summaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2019-03-27 18:05:05 +0100
committerMarius Bakke <mbakke@fastmail.com>2019-03-27 18:05:05 +0100
commit0fa50555975dcad5dc2c886d1c496b2335be6a28 (patch)
treee121b04321b789c4222d8925cbe32ee7759392e3 /gnu/packages/patches
parent3374e9207f5244c20402a3c5513fe562140fef47 (diff)
gnu: texlive-bin: Adopt LFS patch.
The origin disappeared, and the new revision does not include all the Poppler fixes. Adjust the package to take Arch's Poppler patches instead. * gnu/packages/patches/texlive-bin-CVE-2018-17407.patch: New file. * gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch, gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/tex.scm (texlive-bin)[source](patches): Likewise. [arguments]: Likewise.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/texlive-bin-CVE-2018-17407.patch249
-rw-r--r--gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch188
-rw-r--r--gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch31
3 files changed, 249 insertions, 219 deletions
diff --git a/gnu/packages/patches/texlive-bin-CVE-2018-17407.patch b/gnu/packages/patches/texlive-bin-CVE-2018-17407.patch
new file mode 100644
index 0000000000..63646d420c
--- /dev/null
+++ b/gnu/packages/patches/texlive-bin-CVE-2018-17407.patch
@@ -0,0 +1,249 @@
+This patch adds support for newer versions of Poppler and some upstream
+TexLive fixes, including one for CVE-2018-17407.
+
+It is taken from Linux From Scratch:
+<http://www.linuxfromscratch.org/patches/blfs/svn/texlive-20180414-source-upstream_fixes-3.patch>.
+
+Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
+Date: 2018-12-26
+Initial Package Version: 20180414
+Upstream Status: Applied
+Origin: Upstream
+Description: Two fixes, cherry-picked from svn plus a CVE fix.
+I have removed the partial fixes for various system versions of poppler.
+
+r47469 Fix segfault in dvipdfm-x (XeTeX) on 1/2/4-bit transparent indexed PNGs.
+
+r47477 Fix a ptex regression for discontinuous kinsoku table.
+
+Also, via fedora (I got lost in svn) a critical fix for CVE-2018-17407
+
+"A buffer overflow in the handling of Type 1 fonts allows arbitrary code
+execution when a malicious font is loaded by one of the vulnerable tools:
+pdflatex, pdftex, dvips, or luatex."
+
+diff -Naur a/texk/dvipdfm-x/pngimage.c b/texk/dvipdfm-x/pngimage.c
+--- a/texk/dvipdfm-x/pngimage.c 2018-02-17 08:41:35.000000000 +0000
++++ b/texk/dvipdfm-x/pngimage.c 2018-10-09 01:52:01.648670875 +0100
+@@ -964,12 +964,16 @@
+ png_bytep trans;
+ int num_trans;
+ png_uint_32 i;
++ png_byte bpc, mask, shift;
+
+ if (!png_get_valid(png_ptr, info_ptr, PNG_INFO_tRNS) ||
+ !png_get_tRNS(png_ptr, info_ptr, &trans, &num_trans, NULL)) {
+ WARN("%s: PNG does not have valid tRNS chunk but tRNS is requested.", PNG_DEBUG_STR);
+ return NULL;
+ }
++ bpc = png_get_bit_depth(png_ptr, info_ptr);
++ mask = 0xff >> (8 - bpc);
++ shift = 8 - bpc;
+
+ smask = pdf_new_stream(STREAM_COMPRESS);
+ dict = pdf_stream_dict(smask);
+@@ -981,7 +985,8 @@
+ pdf_add_dict(dict, pdf_new_name("ColorSpace"), pdf_new_name("DeviceGray"));
+ pdf_add_dict(dict, pdf_new_name("BitsPerComponent"), pdf_new_number(8));
+ for (i = 0; i < width*height; i++) {
+- png_byte idx = image_data_ptr[i];
++ /* data is packed for 1/2/4 bpc formats, msb first */
