rpms/transfig
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed CVE-2020-21680

Browse Source 
Resolves: #1998306
This commit is contained in:
Ondrej Dubaj 2021-08-30 10:58:19 +02:00
parent 952fb15c98
commit 51d1f1a277
2 changed files with 57 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
0011-CVE-2020-21680.patch Normal file
View File

@ -0,0 +1,55 @@
Subject: [PATCH] Allow arrows with zero length on arcs
Use the tangent, not a secant, for short arrows on arcs.
---
fig2dev/bound.c | 9 ++++-----
fig2dev/tests/output.at | 8 ++++++++
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/fig2dev/bound.c b/fig2dev/bound.c
index ce7f4d1..9e997b7 100644
--- a/fig2dev/bound.c
+++ b/fig2dev/bound.c
@@ -1095,16 +1095,15 @@ compute_arcarrow_angle(double x1, double y1, double x2, double y2,
r=sqrt(dx*dx+dy*dy);
h = (double) arrow->ht;
/* lines are made a little thinner in set_linewidth */
- thick = (arrow->thickness <= THICK_SCALE) ?
- 0.5* arrow->thickness :
- arrow->thickness - THICK_SCALE;
+ thick = arrow->thickness <= THICK_SCALE ?
+ 0.5 * arrow->thickness : arrow->thickness - THICK_SCALE;
/* lpt is the amount the arrowhead extends beyond the end of the line */
lpt = thick/2.0/(arrow->wid/h/2.0);
/* add this to the length */
h += lpt;
- /* radius too small for this method, use normal method */
- if (h > 2.0*r) {
+ /* secant would be too large or too small */
+ if (h > 2.0*r || h < 0.01*r) {
arc_tangent_int(x1,y1,x2,y2,direction,x,y);
return;
}
diff --git a/fig2dev/tests/output.at b/fig2dev/tests/output.at
index 79788cc..9150dbe 100644
--- a/fig2dev/tests/output.at
+++ b/fig2dev/tests/output.at
@@ -175,6 +175,14 @@ AT_CHECK([fig2dev -L pict2e -P big1.fig big1.tex && \
], 0, ignore)
AT_CLEANUP
+AT_SETUP([accept arc arrows with zero height, ticket #74])
+AT_KEYWORDS(pict2e)
+AT_CHECK([fig2dev -L pict2e <<EOF
+FIG_FILE_TOP
+5 1 0 1 0 7 50 -1 -1 0.0 0 0 1 0 0.0 0.0 600 0 0 600 -600 0
+ 1 1 1.0 60.0 0.0
+EOF], 0, ignore)
+AT_CLEANUP
AT_BANNER([Test svg output language.])
AT_SETUP([compare patterns with template])
--
2.31.1

2
transfig.spec
View File

@ -17,6 +17,7 @@ Patch7: 0007-Use-getopt-from-standard-libraries-if-available.patch
Patch8: 0008-Replace-most-calls-to-fgets-by-getline-in-read.c.patch Patch8: 0008-Replace-most-calls-to-fgets-by-getline-in-read.c.patch
Patch9: 0009-CVE-2020-21681.patch Patch9: 0009-CVE-2020-21681.patch
Patch10: 0010-CVE-2020-21683.patch Patch10: 0010-CVE-2020-21683.patch
Patch11: 0011-CVE-2020-21680.patch
Requires: ghostscript Requires: ghostscript
Requires: bc Requires: bc
@ -72,6 +73,7 @@ mv fig2dev.1.in.new man/fig2dev.1.in
* Mon Aug 30 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.7b-7 * Mon Aug 30 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.7b-7
- Fixed CVE-2020-21681 (#1998350) - Fixed CVE-2020-21681 (#1998350)
- Fixed CVE-2020-21683 (#1998594) - Fixed CVE-2020-21683 (#1998594)
- Fixed CVE-2020-21680 (#1998306)
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.2.7b-6 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.2.7b-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags