ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-11-14 10:55:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix/gnu/packages/patches/poppler-CVE-2018-19149.patch
Leo Famulari 021bf6af18
gnu: Poppler: Fix CVE-2018-19149. 
* gnu/packages/patches/poppler-CVE-2018-19149.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler)[replacement]: New field.
(poppler/fixed): New variable.
(poppler-qt4, poppler-qt5): Use package/inherit.
2018-11-13 11:28:23 -05:00

80 lines
3.1 KiB
Diff
Raw Blame History

Fix CVE-2018-19149:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
https://gitlab.freedesktop.org/poppler/poppler/issues/664
Patch copied from upstream source repository:
https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001
From: Marek Kasik <mkasik@redhat.com>
Date: Fri, 20 Apr 2018 11:38:13 +0200
Subject: [PATCH] Fix crash on missing embedded file
Check whether an embedded file is actually present in the PDF
and show warning in that case.
https://bugs.freedesktop.org/show_bug.cgi?id=106137
https://gitlab.freedesktop.org/poppler/poppler/issues/236
---
glib/poppler-attachment.cc | 26 +++++++++++++++++---------
glib/poppler-document.cc | 3 ++-
2 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc
index c6502e9d..11ba5bb5 100644
--- a/glib/poppler-attachment.cc
+++ b/glib/poppler-attachment.cc
@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file)
attachment->description = _poppler_goo_string_to_utf8 (emb_file->getDescription ());
embFile = emb_file->getEmbeddedFile();
- attachment->size = embFile->size ();
+ if (embFile != NULL && embFile->streamObject()->isStream())
+ {
+ attachment->size = embFile->size ();
- if (embFile->createDate ())
- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
- if (embFile->modDate ())
- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
+ if (embFile->createDate ())
+ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
+ if (embFile->modDate ())
+ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
- if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
- embFile->checksum ()->getLength ());
- priv->obj_stream = embFile->streamObject()->copy();
+ if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
+ attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
+ embFile->checksum ()->getLength ());
+ priv->obj_stream = embFile->streamObject()->copy();
+ }
+ else
+ {
+ g_warning ("Missing stream object for embedded file");
+ g_clear_object (&attachment);
+ }
return attachment;
}
diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc
index 83f6aea6..ea319344 100644
--- a/glib/poppler-document.cc
+++ b/glib/poppler-document.cc
@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument *document)
attachment = _poppler_attachment_new (emb_file);
delete emb_file;
- retval = g_list_prepend (retval, attachment);
+ if (attachment != NULL)
+ retval = g_list_prepend (retval, attachment);
}
return g_list_reverse (retval);
}
--
2.19.1
Reference in a new issue View git blame Copy permalink