Apply xpdf 3.02pl2 patch for CVE-2007-4352, CVE-2007-5392, CVE-2007-5393;

while I am there, rework on the way of applying xpdf 3.02pl1 patch to ease future upgrade. Approved by: portmgr (linimon) Security: 2747fc39-915b-11dc-9239-001c2514716c
svn path=/head/; revision=202670
2025-01-07 06:40:06 +00:00 · 2007-11-13 01:14:28 +00:00 · 2007-11-13 01:14:28 +00:00 · 7f0ec7cb1b · 2021-03-31 03:12:20 +00:00
commit 7f0ec7cb1b
parent 85f68acbb6
3 changed files with 8 additions and 35 deletions
--- a/graphics/xpdf/Makefile
+++ b/graphics/xpdf/Makefile
@ -7,14 +7,14 @@

 PORTNAME=	xpdf
 PORTVERSION=	3.02
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES=	graphics print
 MASTER_SITES=	ftp://ftp.foolabs.com/pub/xpdf/ \
 		${MASTER_SITE_TEX_CTAN}
 MASTER_SITE_SUBDIR=	support/xpdf

 PATCH_SITES=	ftp://ftp.foolabs.com/pub/xpdf/
-PATCHFILES=	
+PATCHFILES=	xpdf-3.02pl1.patch xpdf-3.02pl2.patch
 PATCH_DIST_STRIP=	-p1

 MAINTAINER=	nork@FreeBSD.org
--- a/graphics/xpdf/distinfo
+++ b/graphics/xpdf/distinfo
@ -1,3 +1,9 @@
 MD5 (xpdf-3.02.tar.gz) = 599dc4cc65a07ee868cf92a667a913d2
 SHA256 (xpdf-3.02.tar.gz) = b33a7d56f454c331ae50996f989e86c9166e57af97b74de28cddf3d51ac11f00
 SIZE (xpdf-3.02.tar.gz) = 674912
+MD5 (xpdf-3.02pl1.patch) = 877118786dfe27d1b7aa5a6759cc6e45
+SHA256 (xpdf-3.02pl1.patch) = 58f613b00b414a86aa776b76fcd899bb415e4ee4edc2184c8a7c4ed1004dbbf3
+SIZE (xpdf-3.02pl1.patch) = 1050
+MD5 (xpdf-3.02pl2.patch) = 3a5cb165ae66781e0b21e6219ae06795
+SHA256 (xpdf-3.02pl2.patch) = d1c1d887b0b8a5283f04f825e44f085f2e92daf7b518889acf1bc89ea07ed9d9
+SIZE (xpdf-3.02pl2.patch) = 20843
--- a/graphics/xpdf/files/patch-CVE-2007-3387
+++ b/graphics/xpdf/files/patch-CVE-2007-3387
@ -1,33 +0,0 @@
-*** xpdf/Stream.cc	Tue Feb 27 14:05:52 2007
--- xpdf/Stream.cc	Thu Jul 26 14:44:43 2007
-***************
-*** 410,424 ****
-    ok = gFalse;
-  
-    nVals = width * nComps;
-   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-       nComps >= INT_MAX / nBits ||
-       width >= INT_MAX / nComps / nBits ||
-       nVals * nBits + 7 < 0) {
-     return;
-   }
-    pixBytes = (nComps * nBits + 7) >> 3;
-    rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-!   if (rowBytes <= 0) {
-      return;
-    }
-    predLine = (Guchar *)gmalloc(rowBytes);
--- 410,422 ----
-    ok = gFalse;
-  
-    nVals = width * nComps;
-    pixBytes = (nComps * nBits + 7) >> 3;
-    rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-!   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-!       nComps > gfxColorMaxComps ||
-!       nBits > 16 ||
-!       width >= INT_MAX / nComps ||      // check for overflow in nVals 
-!       nVals >= (INT_MAX - 7) / nBits) { // check for overflow in rowBytes
-      return;
-    }
-    predLine = (Guchar *)gmalloc(rowBytes);