[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: gnu: Poppler: Fix CVE-2018-19149.
|
From: |
Leo Famulari |
|
Subject: |
01/02: gnu: Poppler: Fix CVE-2018-19149. |
|
Date: |
Tue, 13 Nov 2018 11:28:42 -0500 (EST) |
lfam pushed a commit to branch master
in repository guix.
commit 021bf6af182099dbb0178e19a2f461aeb0eef686
Author: Leo Famulari <address@hidden>
Date: Tue Nov 13 10:33:27 2018 -0500
gnu: Poppler: Fix CVE-2018-19149.
* gnu/packages/patches/poppler-CVE-2018-19149.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler)[replacement]: New field.
(poppler/fixed): New variable.
(poppler-qt4, poppler-qt5): Use package/inherit.
---
gnu/local.mk | 1 +
gnu/packages/patches/poppler-CVE-2018-19149.patch | 80 +++++++++++++++++++++++
gnu/packages/pdf.scm | 13 +++-
3 files changed, 92 insertions(+), 2 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 48ee438..23a6cb3 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1046,6 +1046,7 @@ dist_patch_DATA =
\
%D%/packages/patches/plink-1.07-unclobber-i.patch \
%D%/packages/patches/plink-endian-detection.patch \
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
+ %D%/packages/patches/poppler-CVE-2018-19149.patch \
%D%/packages/patches/portaudio-audacity-compat.patch \
%D%/packages/patches/portmidi-modular-build.patch \
%D%/packages/patches/potrace-tests.patch \
diff --git a/gnu/packages/patches/poppler-CVE-2018-19149.patch
b/gnu/packages/patches/poppler-CVE-2018-19149.patch
new file mode 100644
index 0000000..3641f5f
--- /dev/null
+++ b/gnu/packages/patches/poppler-CVE-2018-19149.patch
@@ -0,0 +1,80 @@
+Fix CVE-2018-19149:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
+https://gitlab.freedesktop.org/poppler/poppler/issues/664
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
+
+From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001
+From: Marek Kasik <address@hidden>
+Date: Fri, 20 Apr 2018 11:38:13 +0200
+Subject: [PATCH] Fix crash on missing embedded file
+
+Check whether an embedded file is actually present in the PDF
+and show warning in that case.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=106137
+https://gitlab.freedesktop.org/poppler/poppler/issues/236
+---
+ glib/poppler-attachment.cc | 26 +++++++++++++++++---------
+ glib/poppler-document.cc | 3 ++-
+ 2 files changed, 19 insertions(+), 10 deletions(-)
+
+diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc
+index c6502e9d..11ba5bb5 100644
+--- a/glib/poppler-attachment.cc
++++ b/glib/poppler-attachment.cc
+@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file)
+ attachment->description = _poppler_goo_string_to_utf8
(emb_file->getDescription ());
+
+ embFile = emb_file->getEmbeddedFile();
+- attachment->size = embFile->size ();
++ if (embFile != NULL && embFile->streamObject()->isStream())
++ {
++ attachment->size = embFile->size ();
+
+- if (embFile->createDate ())
+- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t
*)&attachment->ctime);
+- if (embFile->modDate ())
+- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t
*)&attachment->mtime);
++ if (embFile->createDate ())
++ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t
*)&attachment->ctime);
++ if (embFile->modDate ())
++ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t
*)&attachment->mtime);
+
+- if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
+- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString
(),
+- embFile->checksum ()->getLength
());
+- priv->obj_stream = embFile->streamObject()->copy();
++ if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
++ attachment->checksum = g_string_new_len (embFile->checksum
()->getCString (),
++ embFile->checksum
()->getLength ());
++ priv->obj_stream = embFile->streamObject()->copy();
++ }
++ else
++ {
++ g_warning ("Missing stream object for embedded file");
++ g_clear_object (&attachment);
++ }
+
+ return attachment;
+ }
+diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc
+index 83f6aea6..ea319344 100644
+--- a/glib/poppler-document.cc
++++ b/glib/poppler-document.cc
+@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument
*document)
+ attachment = _poppler_attachment_new (emb_file);
+ delete emb_file;
+
+- retval = g_list_prepend (retval, attachment);
++ if (attachment != NULL)
++ retval = g_list_prepend (retval, attachment);
+ }
+ return g_list_reverse (retval);
+ }
+--
+2.19.1
+
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index dc966b6..9ffc5cb 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -82,6 +82,7 @@
(define-public poppler
(package
(name "poppler")
+ (replacement poppler/fixed)
(version "0.63.0")
(source (origin
(method url-fetch)
@@ -127,6 +128,14 @@
(license license:gpl2+)
(home-page "https://poppler.freedesktop.org/";)))
+(define poppler/fixed
+ (package
+ (inherit poppler)
+ (source (origin
+ (inherit (package-source poppler))
+ (patches (append (origin-patches (package-source poppler))
+ (search-patches
"poppler-CVE-2018-19149.patch")))))))
+
(define-public poppler-data
(package
(name "poppler-data")
@@ -158,14 +167,14 @@ When present, Poppler is able to correctly render CJK and
Cyrillic text.")
license:gpl2))))
(define-public poppler-qt4
- (package (inherit poppler)
+ (package/inherit poppler
(name "poppler-qt4")
(inputs `(("qt-4" ,qt-4)
,@(package-inputs poppler)))
(synopsis "Qt4 frontend for the Poppler PDF rendering library")))
(define-public poppler-qt5
- (package (inherit poppler)
+ (package/inherit poppler
(name "poppler-qt5")
(inputs `(("qtbase" ,qtbase)
,@(package-inputs poppler)))