++ png_byte idx = (image_data_ptr[bpc * i / 8] >> (shift - bpc * i % 8)) & mask;
+ smask_data_ptr[i] = (idx < num_trans) ? trans[idx] : 0xff;
+ }
+ pdf_add_stream(smask, (char *)smask_data_ptr, width*height);
+diff -Naur a/texk/dvipsk/writet1.c b/texk/dvipsk/writet1.c
+--- a/texk/dvipsk/writet1.c 2016-11-25 18:24:26.000000000 +0000
++++ b/texk/dvipsk/writet1.c 2018-10-09 01:52:01.648670875 +0100
+@@ -1449,7 +1449,9 @@
+ *(strend(t1_buf_array) - 1) = ' ';
+
+ t1_getline();
++ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
+ strcat(t1_buf_array, t1_line_array);
++ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
+ strcpy(t1_line_array, t1_buf_array);
+ t1_line_ptr = eol(t1_line_array);
+ }
+diff -Naur a/texk/web2c/luatexdir/font/writet1.w b/texk/web2c/luatexdir/font/writet1.w
+--- a/texk/web2c/luatexdir/font/writet1.w 2016-11-25 18:24:34.000000000 +0000
++++ b/texk/web2c/luatexdir/font/writet1.w 2018-10-09 01:52:01.648670875 +0100
+@@ -1625,7 +1625,9 @@
+ if (sscanf(p, "%i", &i) != 1) {
+ strcpy(t1_buf_array, t1_line_array);
+ t1_getline();
++ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
+ strcat(t1_buf_array, t1_line_array);
++ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
+ strcpy(t1_line_array, t1_buf_array);
+ t1_line_ptr = eol(t1_line_array);
+ }
+diff -Naur a/texk/web2c/luatexdir/image/pdftoepdf.w b/texk/web2c/luatexdir/image/pdftoepdf.w
+--- a/texk/web2c/luatexdir/image/pdftoepdf.w 2018-01-17 18:00:12.000000000 +0000
++++ b/texk/web2c/luatexdir/image/pdftoepdf.w 2018-10-09 01:52:01.648670875 +0100
+@@ -472,10 +472,10 @@
+ break;
+ */
+ case objString:
+- copyString(pdf, obj->getString());
++ copyString(pdf, (GooString *)obj->getString());
+ break;
+ case objName:
+- copyName(pdf, obj->getName());
++ copyName(pdf, (char *)obj->getName());
+ break;
+ case objNull:
+ pdf_add_null(pdf);
+diff -Naur a/texk/web2c/luatexdir/lua/lepdflib.cc b/texk/web2c/luatexdir/lua/lepdflib.cc
+--- a/texk/web2c/luatexdir/lua/lepdflib.cc 2018-02-14 14:44:38.000000000 +0000
++++ b/texk/web2c/luatexdir/lua/lepdflib.cc 2018-10-09 01:52:01.649670868 +0100
+@@ -674,7 +674,7 @@
+ uin = (udstruct *) luaL_checkudata(L, 1, M_##in); \
+ if (uin->pd != NULL && uin->pd->pc != uin->pc) \
+ pdfdoc_changed_error(L); \
+- gs = ((in *) uin->d)->function(); \
++ gs = (GooString *)((in *) uin->d)->function(); \
+ if (gs != NULL) \
+ lua_pushlstring(L, gs->getCString(), gs->getLength()); \
+ else \
+@@ -1813,7 +1813,7 @@
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+ if (((Object *) uin->d)->isString()) {
+- gs = ((Object *) uin->d)->getString();
++ gs = (GooString *)((Object *) uin->d)->getString();
+ lua_pushlstring(L, gs->getCString(), gs->getLength());
+ } else
+ lua_pushnil(L);
+diff -Naur a/texk/web2c/pdftexdir/writet1.c b/texk/web2c/pdftexdir/writet1.c
+--- a/texk/web2c/pdftexdir/writet1.c 2016-11-25 18:24:37.000000000 +0000
++++ b/texk/web2c/pdftexdir/writet1.c 2018-10-09 01:52:01.649670868 +0100
+@@ -1598,7 +1598,9 @@
+ *(strend(t1_buf_array) - 1) = ' ';
+
+ t1_getline();
++ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
+ strcat(t1_buf_array, t1_line_array);
++ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
+ strcpy(t1_line_array, t1_buf_array);
+ t1_line_ptr = eol(t1_line_array);
+ }
+diff -Naur a/texk/web2c/ptexdir/ptex_version.h b/texk/web2c/ptexdir/ptex_version.h
