diff options
| author | Thomas Tuegel <ttuegel@mailbox.org> | 2019-10-13 13:47:44 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-10-13 13:47:44 -0500 |
| commit | 08ff114eecd2ba6aa24b03c31786007095bf54cd (patch) | |
| tree | 566c4d9a466952195bcb09691163d4e8e432ef14 /pkgs/development/libraries/poppler | |
| parent | df372a05f930e301acdba10715e7c1d3db94f2ce (diff) | |
| parent | b9593f1a20bcb7f91488afbc11b5b1fb715a711b (diff) | |
| download | nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.tar nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.tar.gz nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.tar.bz2 nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.tar.lz nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.tar.xz nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.tar.zst nixpkgs-08ff114eecd2ba6aa24b03c31786007095bf54cd.zip | |
Merge pull request #71042 from risicle/ris-poppler-0.61-CVE-2019-9959
poppler_0_61: add patch for CVE-2019-9959
Diffstat (limited to 'pkgs/development/libraries/poppler')
| -rw-r--r-- | pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch | 20 | ||||
| -rw-r--r-- | pkgs/development/libraries/poppler/0.61.nix | 5 |
2 files changed, 23 insertions, 2 deletions
diff --git a/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch b/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch new file mode 100644 index 00000000000..5c2af7a2adc --- /dev/null +++ b/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch @@ -0,0 +1,20 @@ +diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc +--- a/poppler/JPEG2000Stream.cc ++++ b/poppler/JPEG2000Stream.cc +@@ -201,7 +201,7 @@ void JPXStream::init() + if (getDict()) smaskInData = getDict()->lookup("SMaskInData"); + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { + +@@ -365,7 +365,7 @@ void JPXStream::init() + } + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { diff --git a/pkgs/development/libraries/poppler/0.61.nix b/pkgs/development/libraries/poppler/0.61.nix index 633c3d69618..cb9cf16531c 100644 --- a/pkgs/development/libraries/poppler/0.61.nix +++ b/pkgs/development/libraries/poppler/0.61.nix @@ -8,7 +8,7 @@ }: let - version = "0.61.0"; + version = "0.61.1"; mkFlag = optset: flag: "-DENABLE_${flag}=${if optset then "on" else "off"}"; in stdenv.mkDerivation rec { @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "${meta.homepage}/poppler-${version}.tar.xz"; - sha256 = "0zrbb1b77k6bm2qdnra08jnbyllv6vj29790igmp6fzs59xf3kak"; + sha256 = "1afdrxxkaivvviazxkg5blsf2x24sjkfj92ib0d3q5pm8dihjrhj"; }; outputs = [ "out" "dev" ]; @@ -27,6 +27,7 @@ stdenv.mkDerivation rec { url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee"; sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2"; }) + ./0.61-CVE-2019-9959.patch ]; buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data; |