svn commit: r513786 - in head/graphics/xpdf3: . files
Cy Schubert
cy at FreeBSD.org
Fri Oct 4 22:12:45 UTC 2019
Author: cy
Date: Fri Oct 4 22:12:43 2019
New Revision: 513786
URL: https://svnweb.freebsd.org/changeset/ports/513786
Log:
Backport fix for CVE-2019-16927 and CVE-2019-9877 from xpdf4.
PR: 241066
Submitted by: naddy
MFH: 2019Q4
Added:
head/graphics/xpdf3/files/patch-xpdf_TextOutputDev.cc (contents, props changed)
Modified:
head/graphics/xpdf3/Makefile (contents, props changed)
Modified: head/graphics/xpdf3/Makefile
==============================================================================
--- head/graphics/xpdf3/Makefile Fri Oct 4 22:12:40 2019 (r513785)
+++ head/graphics/xpdf3/Makefile Fri Oct 4 22:12:43 2019 (r513786)
@@ -2,7 +2,7 @@
PORTNAME= xpdf
PORTVERSION= 3.04
-PORTREVISION= 10
+PORTREVISION= 11
CATEGORIES= graphics print
MASTER_SITES= https://xpdfreader-dl.s3.amazonaws.com/old/
.if !defined(MASTERDIR)
Added: head/graphics/xpdf3/files/patch-xpdf_TextOutputDev.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/xpdf3/files/patch-xpdf_TextOutputDev.cc Fri Oct 4 22:12:43 2019 (r513786)
@@ -0,0 +1,15 @@
+--- xpdf/TextOutputDev.cc.orig 2019-10-04 19:39:06 UTC
++++ xpdf/TextOutputDev.cc
+@@ -2472,6 +2472,12 @@ TextBlock *TextPage::split(GList *charsA, int rot) {
+
+ //----- compute the horizontal and vertical profiles
+
++ if (xMin / splitPrecision < 0.5 * INT_MIN ||
++ xMax / splitPrecision > 0.5 * INT_MAX ||
++ yMin / splitPrecision < 0.5 * INT_MIN ||
++ xMax / splitPrecision > 0.5 * INT_MAX) {
++ return NULL;
++ }
+ // add some slack to the array bounds to avoid floating point
+ // precision problems
+ xMinI = (int)floor(xMin / splitPrecision) - 1;
More information about the svn-ports-all
mailing list