From c78a18750fc2b9df6ea94089159f4176a1f9198d Mon Sep 17 00:00:00 2001
From: Nicolás Reynolds <fauno@endefensadelsl.org>
Date: Wed, 16 Apr 2014 03:47:45 +0000
Subject: Wed Apr 16 03:42:20 UTC 2014

---
 community/mupdf/PKGBUILD                           |  19 ++-
 ...-stack-buffer-overflow-in-xps_parse_color.patch | 135 ---------------------
 community/mupdf/mupdf-1.3-system-libcurl.patch     |  21 ----
 community/mupdf/mupdf-1.4-system-libcurl.patch     |  26 ++++
 4 files changed, 34 insertions(+), 167 deletions(-)
 delete mode 100644 community/mupdf/mupdf-1.3-stack-buffer-overflow-in-xps_parse_color.patch
 delete mode 100644 community/mupdf/mupdf-1.3-system-libcurl.patch
 create mode 100644 community/mupdf/mupdf-1.4-system-libcurl.patch

(limited to 'community/mupdf')

diff --git a/community/mupdf/PKGBUILD b/community/mupdf/PKGBUILD
index 6f736631e..c3f31f5d5 100644
--- a/community/mupdf/PKGBUILD
+++ b/community/mupdf/PKGBUILD
@@ -1,4 +1,4 @@
-# $Id: PKGBUILD 105051 2014-01-30 18:29:49Z bpiotrowski $
+# $Id: PKGBUILD 109477 2014-04-15 05:41:52Z bpiotrowski $
 # Maintainer:  Bartłomiej Piotrowski <nospam@bpiotrowski.pl>
 # Contributor: Brad Fanella <bradfanella@archlinux.us>
 # Contributor: Stefan Husmann <stefan-husmann@t-online.de>
@@ -6,8 +6,8 @@
 # Contributor: xduugu
 
 pkgname=mupdf
-pkgver=1.3
-pkgrel=8
+pkgver=1.4
+pkgrel=1
 pkgdesc='Lightweight PDF and XPS viewer'
 arch=('i686' 'x86_64')
 url='http://mupdf.com'
@@ -16,18 +16,15 @@ depends=('curl' 'desktop-file-utils' 'freetype2' 'jbig2dec' 'libjpeg' 'libxext'
          'openssl')
 install=mupdf.install
 options=('staticlibs')
-source=(https://mupdf.googlecode.com/files/$pkgname-$pkgver-source.tar.gz
-        mupdf-1.3-system-libcurl.patch
-        mupdf-1.3-stack-buffer-overflow-in-xps_parse_color.patch)
-md5sums=('fe53c2a56ebd7759f5f965bc4ff66359'
-         '6d11387e9bb9897f6f1ecc3956f8e2d4'
-         'f4d785b28f711e12d4a078ce9b3ed8f5')
+source=(http://mupdf.com/downloads/mupdf-$pkgver-source.tar.gz
+        mupdf-1.4-system-libcurl.patch)
+md5sums=('0f6840a7020db0c833b0c090ca1864ec'
+         'b9fa68f059cfcd0b95c1166c83fd2ec5')
 
 prepare() {
   cd $pkgname-$pkgver-source
   rm -rf thirdparty/{curl,freetype,jpeg,zlib,jbig2dec}
-  patch -p1 -i ../mupdf-1.3-system-libcurl.patch
-  patch -p1 -i ../mupdf-1.3-stack-buffer-overflow-in-xps_parse_color.patch
+  patch -p1 -i ../mupdf-1.4-system-libcurl.patch
 
