import poppler-20.11.0-5.el8

This commit is contained in:
CentOS Sources 2022-09-27 07:41:49 -04:00 committed by Stepan Oksanichenko
parent 488132df23
commit c0015d4d93
2 changed files with 67 additions and 1 deletions

View File

@ -0,0 +1,58 @@
From 81044c64b9ed9a10ae82a28bac753060bdfdac74 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Tue, 15 Mar 2022 15:14:32 +0100
Subject: Hints::readTables: bail out if we run out of file when reading
Fixes #1230
diff --git a/poppler/Hints.cc b/poppler/Hints.cc
index 79f04088..4707e1c6 100644
--- a/poppler/Hints.cc
+++ b/poppler/Hints.cc
@@ -5,7 +5,7 @@
// This file is licensed under the GPLv2 or later
//
// Copyright 2010, 2012 Hib Eris <hib@hiberis.nl>
-// Copyright 2010, 2011, 2013, 2014, 2016-2019 Albert Astals Cid <aacid@kde.org>
+// Copyright 2010, 2011, 2013, 2014, 2016-2019, 2021, 2022 Albert Astals Cid <aacid@kde.org>
// Copyright 2010, 2013 Pino Toscano <pino@kde.org>
// Copyright 2013 Adrian Johnson <ajohnson@redneon.com>
// Copyright 2014 Fabio D'Urso <fabiodurso@hotmail.it>
@@ -189,21 +189,31 @@ void Hints::readTables(BaseStream *str, Linearization *linearization, XRef *xref
char *p = &buf[0];
if (hintsOffset && hintsLength) {
- Stream *s = str->makeSubStream(hintsOffset, false, hintsLength, Object(objNull));
+ std::unique_ptr<Stream> s(str->makeSubStream(hintsOffset, false, hintsLength, Object(objNull)));
s->reset();
for (unsigned int i = 0; i < hintsLength; i++) {
- *p++ = s->getChar();
+ const int c = s->getChar();
+ if (unlikely(c == EOF)) {
+ error(errSyntaxWarning, -1, "Found EOF while reading hints");
+ ok = false;
+ return;
+ }
+ *p++ = c;
}
- delete s;
}
if (hintsOffset2 && hintsLength2) {
- Stream *s = str->makeSubStream(hintsOffset2, false, hintsLength2, Object(objNull));
+ std::unique_ptr<Stream> s(str->makeSubStream(hintsOffset2, false, hintsLength2, Object(objNull)));
s->reset();
for (unsigned int i = 0; i < hintsLength2; i++) {
- *p++ = s->getChar();
+ const int c = s->getChar();
+ if (unlikely(c == EOF)) {
+ error(errSyntaxWarning, -1, "Found EOF while reading hints2");
+ ok = false;
+ return;
+ }
+ *p++ = c;
}
- delete s;
}
MemStream *memStream = new MemStream(&buf[0], 0, bufLength, Object(objNull));

View File

@ -4,7 +4,7 @@
Summary: PDF rendering library
Name: poppler
Version: 20.11.0
Release: 4%{?dist}
Release: 5%{?dist}
License: (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
URL: http://poppler.freedesktop.org/
Source0: http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@ -27,6 +27,9 @@ Patch22: poppler-20.11.0-check-gdatetime.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2002575
Patch23: poppler-20.11.0-bad-generation.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2087190
Patch24: poppler-20.11.0-hints.patch
BuildRequires: cmake
BuildRequires: gettext-devel
BuildRequires: pkgconfig(cairo)
@ -231,6 +234,11 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
%{_mandir}/man1/*
%changelog
* Fri Jun 17 2022 Marek Kasik <mkasik@redhat.com> - 20.11.0-5
- Don't run out of file for Hints
- Rebuild for #2096452
- Resolves: #2090969, #2096452
* Thu Sep 9 2021 Marek Kasik <mkasik@redhat.com> - 20.11.0-4
- Fix opening files with streams with wrong generations
- Resolves: #2002575