diff options
author | Robert Scott <code@humanleg.org.uk> | 2019-10-12 14:35:01 +0100 |
---|---|---|
committer | Robert Scott <code@humanleg.org.uk> | 2019-10-12 14:35:01 +0100 |
commit | e6889d46e0ef40a5c2159347406f0a2e9e304e85 (patch) | |
tree | 5fe0bdaa95daa41ec540a224740539a44ee7b569 /pkgs/development/libraries/poppler | |
parent | ce2bbeb5edd811a081ee2a61a780643d75dbc0ae (diff) | |
download | nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.tar nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.tar.gz nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.tar.bz2 nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.tar.lz nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.tar.xz nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.tar.zst nixpkgs-e6889d46e0ef40a5c2159347406f0a2e9e304e85.zip |
poppler_0_61: add patch for CVE-2019-9959
custom adapted patch to accommodate the openjpeg1/openjpeg2 split that 0.61 still has
Diffstat (limited to 'pkgs/development/libraries/poppler')
-rw-r--r-- | pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch | 20 | ||||
-rw-r--r-- | pkgs/development/libraries/poppler/0.61.nix | 1 |
2 files changed, 21 insertions, 0 deletions
diff --git a/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch b/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch new file mode 100644 index 00000000000..5c2af7a2adc --- /dev/null +++ b/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch @@ -0,0 +1,20 @@ +diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc +--- a/poppler/JPEG2000Stream.cc ++++ b/poppler/JPEG2000Stream.cc +@@ -201,7 +201,7 @@ void JPXStream::init() + if (getDict()) smaskInData = getDict()->lookup("SMaskInData"); + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { + +@@ -365,7 +365,7 @@ void JPXStream::init() + } + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { diff --git a/pkgs/development/libraries/poppler/0.61.nix b/pkgs/development/libraries/poppler/0.61.nix index 633c3d69618..cf247339716 100644 --- a/pkgs/development/libraries/poppler/0.61.nix +++ b/pkgs/development/libraries/poppler/0.61.nix @@ -27,6 +27,7 @@ stdenv.mkDerivation rec { url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee"; sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2"; }) + ./0.61-CVE-2019-9959.patch ]; buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data; |