   cd platform/debian
   sed -i -e 's/mupdf.xpm/mupdf/' \
diff --git a/community/mupdf/mupdf-1.3-stack-buffer-overflow-in-xps_parse_color.patch b/community/mupdf/mupdf-1.3-stack-buffer-overflow-in-xps_parse_color.patch
deleted file mode 100644
index bfe86f320..000000000
--- a/community/mupdf/mupdf-1.3-stack-buffer-overflow-in-xps_parse_color.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 60dabde18d7fe12b19da8b509bdfee9cc886aafc Mon Sep 17 00:00:00 2001
-From: =?utf8?q?Simon=20B=C3=BCnzli?= <zeniko@gmail.com>
-Date: Thu, 16 Jan 2014 22:04:51 +0100
-Subject: [PATCH] Bug 694957: fix stack buffer overflow in xps_parse_color
-MIME-Version: 1.0
-Content-Type: text/plain; charset=utf8
-Content-Transfer-Encoding: 8bit
-
-xps_parse_color happily reads more than FZ_MAX_COLORS values out of a
-ContextColor array which overflows the passed in samples array.
-Limiting the number of allowed samples to FZ_MAX_COLORS and make sure
-to use that constant for all callers fixes the problem.
-
-Thanks to Jean-Jamil Khalifé for reporting and investigating the issue
-and providing a sample exploit file.
----
- source/xps/xps-common.c   |   22 ++++++++++++++--------
- source/xps/xps-glyphs.c   |    2 +-
- source/xps/xps-gradient.c |    2 +-
- source/xps/xps-path.c     |    2 +-
- 4 files changed, 17 insertions(+), 11 deletions(-)
-
-diff --git a/source/xps/xps-common.c b/source/xps/xps-common.c
-index b780f42..32a30ba 100644
---- a/source/xps/xps-common.c
-+++ b/source/xps/xps-common.c
-@@ -89,7 +89,7 @@ xps_begin_opacity(xps_document *doc, const fz_matrix *ctm, const fz_rect *area,
- 		if (scb_color_att)
- 		{
- 			fz_colorspace *colorspace;
--			float samples[32];
-+			float samples[FZ_MAX_COLORS];
- 			xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples);
- 			opacity = opacity * samples[0];
- 		}
-@@ -208,12 +208,13 @@ void
- xps_parse_color(xps_document *doc, char *base_uri, char *string,
- 		fz_colorspace **csp, float *samples)
- {
-+	fz_context *ctx = doc->ctx;
- 	char *p;
- 	int i, n;
- 	char buf[1024];
- 	char *profile;
- 
--	*csp = fz_device_rgb(doc->ctx);
-+	*csp = fz_device_rgb(ctx);
- 
- 	samples[0] = 1;
- 	samples[1] = 0;
-@@ -259,7 +260,7 @@ xps_parse_color(xps_document *doc, char *base_uri, char *string,
- 		profile = strchr(buf, ' ');
- 		if (!profile)
- 		{
--			fz_warn(doc->ctx, "cannot find icc profile uri in '%s'", string);
-+			fz_warn(ctx, "cannot find icc profile uri in '%s'", string);
- 			return;
- 		}
- 
-@@ -267,12 +268,17 @@ xps_parse_color(xps_document *doc, char *base_uri, char *string,
- 		p = strchr(profile, ' ');
- 		if (!p)
- 		{
--			fz_warn(doc->ctx, "cannot find component values in '%s'", profile);
-+			fz_warn(ctx, "cannot find component values in '%s'", profile);
- 			return;
- 		}
- 
- 		*p++ = 0;
- 		n = count_commas(p) + 1;
-+		if (n > FZ_MAX_COLORS)
-+		{
-+			fz_warn(ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS);
-+			n = FZ_MAX_COLORS;
-+		}
- 		i = 0;
- 		while (i < n)
- 		{
-@@ -292,10 +298,10 @@ xps_parse_color(xps_document *doc, char *base_uri, char *string,
- 		/* TODO: load ICC profile */
- 		switch (n)
- 		{
--		case 2: *csp = fz_device_gray(doc->ctx); break;
--		case 4: *csp = fz_device_rgb(doc->ctx); break;
--		case 5: *csp = fz_device_cmyk(doc->ctx); break;
--		default: *csp = fz_device_gray(doc->ctx); break;
-+		case 2: *csp = fz_device_gray(ctx); break;
-+		case 4: *csp = fz_device_rgb(ctx); break;
