif @ 1.4 log @Update to 3.03 Fixes multiple vulnerabilites Change list too long to include here, see http://www.foolabs.com/xpdf/CHANGES (file does not note what changes were included in 3.02pl1 - 3.02pl4 and which are new for 3.03) @ text @d1 1 a1 1 $NetBSD: patch-aq,v 1.3 2008/04/20 15:48:12 tonnerre Exp $ @ 1.4.22.1 log @Pullup ticket #4469 - requested by tron print/xpdf: security update Revisions pulled up: - print/xpdf/Makefile 1.81 - print/xpdf/distinfo 1.42 - print/xpdf/patches/patch-al 1.5 - print/xpdf/patches/patch-am 1.4 - print/xpdf/patches/patch-aq deleted - print/xpdf/patches/patch-ar deleted ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Fri Aug 1 12:31:27 UTC 2014 Modified Files: pkgsrc/print/xpdf: Makefile distinfo pkgsrc/print/xpdf/patches: patch-al patch-am Removed Files: pkgsrc/print/xpdf/patches: patch-aq patch-ar Log Message: Update "xpdf" package to version 3.04. Changes since version 3.03: - New text extractor. - Added the pdftohtml tool. - Added the pdftopng tool. - New trapezoid-based rasterizer core (for performance). - Generate appearance streams for Line, PolyLine, and Polygon annotations. - Added the closeWindowOrQuit command, and changed the default binding for ctrl-W from closeWindow to closeWindowOrQuit. - Implemented the new AES-256 mode (R=3D6, Acrobat X). - Add an object cache. - Added a small cache for object streams. - Modify PSOutputDev to use LZW compression instead of RLE, with a fallback to RLE if the "psLZW no" setting is given. - Pdfinfo now prints page rotation info. - Modified ImageOutputDev, used by pdfimages, to output the masks and soft masks used when drawing images. - Remove non-printable characters from error output, just in case they might cause problems for the terminal program. - Added initial support for Code3of9 bar codes in XFA forms. - Added the mapExtTrueTypeFontsViaUnicode xpdfrc command. - Apply stroke adjustment to rectangular images and clipping regions (in addition to strokes and fills). - Decode JPEG 2000 images at less than full resolution if the full res image isn't needed (i.e., if the raw image is higher resolution than the output). - Implemented knockout groups. - Removed t1lib support. - Added support for images with 16-bit components. - Rewrote the Dict class to use a hash table; as a side effect, this handles dictionaries with multiple definitions for a key, which are in violation of the spec, but Acrobat appears to handle. - The transformed line width computation -- used to implement the minLineWidth setting, and the hairline threshold in monochrome mode -- was incorrect. - Pdftops was not correctly handling the case where it couldn't find a 16-bit font -- this led to crashes and/or invalid PostScript. - A bug in FlateStream::getBlock() was causing problems with narrow images. - Use the correct _WIN32 define instead of WIN32. - Use copy-on-write for the clip path in SplashState (when doing gsave), for performance. - Added a Solaris-specific entry to the ghostscript font search path. - SplashState was initializing line width to 0 instead of 1. - Abort processing on a content stream after getting 500 errors (undefined operator, wrong number of args) -- this avoids very long processing time for malicious PDF files using bogus RLE encoded content streams. - Added the psUseCropBoxAsPage xpdfrc option; "pdftops -pagecrop" now sets psUseCropBoxAsPage; "pdftops -pagecrop -paper match" now uses the CropBox as the page size. - Re-architected the AcroForm support code into a separate AcroForm module. - Fixed the handling of