+--- a/texk/web2c/ptexdir/ptex_version.h 2018-01-21 03:48:06.000000000 +0000
++++ b/texk/web2c/ptexdir/ptex_version.h 2018-10-09 01:52:01.649670868 +0100
+@@ -1 +1 @@
+-#define PTEX_VERSION "p3.8.0"
++#define PTEX_VERSION "p3.8.1"
+diff -Naur a/texk/web2c/ptexdir/tests/free_ixsp.tex b/texk/web2c/ptexdir/tests/free_ixsp.tex
+--- a/texk/web2c/ptexdir/tests/free_ixsp.tex 1970-01-01 01:00:00.000000000 +0100
++++ b/texk/web2c/ptexdir/tests/free_ixsp.tex 2018-10-09 01:52:01.649670868 +0100
+@@ -0,0 +1,53 @@
++%#!eptex -ini -etex
++\let\dump\relax
++\batchmode
++\input plain
++
++\errorstopmode
++\catcode`@=11
++\newcount\@tempcnta
++\newcount\@tempcntb
++\newcount\@tempcntc
++\mathchardef\LIM=256
++
++\def\MYCHAR#1{%
++ \@tempcntc=\numexpr7*#1+"101\relax
++ \@tempcnta=\@tempcntc\divide\@tempcnta 94
++ \@tempcntb=\numexpr\@tempcntc-94*\@tempcnta+1\relax
++ \ifnum\@tempcntb<0\advance\@tempcntb94 \advance\@tempcnta-1\fi
++ \advance\@tempcnta18 % 18区以降
++ \CNTA=\kuten\numexpr"100*\@tempcnta+\@tempcntb\relax
++}
++
++\newcount\CNT\newcount\CNTA
++\CNT=0
++\loop
++ \MYCHAR\CNT
++ \message{\the\CNT.}
++ \inhibitxspcode\CNTA=1\relax
++ \advance\CNT1\relax
++ \ifnum\CNT<\LIM
++\repeat
++
++\newcount\CNTB
++
++\loop
++ \MYCHAR\CNTB
++ \global\inhibitxspcode\CNTA=3
++{%
++\CNT=0
++\loop
++ \MYCHAR\CNT
++ \count@=\numexpr 1-\inhibitxspcode\CNTA\relax
++ \ifnum\count@=0\else\ifnum\CNTB=\CNT\else
++ \errmessage{<\the\CNTB, \the\CNT, \the\inhibitxspcode\CNTA>}\fi\fi
++ \advance\CNT1\relax
++ \ifnum\CNT<\LIM
++\repeat
++}
++ \MYCHAR\CNTB
++ \global\inhibitxspcode\CNTA=1\relax
++ \advance\CNTB1\relax
++ \ifnum\CNTB<\LIM
++\repeat
++\bye
+diff -Naur a/texk/web2c/ptexdir/tests/free_pena.tex b/texk/web2c/ptexdir/tests/free_pena.tex
+--- a/texk/web2c/ptexdir/tests/free_pena.tex 1970-01-01 01:00:00.000000000 +0100
++++ b/texk/web2c/ptexdir/tests/free_pena.tex 2018-10-09 01:52:01.649670868 +0100
+@@ -0,0 +1,52 @@
++%#!eptex -ini -etex
++\let\dump\relax
++\batchmode
++\input plain
++
++\errorstopmode
++\catcode`@=11
++\newcount\@tempcnta
++\newcount\@tempcntb
++\newcount\@tempcntc
++\mathchardef\LIM=256
++
++\def\MYCHAR#1{%
++ \@tempcntc=\numexpr7*#1+"101\relax
++ \@tempcnta=\@tempcntc\divide\@tempcnta 94
++ \@tempcntb=\numexpr\@tempcntc-94*\@tempcnta+1\relax
++ \ifnum\@tempcntb<0\advance\@tempcntb94 \advance\@tempcnta-1\fi
++ \advance\@tempcnta18 % 18区以降
++ \CNTA=\kuten\numexpr"100*\@tempcnta+\@tempcntb\relax
++}
++
++\newcount\CNT\newcount\CNTA
++\CNT=0
++\loop
++ \MYCHAR\CNT
++ \message{\the\CNT.}
++ \prebreakpenalty\CNTA=\numexpr\CNT+1\relax
++ \advance\CNT1\relax
++ \ifnum\CNT<\LIM
++\repeat
++
++\newcount\CNTB
++
++\loop
++ \MYCHAR\CNTB
++ \global\prebreakpenalty\CNTA=0
++{%
++\CNT=0
++\loop
++ \MYCHAR\CNT
++ \count@=\numexpr -\CNT-1+\prebreakpenalty\CNTA\relax
++ \ifnum\count@=0\else\ifnum\CNTB=\CNT\else\errmessage{<\the\CNTB, \the\CNT>}\fi\fi
++ \advance\CNT1\relax
++ \ifnum\CNT<\LIM
++\repeat
++}
++ \MYCHAR\CNTB
++ \global\prebreakpenalty\CNTA=\numexpr\CNTB+1\relax
++ \advance\CNTB1\relax
++ \ifnum\CNTB<\LIM
++\repeat
++\bye
diff --git a/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch
deleted file mode 100644
index eba4733f32..0000000000
--- a/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch
+++ /dev/null
@@ -1,188 +0,0 @@
-Fix compatibility with Poppler 0.72.
