mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-26 06:18:07 -05:00
ae7e24c421
* gnu/packages/patches/mupdf-CVE-2017-14685.patch, gnu/packages/patches/mupdf-CVE-2017-14686.patch, gnu/packages/patches/mupdf-CVE-2017-14687.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/pdf.scm (mupdf)[source]: Use them.
34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
Fix CVE-2017-14685:
|
|
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14685
|
|
|
|
Patch copied from upstream source repository:
|
|
|
|
https://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a
|
|
|
|
From ab1a420613dec93c686acbee2c165274e922f82a Mon Sep 17 00:00:00 2001
|
|
From: Tor Andersson <tor.andersson@artifex.com>
|
|
Date: Tue, 19 Sep 2017 15:23:04 +0200
|
|
Subject: [PATCH] Fix 698539: Don't use xps font if it could not be loaded.
|
|
|
|
xps_load_links_in_glyphs did not cope with font loading failures.
|
|
---
|
|
source/xps/xps-link.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/source/xps/xps-link.c b/source/xps/xps-link.c
|
|
index c07e0d7..c26a8d9 100644
|
|
--- a/source/xps/xps-link.c
|
|
+++ b/source/xps/xps-link.c
|
|
@@ -91,6 +91,8 @@ xps_load_links_in_glyphs(fz_context *ctx, xps_document *doc, const fz_matrix *ct
|
|
bidi_level = atoi(bidi_level_att);
|
|
|
|
font = xps_lookup_font(ctx, doc, base_uri, font_uri_att, style_att);
|
|
+ if (!font)
|
|
+ return;
|
|
text = xps_parse_glyphs_imp(ctx, doc, &local_ctm, font, fz_atof(font_size_att),
|
|
fz_atof(origin_x_att), fz_atof(origin_y_att),
|
|
is_sideways, bidi_level, indices_att, unicode_att);
|
|
--
|
|
2.9.1
|
|
|