overprinting/transparency interaction, using the CompatibleOverprint blend mode. - The TIFF predictor code for the 1-bit-per-pixel case was broken. - For triangle and patch mesh shadings (types 4-7) with color functions, interpolate the function parameter not the color. - Check the fontFile/fontDir commands before (instead of after) doing Base-14 substitution in PS output. - Correctly handle non-embedded TrueType fonts that have an Identity ToUnicode mapping (display and PS output were failing). - Added support for XFA form rendering, including an "enableXFA" xpdfrc setting. - Handle PFB Type 1 fonts when generating PostScript output. - Unwind any extraneous saved graphics state at the end of the page (before drawing annotations). - Added some integer overflow checks in the GString class. - Handle 16-bit components in JPEG 2000 images. - ActualText spans can end without a valid font, in which case TextPage::beginWord was crashing. - The Domain entry in function shadings wasn't being parsed correctly. - Fixed a bug in the JPEG decoder - successive approximation (progressive mode) coefficients weren't being handled correctly. - Added a better infinite loop test to the xref parser. - When generating PostScript, merge reused TrueType fonts (if their code-to-GID mappings are the same). - Tweak the Gouraud triangle shaded fill code to end the recursive splitting if the triangles get sufficiently small. - Do bilinear interpolation when upsampling images. - When skipping extraneous image data from an inline image, look for EI instead of just EI. - When writing to stdout on Windows, pdftoppm now sets the file mode to binary. [Thanks to Robert Frunzke.] - Accept strings as well as names for the BaseFont entry in font objects. - Removed the TEXTOUT_WORD_LIST config option (with the new text extractor, this is always enabled). - Fixed a bug in the JBIG2 decoder (the TPGD context for template #3 in readGenericBitmap was incorrect). - Rewrote the PostScriptFunction code for performance. - Handle 8-bit OpenType CFF fonts that are missing required tables in the OpenType wrapper. - Handle tiling patterns with reversed coordinates in their bounding boxes. - Added support for 64-bit file offsets, i.e., PDF files larger than 2GB. - Optimize the code that rasterizes pattern-filled image masks. - Added support for Mac OS X system fonts (Base-14 only). - The backdrop color in luminosity-type soft mask groups was not being handled correctly. - Modified behavior of "pdftops -paper match -duplex ..." - it will now duplex consecutive same-sized pages. - Tweak the handling of degenerate fills ('moveto lineto fill') to match Adobe. - Don't honor the OPM=3D1 setting with ICCBased CMYK color spaces. - Whole-word searches were treating certain punctuation (Unicode number separators and terminators) as part of the word, e.g., searching for "foo" would not match "foo,". - Use the TextString class everywhere it makes sense. - Removed the unnecessary segment sort in Splash (performance optimization). - Handle hyperlinks that use Widget-type annotations. - Fix up the integer overflow checks to avoid issues with clever compilers. [Thanks to Nickolai Zeldovich.] - Correctly handle streams with missing Length entries in damaged PDF files. - Added a compile-time option (LOAD_FONTS_FROM_MEM) to load fonts from memory rather than temporary files on disk. - Added the psRasterSliceSize xpdfrc option. - Fixed a case in the JPEG 2000 arithmetic decoder where extra data is present in packet i, and needs to be saved for use in packet i+1. - Fixed a bug in