-
-These files are taken from the upstream "poppler0.72.0.cc" variants and
-diffed against the "newpoppler" files from the 20180414 distribution.
-
-See revision 49336:
-https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/pdftexdir/
-
---- a/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100
-+++ b/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100
-@@ -22,7 +22,7 @@
- https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk
- by Arch Linux. A little modifications are made to avoid a crash for
- some kind of pdf images, such as figure_missing.pdf in gnuplot.
--The poppler should be 0.59.0 or newer versions.
-+The poppler should be 0.72.0 or newer versions.
- POPPLER_VERSION should be defined.
- */
-
-@@ -120,7 +120,7 @@
-
- static InObj *inObjList;
- static UsedEncoding *encodingList;
--static GBool isInit = gFalse;
-+static bool isInit = false;
-
- // --------------------------------------------------------------------
- // Maintain list of open embedded PDF files
-@@ -317,7 +317,7 @@
- pdf_puts("<<\n");
- assert(r->type == objFont); // FontDescriptor is in fd_tree
- for (i = 0, l = obj->dictGetLength(); i < l; ++i) {
-- key = obj->dictGetKey(i);
-+ key = (char *)obj->dictGetKey(i);
- if (strncmp("FontDescriptor", key, strlen("FontDescriptor")) == 0
- || strncmp("BaseFont", key, strlen("BaseFont")) == 0
- || strncmp("Encoding", key, strlen("Encoding")) == 0)
-@@ -427,7 +427,7 @@
- charset = fontdesc.dictLookup("CharSet");
- if (!charset.isNull() &&
- charset.isString() && is_subsetable(fontmap))
-- epdf_mark_glyphs(fd, (char *)charset.getString()->getCString());
-+ epdf_mark_glyphs(fd, (char *)charset.getString()->c_str());
- else
- embed_whole_font(fd);
- addFontDesc(fontdescRef.getRef(), fd);
-@@ -454,7 +454,7 @@
- for (i = 0, l = obj->dictGetLength(); i < l; ++i) {
- fontRef = obj->dictGetValNF(i);
- if (fontRef.isRef())
-- copyFont(obj->dictGetKey(i), &fontRef);
-+ copyFont((char *)obj->dictGetKey(i), &fontRef);
- else if (fontRef.isDict()) { // some programs generate pdf with embedded font object
- copyName((char *)obj->dictGetKey(i));
- pdf_puts(" ");
-@@ -566,7 +566,7 @@
- pdf_printf("%s", convertNumToPDF(obj->getNum()));
- } else if (obj->isString()) {
- s = (GooString *)obj->getString();
-- p = s->getCString();
-+ p = (char *)s->c_str();
- l = s->getLength();
- if (strlen(p) == (unsigned int) l) {
- pdf_puts("(");
-@@ -664,7 +664,7 @@
- ("PDF inclusion: CID fonts are not supported"
- " (try to disable font replacement to fix this)");
- }
-- if ((s = ((Gfx8BitFont *) r->font)->getCharName(i)) != 0)
-+ if ((s = (char *)((Gfx8BitFont *) r->font)->getCharName(i)) != 0)
- glyphNames[i] = s;
- else
- glyphNames[i] = notdef;
-@@ -683,7 +683,7 @@
- }
-
- // get the pagebox according to the pagebox_spec
--static PDFRectangle *get_pagebox(Page * page, int pagebox_spec)
-+static const PDFRectangle *get_pagebox(Page * page, int pagebox_spec)
- {
- if (pagebox_spec == pdfboxspecmedia)
- return page->getMediaBox();
-@@ -715,7 +715,7 @@
- {
- PdfDocument *pdf_doc;
- Page *page;
-- PDFRectangle *pagebox;
-+ const PDFRectangle *pagebox;
- #ifdef POPPLER_VERSION
- int pdf_major_version_found, pdf_minor_version_found;
- #else
-@@ -724,8 +724,8 @@
- // initialize
- if (!isInit) {
- globalParams = new GlobalParams();
-- globalParams->setErrQuiet(gFalse);
-- isInit = gTrue;
-+ globalParams->setErrQuiet(false);
-+ isInit = true;
- }
- // open PDF file
- pdf_doc = find_add_document(image_name);
-@@ -849,7 +849,7 @@
- pageObj = xref->fetch(pageRef->num, pageRef->gen);
- pageDict = pageObj.getDict();
- rotate = page->getRotate();
-- PDFRectangle *pagebox;
