diff --git a/srcpkgs/mupdf/patches/0001-mupdf-openjpeg.patch b/srcpkgs/mupdf/patches/0001-mupdf-openjpeg.patch new file mode 100644 index 00000000000..7aa848cf457 --- /dev/null +++ b/srcpkgs/mupdf/patches/0001-mupdf-openjpeg.patch @@ -0,0 +1,37 @@ +--- source/fitz/load-jpx.c ++++ source/fitz/load-jpx.c +@@ -3,12 +3,17 @@ + /* Without the definition of OPJ_STATIC, compilation fails on windows + * due to the use of __stdcall. We believe it is required on some + * linux toolchains too. */ ++ ++#ifdef __cplusplus ++extern "C" ++{ + #define OPJ_STATIC + #ifndef _MSC_VER + #define OPJ_HAVE_STDINT_H + #endif ++#endif + +-#include ++#include + + static void fz_opj_error_callback(const char *msg, void *client_data) + { +@@ -117,7 +122,7 @@ fz_load_jpx(fz_context *ctx, unsigned ch + opj_stream_set_read_function(stream, fz_opj_stream_read); + opj_stream_set_skip_function(stream, fz_opj_stream_skip); + opj_stream_set_seek_function(stream, fz_opj_stream_seek); +- opj_stream_set_user_data(stream, &sb); ++ opj_stream_set_user_data(stream, &sb, NULL); + /* Set the length to avoid an assert */ + opj_stream_set_user_data_length(stream, size); + +@@ -247,3 +252,6 @@ fz_load_jpx(fz_context *ctx, unsigned ch + + return img; + } ++#ifdef __cplusplus ++} ++#endif diff --git a/srcpkgs/mupdf/patches/CVE-2016-6265.patch b/srcpkgs/mupdf/patches/CVE-2016-6265.patch new file mode 100644 index 00000000000..54011b7f8e5 --- /dev/null +++ b/srcpkgs/mupdf/patches/CVE-2016-6265.patch @@ -0,0 +1,36 @@ +From fa1936405b6a84e5c9bb440912c23d532772f958 Mon Sep 17 00:00:00 2001 +From: Robin Watts +Date: Thu, 21 Jul 2016 15:39:11 +0100 +Subject: [PATCH] Bug 696941: Fix use after free. + +The file is HORRIBLY corrupt, and triggers Sophos to think it's +PDF malware (which it isn't). It does however trigger a use +after free, worked around here. +--- + source/pdf/pdf-xref.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c +index 576c315..3222599 100644 +--- source/pdf/pdf-xref.c ++++ source/pdf/pdf-xref.c +@@ -1184,8 +1184,14 @@ pdf_load_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf) + fz_throw(ctx, FZ_ERROR_GENERIC, "object offset out of range: %d (%d 0 R)", (int)entry->ofs, i); + } + if (entry->type == 'o') +- if (entry->ofs <= 0 || entry->ofs >= xref_len || pdf_get_xref_entry(ctx, doc, entry->ofs)->type != 'n') +- fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)entry->ofs, i); ++ { ++ /* Read this into a local variable here, because pdf_get_xref_entry ++ * may solidify the xref, hence invalidating "entry", meaning we ++ * need a stashed value for the throw. */ ++ fz_off_t ofs = entry->ofs; ++ if (ofs <= 0 || ofs >= xref_len || pdf_get_xref_entry(ctx, doc, ofs)->type != 'n') ++ fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)ofs, i); ++ } + } + } + +-- +2.9.1 + diff --git a/srcpkgs/mupdf/patches/mupdf-1.5-openjpeg-2.1.patch b/srcpkgs/mupdf/patches/mupdf-1.5-openjpeg-2.1.patch deleted file mode 100644 index c524f91793b..00000000000 --- a/srcpkgs/mupdf/patches/mupdf-1.5-openjpeg-2.1.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- source/fitz/load-jpx.c -+++ source/fitz/load-jpx.c -@@ -116,7 +116,7 @@ - opj_stream_set_read_function(stream, fz_opj_stream_read); - opj_stream_set_skip_function(stream, fz_opj_stream_skip); - opj_stream_set_seek_function(stream, fz_opj_stream_seek); -- opj_stream_set_user_data(stream, &sb); -+ opj_stream_set_user_data(stream, &sb, NULL); - /* Set the length to avoid an assert */ - opj_stream_set_user_data_length(stream, size); - diff --git a/srcpkgs/mupdf/template b/srcpkgs/mupdf/template index 22a0021cb0a..e3b3bc39e6c 100644 --- a/srcpkgs/mupdf/template +++ b/srcpkgs/mupdf/template @@ -1,7 +1,7 @@ # Template file for 'mupdf' pkgname=mupdf version=1.9a -revision=2 +revision=3 wrksrc="${pkgname}-${version}-source" hostmakedepends="pkg-config zlib-devel libcurl-devel freetype-devel libjpeg-turbo-devel jbig2dec-devel libXext-devel libXcursor-devel