the JPEG 2000 decoder related to images with fewer than 8 bits per component. - Handle the case in PSOutputDev where slice size overflows a 32-bit integer. - Add (partial) support for TrueType cmap format 2. - Always pass FT_LOAD_NO_BITMAP to FreeType -- bitmaps apparently fail with rotated characters. - Support fonts specified in ExtGState dictionaries. - Annotations with empty Border arrays should not draw a border. - Fix the CMap parser to handle large CID ranges. - Check for Type 3 CharProcs that call q or Q before the d0/d1 operator, and treat them as uncacheable. - Invert the selection color when starting in reverse video mode. - Device{Gray,RGB,CMYK} cannot be mapped via a resource dict. - Changed the PS output for masked images (explicit and color key masking): use a plain old clip path instead of rectclip to avoid array overflows. - Check the StemSnapH/V arrays when converting Type 1C fonts to Type 1 - if there are any duplicate or out-of-order values, skip that StemSnapH/V array. - Added the psMinLineWidth xpdfrc setting. - Fix an obscure issue in converting TrueType fonts to Type 42, related to empty glyph descriptions (12 zero bytes). - Pdftops now reports an error if there were any I/O errors writing to the PS output file. - Fix vertical text (CJK fonts) in PS output -- offset the character origin correctly. - Increased the number of digits used by pdfimages for the image number from three to four. - Handle right-to-left (e.g., Arabic) ligatures correctly in the text extractor. - Added the -loc and -locPS options to pdffonts. - Extend the object parser recursion limit to cover Stream::addFilters() / Stream::makeFilters() - to avoid another possibility of stack overflow. - Disable FreeType autohinting, because it can fail badly with font subsets that use invalid glyph names -- except in the case of Type 1 fonts, which look much better with light autohinting. - Modified the rasterizer pipeline functions to process a scan line at a time (for performance). - Removed VMS build support (it hasn't been updated in ages). - Removed pdftotext's '-htmlmeta' option (use pdftohtml instead). - PSOutputDev's font/form setup code, and pdffonts, were not scanning soft mask groups in ExtGState dictionaries. - Invalid DCT input (e.g., from a damaged PDF file) could overflow the dctClip array. - When upsampling an image mask or image with a large resulting image size, do it in stream mode instead of prescaling the whole image (to avoid running out of memory). - Added infinite loop detection to pdffonts. To generate a diff of this commit: cvs rdiff -u -r1.80 -r1.81 pkgsrc/print/xpdf/Makefile cvs rdiff -u -r1.41 -r1.42 pkgsrc/print/xpdf/distinfo cvs rdiff -u -r1.4 -r1.5 pkgsrc/print/xpdf/patches/patch-al cvs rdiff -u -r1.3 -r1.4 pkgsrc/print/xpdf/patches/patch-am cvs rdiff -u -r1.4 -r0 pkgsrc/print/xpdf/patches/patch-aq \ pkgsrc/print/xpdf/patches/patch-ar @ text @d1 1 a1 1 $NetBSD: patch-aq,v 1.4 2011/10/27 02:35:41 tez Exp $ @ 1.3 log @Fix embedded font handling (CVE-2008-1693). While at it, add a patch from upstream CVS which fixes display of 16-bit colors. Update from print/poppler. Approved-by: joerg @ text @d1 1 a1 1 $NetBSD$ d5 3 a7 3 --- xpdf/Object.h.orig 2007-02-27 22:05:52.000000000 +0000 +++ xpdf/Object.h @@@@ -68,17 +68,18 @@@@ enum ObjType { d30 1 a30 1 @@@@ -220,16 +221,16 @@@@ private: d51 1 a51 1 @@@@ -238,31 +239,31 @@@@ inline Object *Object::arrayGetNF(int i, d62 1 a62 1 inline GBool Object::dictIs(char *dictType) d66 1 a66 1 inline GBool Object::isDict(char *dictType) d69 3 a71 3 inline