public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #71042 from risicle/ris-poppler-0.61-CVE-2019-9959

Browse Source 
poppler_0_61: add patch for CVE-2019-9959
This commit is contained in:
Thomas Tuegel 2019-10-13 13:47:44 -05:00 committed by GitHub
commit 08ff114eec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch Normal file
View File

@ -0,0 +1,20 @@
diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
--- a/poppler/JPEG2000Stream.cc
+++ b/poppler/JPEG2000Stream.cc
@@ -201,7 +201,7 @@ void JPXStream::init()
if (getDict()) smaskInData = getDict()->lookup("SMaskInData");
int bufSize = BUFFER_INITIAL_SIZE;
- if (oLen.isInt()) bufSize = oLen.getInt();
+ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
if (cspace.isArray() && cspace.arrayGetLength() > 0) {
@@ -365,7 +365,7 @@ void JPXStream::init()
}
int bufSize = BUFFER_INITIAL_SIZE;
- if (oLen.isInt()) bufSize = oLen.getInt();
+ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
if (cspace.isArray() && cspace.arrayGetLength() > 0) {

5
pkgs/development/libraries/poppler/0.61.nix
View File

@ -8,7 +8,7 @@
}:
let
version = "0.61.0";
version = "0.61.1";
mkFlag = optset: flag: "-DENABLE_${flag}=${if optset then "on" else "off"}";
in
stdenv.mkDerivation rec {
@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "${meta.homepage}/poppler-${version}.tar.xz";
sha256 = "0zrbb1b77k6bm2qdnra08jnbyllv6vj29790igmp6fzs59xf3kak";
sha256 = "1afdrxxkaivvviazxkg5blsf2x24sjkfj92ib0d3q5pm8dihjrhj";
};
outputs = [ "out" "dev" ];
@ -27,6 +27,7 @@ stdenv.mkDerivation rec {
url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee";
sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2";
})
./0.61-CVE-2019-9959.patch
];
buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data;