packages/poppler
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2024-6239

Browse Source
This commit is contained in:
lingsheng 2024-06-25 10:41:10 +00:00
parent 81ddbcde1c
commit eb0f2e1044
2 changed files with 121 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
backport-CVE-2024-6239.patch Normal file
View File

@ -0,0 +1,112 @@
From 0554731052d1a97745cb179ab0d45620589dd9c4 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Fri, 7 Jun 2024 00:54:55 +0200
Subject: [PATCH] pdfinfo: Fix crash in broken documents when using -dests
Reference:https://gitlab.freedesktop.org/poppler/poppler/-/commit/0554731052d1a97745cb179ab0d45620589dd9c4
Conflict:adapt context and patch line numbers
---
utils/pdfinfo.cc | 35 +++++++++++++++--------------------
1 file changed, 15 insertions(+), 20 deletions(-)
diff --git a/utils/pdfinfo.cc b/utils/pdfinfo.cc
index 5d37ef64f..7d569749b 100644
--- a/utils/pdfinfo.cc
+++ b/utils/pdfinfo.cc
@@ -15,7 +15,7 @@
// under GPL version 2 or later
//
// Copyright (C) 2006 Dom Lachowicz <cinamod@hotmail.com>
-// Copyright (C) 2007-2010, 2012, 2016-2022 Albert Astals Cid <aacid@kde.org>
+// Copyright (C) 2007-2010, 2012, 2016-2022, 2024 Albert Astals Cid <aacid@kde.org>
// Copyright (C) 2010 Hib Eris <hib@hiberis.nl>
// Copyright (C) 2011 Vittal Aithal <vittal.aithal@cognidox.com>
// Copyright (C) 2012, 2013, 2016-2018, 2021 Adrian Johnson <ajohnson@redneon.com>
@@ -112,18 +112,23 @@ static const ArgDesc argDesc[] = { { "-f", argInt, &firstPage, 0, "first page to
{ "-?", argFlag, &printHelp, 0, "print usage information" },
{} };
-static void printTextString(const GooString *s, const UnicodeMap *uMap)
+static void printStdTextString(const std::string &s, const UnicodeMap *uMap)
{
Unicode *u;
char buf[8];
- int len = TextStringToUCS4(s->toStr(), &u);
+ int len = TextStringToUCS4(s, &u);
for (int i = 0; i < len; i++) {
int n = uMap->mapUnicode(u[i], buf, sizeof(buf));
fwrite(buf, 1, n, stdout);
}
gfree(u);
}
+static void printTextString(const GooString *s, const UnicodeMap *uMap)
+{
+ printStdTextString(s->toStr(), uMap);
+}
+
static void printUCS4String(const Unicode *u, int len, const UnicodeMap *uMap)
{
char buf[8];
@@ -295,11 +300,6 @@ static void printStruct(const StructElement *element, unsigned indent)
}
}
-struct GooStringCompare
-{
- bool operator()(GooString *lhs, GooString *rhs) const { return lhs->cmp(const_cast<GooString *>(rhs)) < 0; }
-};
-
static void printLinkDest(const std::unique_ptr<LinkDest> &dest)
{
GooString s;
@@ -370,29 +370,25 @@ static void printLinkDest(const std::unique_ptr<LinkDest> &dest)
static void printDestinations(PDFDoc *doc, const UnicodeMap *uMap)
{
- std::map<Ref, std::map<GooString *, std::unique_ptr<LinkDest>, GooStringCompare>> map;
+ std::map<Ref, std::map<std::string, std::unique_ptr<LinkDest>>> map;
int numDests = doc->getCatalog()->numDestNameTree();
for (int i = 0; i < numDests; i++) {
- GooString *name = new GooString(doc->getCatalog()->getDestNameTreeName(i));
+ const GooString *name = doc->getCatalog()->getDestNameTreeName(i);
std::unique_ptr<LinkDest> dest = doc->getCatalog()->getDestNameTreeDest(i);
- if (dest && dest->isPageRef()) {
+ if (name && dest && dest->isPageRef()) {
Ref pageRef = dest->getPageRef();
- map[pageRef].insert(std::make_pair(name, std::move(dest)));
- } else {
- delete name;
+ map[pageRef].insert(std::make_pair(name->toStr(), std::move(dest)));
}
}
numDests = doc->getCatalog()->numDests();
for (int i = 0; i < numDests; i++) {
- GooString *name = new GooString(doc->getCatalog()->getDestsName(i));
+ const char *name = doc->getCatalog()->getDestsName(i);
std::unique_ptr<LinkDest> dest = doc->getCatalog()->getDestsDest(i);
- if (dest && dest->isPageRef()) {
+ if (name && dest && dest->isPageRef()) {
Ref pageRef = dest->getPageRef();
map[pageRef].insert(std::make_pair(name, std::move(dest)));
- } else {
- delete name;
}
}
@@ -406,9 +402,8 @@ static void printDestinations(PDFDoc *doc, const UnicodeMap *uMap)
printf("%4d ", i);
printLinkDest(it.second);
printf(" \"");
- printTextString(it.first, uMap);
+ printStdTextString(it.first, uMap);
printf("\"\n");
- delete it.first;
}
}
}
--
GitLab

10
poppler.spec
View File

@ -8,7 +8,7 @@
Name: poppler Name: poppler
Version: 23.12.0 Version: 23.12.0
Release: 2 Release: 3
Summary: PDF rendering library Summary: PDF rendering library
License: GPLv2+ and LGPLv2+ and MIT License: GPLv2+ and LGPLv2+ and MIT
URL: http://poppler.freedesktop.org/ URL: http://poppler.freedesktop.org/
@ -18,6 +18,8 @@ Source1: %{name}-test-%{test_date}-%{test_sha}.tar.xz
Patch1: poppler-0.90.0-position-independent-code.patch Patch1: poppler-0.90.0-position-independent-code.patch
Patch3: poppler-21.01.0-glib-introspection.patch Patch3: poppler-21.01.0-glib-introspection.patch
Patch6000: backport-CVE-2024-6239.patch
BuildRequires: make BuildRequires: make
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -260,6 +262,12 @@ test "$(pkg-config --modversion poppler-qt6)" = "%{version}"
%{_mandir}/man1/* %{_mandir}/man1/*
%changelog %changelog
* Tue Jun 25 2024 lingsheng <lingsheng1@h-partners.com> - 23.12.0-3
- Type:CVE
- CVE:CVE-2024-6239
- SUG:NA
- DESC:fix CVE-2024-6239
* Tue Apr 16 2024 Wenlong Zhang <zhangwenlong@loongson.cn> - 23.12.0-2 * Tue Apr 16 2024 Wenlong Zhang <zhangwenlong@loongson.cn> - 23.12.0-2
- disable qt6 for loongarch64 - disable qt6 for loongarch64