public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

poppler_0_61: add patch for CVE-2019-9959

Browse Source 
custom adapted patch to accommodate the openjpeg1/openjpeg2 split that
0.61 still has
This commit is contained in:
Robert Scott 2019-10-12 14:35:01 +01:00
parent ce2bbeb5ed
commit e6889d46e0
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch Normal file
View File

@ -0,0 +1,20 @@
diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
--- a/poppler/JPEG2000Stream.cc
+++ b/poppler/JPEG2000Stream.cc
@@ -201,7 +201,7 @@ void JPXStream::init()
if (getDict()) smaskInData = getDict()->lookup("SMaskInData");
int bufSize = BUFFER_INITIAL_SIZE;
- if (oLen.isInt()) bufSize = oLen.getInt();
+ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
if (cspace.isArray() && cspace.arrayGetLength() > 0) {
@@ -365,7 +365,7 @@ void JPXStream::init()
}
int bufSize = BUFFER_INITIAL_SIZE;
- if (oLen.isInt()) bufSize = oLen.getInt();
+ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
if (cspace.isArray() && cspace.arrayGetLength() > 0) {

1
pkgs/development/libraries/poppler/0.61.nix
View File

@ -27,6 +27,7 @@ stdenv.mkDerivation rec {
url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee"; url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee";
sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2"; sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2";
}) })
./0.61-CVE-2019-9959.patch
]; ];
buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data; buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data;