Object *Object::dictLookup(char *key, Object *obj) - { return dict->lookup(key, obj); } + { if (type != objDict) return obj->initNull(); return dict->lookup(key, obj); } d73 1 a73 1 inline Object *Object::dictLookupNF(char *key, Object *obj) d91 1 a91 1 @@@@ -271,33 +272,33 @@@@ inline Object *Object::dictGetValNF(int @ 1.3.32.1 log @Pullup ticket #3587 - requested by tez print/xpdf: security update Revisions pulled up: - print/xpdf/MESSAGE 1.4 - print/xpdf/Makefile 1.75 - print/xpdf/distinfo 1.40 - print/xpdf/patches/patch-aa 1.8 - print/xpdf/patches/patch-ab deleted - print/xpdf/patches/patch-ai 1.4 - print/xpdf/patches/patch-ak 1.6 - print/xpdf/patches/patch-al 1.4 - print/xpdf/patches/patch-am 1.3 - print/xpdf/patches/patch-an deleted - print/xpdf/patches/patch-aq 1.4 - print/xpdf/patches/patch-bb deleted - print/xpdf/patches/patch-bc 1.2 - print/xpdf/patches/patch-bd deleted --- Module Name: pkgsrc Committed By: tez Date: Thu Oct 27 02:35:41 UTC 2011 Modified Files: pkgsrc/print/xpdf: Makefile distinfo pkgsrc/print/xpdf/patches: patch-aa patch-ai patch-ak patch-al patch-am patch-aq patch-bc Removed Files: pkgsrc/print/xpdf/patches: patch-ab patch-an patch-bb patch-bd Log Message: Update to 3.03 Fixes multiple vulnerabilites Change list too long to include here, see http://www.foolabs.com/xpdf/CHANGES (file does not note what changes were included in 3.02pl1 - 3.02pl4 and which are new for 3.03) --- Module Name: pkgsrc Committed By: tez Date: Thu Oct 27 14:54:41 UTC 2011 Added Files: pkgsrc/print/xpdf: MESSAGE Log Message: Add MESSAGE to notify users of change in xpdfrc commands. @ text @d5 3 a7 3 --- xpdf/Object.h.orig 2011-08-15 16:08:53.000000000 -0500 +++ xpdf/Object.h 2011-10-26 20:48:41.411023600 -0500 @@@@ -68,17 +68,18 @@@@ d30 1 a30 1 @@@@ -220,16 +221,16 @@@@ d51 1 a51 1 @@@@ -238,31 +239,31 @@@@ d62 1 a62 1 inline GBool Object::dictIs(const char *dictType) d66 1 a66 1 inline GBool Object::isDict(const char *dictType) d69 3 a71 3 inline Object *Object::dictLookup(const char *key, Object *obj, int recursion) - { return dict->lookup(key, obj, recursion); } + { if (type != objDict) return obj->initNull(); return dict->lookup(key, obj, recursion); } d73 1 a73 1 inline Object *Object::dictLookupNF(const char *key, Object *obj) d91 1 a91 1 @@@@ -271,33 +272,33 @@@@ @ 1.2 log @Update xpdf to 3.01 patch level 2. The patch level addresses a number of vulnerabilities reported and adds at least some constraint checks not done before. @ text @d1 1 a1 1 $NetBSD: patch-aq,v 1.1 2006/01/22 23:13:33 tron Exp $ d3 132 a134 30 --- xpdf/JPXStream.cc.orig 2006-01-22 22:52:51.000000000 +0000 +++ xpdf/JPXStream.cc 2006-01-22 22:48:31.000000000 +0000 @@@@ -7,6 +7,7 @@@@ //======================================================================== #include +#include #ifdef USE_GCC_PRAGMAS #pragma implementation @@@@ -818,13 +819,15 @@@@ / img.xTileSize; img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1) / img.yTileSize; - nTiles = img.nXTiles * img.nYTiles; // check for overflow before allocating memory - if (nTiles == 0 || nTiles / img.nXTiles != img.nYTiles) { - error(getPos(), "Bad tile count in JPX SIZ marker segment"); - return gFalse; + if (img.nXTiles <= 0 || img.nYTiles <= 0 || + img.nXTiles >= INT_MAX/img.nYTiles) { + error(getPos(), "Bad tile count in JPX SIZ marker segment"); + return gFalse; } + nTiles = img.nXTiles * img.nYTiles; img.tiles = (JPXTile *)gmallocn(nTiles, sizeof(JPXTile)); + for (i = 0; i < img.nXTiles * img.nYTiles; ++i) { img.tiles[i].tileComps = (JPXTileComp *)gmallocn(img.nComps, sizeof(JPXTileComp)); @ 1.2.18.1 log @Pullup ticket 2347 - requested by tonnerre security update for xpdf Revisions pulled up: - pkgsrc/print/xpdf/Makefile 1.65 - pkgsrc/print/xpdf/distinfo 1.33 - pkgsrc/print/xpdf/patches/patch-aq 1.3 - pkgsrc/print/xpdf/patches/patch-ar 1.4 Module Name: pkgsrc Committed By: tonnerre Date: Sun Apr 20 15:48:12 UTC 2008 Modified Files: pkgsrc/print/xpdf: Makefile distinfo Added Files: pkgsrc/print/xpdf/patches: patch-aq patch-ar Log Message: Fix embedded font handling (CVE-2008-1693). While at it, add a patch from upstream CVS which fixes display of 16-bit colors. Update from print/poppler. Approved-by: joerg @ text @d1 1 a1 1 $NetBSD: patch-aq,v 1.3 2008/04/20 15:48:12 tonnerre Exp $ d3 30 a32 132 Fix arbitrary code execution with embedded fonts (CVE-2008-1693). --- xpdf/Object.h.orig 2007-02-27 22:05:52.000000000 +0000 +++ xpdf/Object.h @@@@ -68,17 +68,18 @@@@ enum ObjType { //------------------------------------------------------------------------ #ifdef DEBUG_MEM -#define initObj(t) ++numAlloc[type = t] +#define initObj(t) zeroUnion(); ++numAlloc[type = t] #else -#define initObj(t) type = t +#define initObj(t) zeroUnion(); type = t #endif class Object { public: - + // attempt to clear the anonymous union + void zeroUnion() { this->name = NULL; } // Default constructor. Object(): - type(objNone) {} + type(objNone) { zeroUnion(); } // Initialize an object. Object *initBool(GBool boolnA) @@@@ -220,16 +221,16 @@@@ private: #include "Array.h" inline int Object::arrayGetLength() - { return array->getLength(); } + { if (type != objArray) return 0; return array->getLength(); } inline void Object::arrayAdd(Object *elem) - { array->add(elem); } + { if (type == objArray) array->add(elem); } inline Object *Object::arrayGet(int i, Object *obj) - { return array->get(i, obj); } + { if (type != objArray) return obj->initNull(); return array->get(i, obj); } inline Object *Object::arrayGetNF(int i, Object *obj) - { return array->getNF(i, obj); } + { if (type != objArray) return obj->initNull(); return array->getNF(i, obj); } //------------------------------------------------------------------------ // Dict accessors. @@@@ -238,31 +239,31 @@@@ inline Object *Object::arrayGetNF(int i, #include "Dict.h" inline int Object::dictGetLength() - { return dict->getLength(); } + { if (type != objDict) return 0; return dict->getLength(); } inline void Object::dictAdd(char *key, Object *val) - { dict->add(key, val); } + { if (type == objDict) dict->add(key, val); } inline GBool Object::dictIs(char *dictType) - { return dict->is(dictType); } + { return (type == objDict) && dict->is(dictType); } inline GBool Object::isDict(char *dictType) { return type == objDict && dictIs(dictType); } inline Object *Object::dictLookup(char *key, Object *obj) - { return dict->lookup(key, obj); } + { if (type != objDict) return obj->initNull(); return dict->lookup(key, obj); } inline Object *Object::dictLookupNF(char *key, Object *obj) - { return dict->lookupNF(key, obj); } + { if (type != objDict) return obj->initNull(); return dict->lookupNF(key, obj); } inline char *Object::dictGetKey(int i) - { return dict->getKey(i); } + { if (type != objDict) return NULL; return dict->getKey(i); } inline Object *Object::dictGetVal(int i, Object *obj) - { return dict->getVal(i, obj); } + { if (type != objDict) return obj->initNull(); return dict->getVal(i, obj); } inline Object *Object::dictGetValNF(int i, Object *obj) - { return dict->getValNF(i, obj); } + { if (type != objDict) return obj->initNull(); return dict->getValNF(i, obj); } //------------------------------------------------------------------------ // Stream accessors. @@@@ -271,33 +272,33 @@@@ inline Object *Object::dictGetValNF(int #include "Stream.h" inline GBool Object::streamIs(char *dictType) - { return stream->getDict()->is(dictType); } + { return (type == objStream) && stream->getDict()->is(dictType); } inline GBool Object::isStream(char *dictType) - { return type == objStream && streamIs(dictType); } + { return (type == objStream) && streamIs(dictType); } inline void Object::streamReset() - { stream->reset(); } + { if (type == objStream) stream->reset(); } inline void Object::streamClose() - { stream->close(); } + { if (type == objStream) stream->close(); } inline int Object::streamGetChar() - { return stream->getChar(); } + { if (type != objStream) return EOF; return stream->getChar(); } inline int Object::streamLookChar() - { return stream->lookChar(); } + { if (type != objStream) return EOF; return stream->lookChar(); } inline char *Object::streamGetLine(char *buf, int size) - { return stream->getLine(buf, size); } + { if (type != objStream) return NULL; return stream->getLine(buf, size); } inline Guint Object::streamGetPos() - { return stream->getPos(); } + { if (type != objStream) return 0; return stream->getPos(); } inline void Object::streamSetPos(Guint pos, int dir) - { stream->setPos(pos, dir); } + { if (type == objStream) stream->setPos(pos, dir); } inline Dict *Object::streamGetDict() - { return stream->getDict(); } + { if (type != objStream) return NULL; return stream->getDict(); } #endif @ 1.1 log @Apply security fix for SA18303 taken from Fedora Core 4. Bump package revision because of this fix. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-aq was added on branch pkgsrc-2005Q4 on 2006-01-22 23:13:33 +0000 @ text @d1 32 @ 1.1.2.2 log @Pullup ticket 1053 - requested by Matthias Scheler security fix for xpdf Revisions pulled up: - pkgsrc/print/xpdf/Makefile 1.52 - pkgsrc/print/xpdf/distinfo 1.25 - pkgsrc/print/xpdf/patches/patch-ao 1.3 - pkgsrc/print/xpdf/patches/patch-aq 1.1 - pkgsrc/print/xpdf/patches/patch-at 1.2 Module Name: pkgsrc Committed By: tron Date: Sun Jan 22 23:13:33 UTC 2006 Modified Files: pkgsrc/print/xpdf: Makefile distinfo pkgsrc/print/xpdf/patches: patch-at Added Files: pkgsrc/print/xpdf/patches: patch-ao patch-aq Log Message: Apply security fix for SA18303 taken from Fedora Core 4. Bump package revision because of this fix. @ text @a0 32 $NetBSD: patch-aq,v 1.1.2.1 2006/01/23 10:35:16 salo Exp $ --- xpdf/JPXStream.cc.orig 2006-01-22 22:52:51.000000000 +0000 +++ xpdf/JPXStream.cc 2006-01-22 22:48:31.000000000 +0000 @@@@ -7,6 +7,7 @@@@ //======================================================================== #include +#include #ifdef USE_GCC_PRAGMAS #pragma implementation @@@@ -818,13 +819,15 @@@@ / img.xTileSize; img.nYTiles = (img.ySize - img.yTileOffset + img.yTileSize - 1) / img.yTileSize; - nTiles = img.nXTiles * img.nYTiles; // check for overflow before allocating memory - if (nTiles == 0 || nTiles / img.nXTiles != img.nYTiles) { - error(getPos(), "Bad tile count in JPX SIZ marker segment"); - return gFalse; + if (img.nXTiles <= 0 || img.nYTiles <= 0 || + img.nXTiles >= INT_MAX/img.nYTiles) { + error(getPos(), "Bad tile count in JPX SIZ marker segment"); + return gFalse; } + nTiles = img.nXTiles * img.nYTiles; img.tiles = (JPXTile *)gmallocn(nTiles, sizeof(JPXTile)); + for (i = 0; i < img.nXTiles * img.nYTiles; ++i) { img.tiles[i].tileComps = (JPXTileComp *)gmallocn(img.nComps, sizeof(JPXTileComp)); @