-+		case 5: *csp = fz_device_cmyk(ctx); break;
-+		default: *csp = fz_device_gray(ctx); break;
- 		}
- 	}
- }
-diff --git a/source/xps/xps-glyphs.c b/source/xps/xps-glyphs.c
-index b26e18d..e621257 100644
---- a/source/xps/xps-glyphs.c
-+++ b/source/xps/xps-glyphs.c
-@@ -590,7 +590,7 @@ xps_parse_glyphs(xps_document *doc, const fz_matrix *ctm,
- 
- 	if (fill_att)
- 	{
--		float samples[32];
-+		float samples[FZ_MAX_COLORS];
- 		fz_colorspace *colorspace;
- 
- 		xps_parse_color(doc, base_uri, fill_att, &colorspace, samples);
-diff --git a/source/xps/xps-gradient.c b/source/xps/xps-gradient.c
-index 7d03f89..76188e9 100644
---- a/source/xps/xps-gradient.c
-+++ b/source/xps/xps-gradient.c
-@@ -39,7 +39,7 @@ xps_parse_gradient_stops(xps_document *doc, char *base_uri, fz_xml *node,
- 	struct stop *stops, int maxcount)
- {
- 	fz_colorspace *colorspace;
--	float sample[8];
-+	float sample[FZ_MAX_COLORS];
- 	float rgb[3];
- 	int before, after;
- 	int count;
-diff --git a/source/xps/xps-path.c b/source/xps/xps-path.c
-index b97ee17..ea84a81 100644
---- a/source/xps/xps-path.c
-+++ b/source/xps/xps-path.c
-@@ -826,7 +826,7 @@ xps_parse_path(xps_document *doc, const fz_matrix *ctm, char *base_uri, xps_reso
- 
- 	fz_stroke_state *stroke = NULL;
- 	fz_matrix transform;
--	float samples[32];
-+	float samples[FZ_MAX_COLORS];
- 	fz_colorspace *colorspace;
- 	fz_path *path = NULL;
- 	fz_path *stroke_path = NULL;
--- 
-1.7.9.5
-
diff --git a/community/mupdf/mupdf-1.3-system-libcurl.patch b/community/mupdf/mupdf-1.3-system-libcurl.patch
deleted file mode 100644
index b99083216..000000000
--- a/community/mupdf/mupdf-1.3-system-libcurl.patch
+++ /dev/null
@@ -1,21 +0,0 @@
---- a/Makerules	2013-08-27 14:35:11.243520354 +0000
-+++ b/Makerules	2013-08-27 15:40:22.583629510 +0000
-@@ -67,6 +67,8 @@
- SYS_JBIG2DEC_LIBS = -ljbig2dec
- SYS_JPEG_LIBS = -ljpeg
- SYS_ZLIB_LIBS = -lz
-+SYS_CURL_CFLAGS = $(shell pkg-config --cflags libcurl) -I/usr/include/curl
-+SYS_CURL_LIBS = $(shell pkg-config --libs libcurl)
- 
- endif
- 
---- a/Makethird	2013-08-27 15:41:18.043354692 +0000
-+++ b/Makethird	2013-08-27 15:42:41.332916192 +0000
-@@ -444,5 +444,6 @@
- CURL_CFLAGS := -I$(CURL_DIR)/include
- CURL_LIBS := $(SYS_CURL_DEPS)
- else
--NOCURL := yes
-+CURL_CFLAGS := $(SYS_CURL_CFLAGS)
-+CURL_LIBS := $(SYS_CURL_LIBS) $(SYS_CURL_DEPS)
- endif
diff --git a/community/mupdf/mupdf-1.4-system-libcurl.patch b/community/mupdf/mupdf-1.4-system-libcurl.patch
new file mode 100644
index 000000000..bbee9b076
--- /dev/null
+++ b/community/mupdf/mupdf-1.4-system-libcurl.patch
@@ -0,0 +1,26 @@
+diff -rupN a/Makerules b/Makerules
+--- a/Makerules	2014-04-11 15:10:41.000000000 +0000
++++ b/Makerules	2014-04-15 05:35:34.430028127 +0000
+@@ -47,6 +47,8 @@ SYS_OPENJPEG_LIBS = -lopenjpeg
+ SYS_JBIG2DEC_LIBS = -ljbig2dec
+ SYS_JPEG_LIBS = -ljpeg
+ SYS_ZLIB_LIBS = -lz
++SYS_CURL_CFLAGS = $(shell pkg-config --cflags libcurl) -I/usr/include/curl
++SYS_CURL_LIBS = $(shell pkg-config --libs libcurl)
+ 
+ CC = xcrun cc
+ AR = xcrun ar
+diff -rupN a/Makethird b/Makethird
+--- a/Makethird	2014-04-11 15:10:41.000000000 +0000
++++ b/Makethird	2014-04-15 05:37:06.712810863 +0000
+@@ -454,6 +454,10 @@ CURL_CFLAGS := -I$(CURL_DIR)/include
+ CURL_LIBS := $(SYS_CURL_DEPS)
+ 
+ HAVE_CURL := yes
++else
++HAVE_CURL := yes
++CURL_CFLAGS := $(SYS_CURL_CFLAGS)
++CURL_LIBS := $(SYS_CURL_LIBS) $(SYS_CURL_DEPS)
+ endif
+ 
+ # --- X11 ---
-- 
cgit v1.2.3-54-g00ecf