-+ const PDFRectangle *pagebox;
- // write the Page header
- pdf_puts("/Type /XObject\n");
- pdf_puts("/Subtype /Form\n");
-@@ -977,7 +977,7 @@
- }
- l = dic1.getLength();
- for (i = 0; i < l; i++) {
-- groupDict.dictAdd(copyString(dic1.getKey(i)),
-+ groupDict.dictAdd((const char *)copyString(dic1.getKey(i)),
- dic1.getValNF(i));
- }
- // end modification
-@@ -1001,14 +1001,14 @@
- pdf_puts("/Resources <<\n");
- for (i = 0, l = obj1->dictGetLength(); i < l; ++i) {
- obj2 = obj1->dictGetVal(i);
-- key = obj1->dictGetKey(i);
-+ key = (char *)obj1->dictGetKey(i);
- if (strcmp("Font", key) == 0)
- copyFontResources(&obj2);
- else if (strcmp("ProcSet", key) == 0)
- copyProcSet(&obj2);
- else
-- copyOtherResources(&obj2, key);
-+ copyOtherResources(&obj2, (char *)key);
- }
- pdf_puts(">>\n");
- }
-
---- a/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100
-+++ b/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100
-@@ -20,7 +20,7 @@
- /*
- This is based on the patch texlive-poppler-0.59.patch <2017-09-19> at
- https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk
--by Arch Linux. The poppler should be 0.59.0 or newer versions.
-+by Arch Linux. The poppler should be 0.72.0 or newer versions.
- POPPLER_VERSION should be defined.
- */
-
-@@ -109,7 +109,7 @@
- fprintf(stderr, "No SourceName found\n");
- exit(1);
- }
-- outname = (char *)srcName.getString()->getCString();
-+ outname = (char *)srcName.getString()->c_str();
- // We cannot free srcName, as objname shares its string.
- // srcName.free();
- } else if (objnum > 0) {
-@@ -118,7 +118,7 @@
- fprintf(stderr, "Not a Stream object\n");
- exit(1);
- }
-- sprintf(buf, "%s", fileName->getCString());
-+ sprintf(buf, "%s", fileName->c_str());
- if ((p = strrchr(buf, '.')) == 0)
- p = strchr(buf, 0);
- if (objgen == 0)
-@@ -128,7 +128,7 @@
- outname = buf;
- } else { // objnum < 0 means we are extracting the XRef table
- extract_xref_table = true;
-- sprintf(buf, "%s", fileName->getCString());
-+ sprintf(buf, "%s", fileName->c_str());
- if ((p = strrchr(buf, '.')) == 0)
- p = strchr(buf, 0);
- sprintf(p, ".xref");
-@@ -173,9 +173,9 @@
-
- // parse the header: object numbers and offsets
- objStr.streamReset();
-- str = new EmbedStream(objStr.getStream(), Object(objNull), gTrue, first);
-+ str = new EmbedStream(objStr.getStream(), Object(objNull), true, first);
- lexer = new Lexer(xref, str);
-- parser = new Parser(xref, lexer, gFalse);
-+ parser = new Parser(xref, lexer, false);
- for (n = 0; n < nObjects; ++n) {
- obj1 = parser->getObj();
- obj2 = parser->getObj();
-
diff --git a/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch
deleted file mode 100644
index cac716cc59..0000000000
--- a/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix compatibility with Poppler 0.72.
-
-Patch taken from upstream:
-https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/xetexdir/pdfimage.cpp?r1=44964&r2=48969&diff_format=u
-
---- a/texk/web2c/xetexdir/pdfimage.cpp 2017/08/06 07:12:02 44964
-+++ b/texk/web2c/xetexdir/pdfimage.cpp 2018/10/22 04:01:42 48969
-@@ -82,19 +82,19 @@
- switch (pdf_box) {
- default:
- case pdfbox_crop:
-- r = page->getCropBox();
-+ r = (PDFRectangle *)page->getCropBox();
- break;
- case pdfbox_media:
-- r = page->getMediaBox();
-+ r = (PDFRectangle *)page->getMediaBox();
- break;
- case pdfbox_bleed:
-- r = page->getBleedBox();
-+ r = (PDFRectangle *)page->getBleedBox();
- break;
- case pdfbox_trim:
-- r = page->getTrimBox();
-+ r = (PDFRectangle *)page->getTrimBox();
- break;
- case pdfbox_art:
-- r = page->getArtBox();
-+ r = (PDFRectangle *)page->getArtBox();
- break;
- }