commit poppler for openSUSE:Factory
Hello community, here is the log from the commit of package poppler for openSUSE:Factory checked in at 2017-06-30 18:38:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/poppler (Old) and /work/SRC/openSUSE:Factory/.poppler.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "poppler" Fri Jun 30 18:38:18 2017 rev:139 rq:505792 version:0.56.0 Changes: -------- --- /work/SRC/openSUSE:Factory/poppler/poppler-qt.changes 2017-06-16 10:53:50.879399624 +0200 +++ /work/SRC/openSUSE:Factory/.poppler.new/poppler-qt.changes 2017-06-30 18:38:20.808017546 +0200 @@ -1,0 +2,13 @@ +Thu Jun 22 22:30:30 UTC 2017 - zaitor@opensuse.org + +- Update to version 0.56.0: + + core: + - FormFieldButton::setState() shouldn't check the field is + readOnly. + - Fix crashes on multiple broken files. + + utils: pdfunite: Fix crash with broken documents (fdo#101153, + fdo#101149). +- Drop poppler-pdfunite-fix-crash-with-broken-documents.patch: + Fixed upstream. + +------------------------------------------------------------------- poppler-qt5.changes: same change poppler.changes: same change Old: ---- poppler-0.55.0.tar.xz poppler-pdfunite-fix-crash-with-broken-documents.patch New: ---- poppler-0.56.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ poppler-qt.spec ++++++ --- /var/tmp/diff_new_pack.ZU9kQ1/_old 2017-06-30 18:38:21.939858345 +0200 +++ /var/tmp/diff_new_pack.ZU9kQ1/_new 2017-06-30 18:38:21.939858345 +0200 @@ -21,7 +21,7 @@ Name: poppler-qt %define _name poppler -Version: 0.55.0 +Version: 0.56.0 Release: 0 # Actual version of poppler-data: %define poppler_data_version 0.4.6 @@ -38,8 +38,6 @@ Group: System/Libraries Source: http://poppler.freedesktop.org/%{_name}-%{version}.tar.xz Source99: baselibs.conf -# PATCH-FIX-UPSTREAM poppler-pdfunite-fix-crash-with-broken-documents.patch fdo#101153 fdo#101149 zaitor@opensuse.org -- pdfunite: Fix crash with broken documents -Patch0: poppler-pdfunite-fix-crash-with-broken-documents.patch BuildRequires: gcc-c++ BuildRequires: gobject-introspection-devel BuildRequires: libjpeg-devel @@ -228,7 +226,6 @@ %prep %setup -q -n poppler-%{version} -%patch0 -p1 %build %if %build_qt5 poppler-qt5.spec: same change ++++++ poppler.spec ++++++ --- /var/tmp/diff_new_pack.ZU9kQ1/_old 2017-06-30 18:38:21.991851033 +0200 +++ /var/tmp/diff_new_pack.ZU9kQ1/_new 2017-06-30 18:38:21.991851033 +0200 @@ -21,7 +21,7 @@ Name: poppler %define _name poppler -Version: 0.55.0 +Version: 0.56.0 Release: 0 # Actual version of poppler-data: %define poppler_data_version 0.4.6 @@ -38,8 +38,6 @@ Group: System/Libraries Source: http://poppler.freedesktop.org/%{_name}-%{version}.tar.xz Source99: baselibs.conf -# PATCH-FIX-UPSTREAM poppler-pdfunite-fix-crash-with-broken-documents.patch fdo#101153 fdo#101149 zaitor@opensuse.org -- pdfunite: Fix crash with broken documents -Patch0: poppler-pdfunite-fix-crash-with-broken-documents.patch BuildRequires: gcc-c++ BuildRequires: gobject-introspection-devel BuildRequires: libjpeg-devel @@ -228,7 +226,6 @@ %prep %setup -q -n poppler-%{version} -%patch0 -p1 %build %if %build_qt5 ++++++ poppler-0.55.0.tar.xz -> poppler-0.56.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/CMakeLists.txt new/poppler-0.56.0/CMakeLists.txt --- old/poppler-0.55.0/CMakeLists.txt 2017-05-21 23:01:39.000000000 +0200 +++ new/poppler-0.56.0/CMakeLists.txt 2017-06-21 22:34:52.000000000 +0200 @@ -22,7 +22,7 @@ endif() set(POPPLER_MAJOR_VERSION "0") -set(POPPLER_MINOR_VERSION "55") +set(POPPLER_MINOR_VERSION "56") set(POPPLER_MICRO_VERSION "0") set(POPPLER_VERSION "${POPPLER_MAJOR_VERSION}.${POPPLER_MINOR_VERSION}.${POPPLER_MICRO_VERSION}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/ChangeLog new/poppler-0.56.0/ChangeLog --- old/poppler-0.55.0/ChangeLog 2017-05-21 23:32:11.000000000 +0200 +++ new/poppler-0.56.0/ChangeLog 2017-06-21 22:48:22.000000000 +0200 @@ -1,3 +1,204 @@ +commit 3a2759aa2a98c2157cb35731b95e393b8882f8d3 +Author: Jose Aliste <jaliste@src.gnome.org> +Date: Tue May 16 18:44:49 2017 -0400 + + Check numComps is between reasonable bounds + + Before this patch, some PDF might crash because of an overflow + if numComps does not lie between 0 and 4. + This is a security fix for CVE-2017-0319. + + poppler/Stream.cc | 7 +++++++ + 1 file changed, 7 insertions(+) + +commit d9c88e1c8892c79b8865a0dabdcc0d3ffd55c195 +Author: Albert Astals Cid <aacid@kde.org> +Date: Wed Jun 21 00:56:38 2017 +0200 + + Fix crash in malformed documents + + poppler/GfxState.cc | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +commit 55db66c69fd56826b8523710046deab1a8d14ba2 +Author: Albert Astals Cid <aacid@kde.org> +Date: Wed Jun 21 00:55:20 2017 +0200 + + Fix crash in malformed documents + + poppler/JBIG2Stream.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit 5266fa426d73c5dbdb3dd903d50885097833acc6 +Author: Albert Astals Cid <aacid@kde.org> +Date: Tue Jun 20 23:58:26 2017 +0200 + + Fix crash in malformed document + + Bug #101526 + + poppler/Stream.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit 112b8ab16128c6e7f80fe7c1890f7b63abd85cce +Author: Albert Astals Cid <aacid@kde.org> +Date: Tue Jun 20 23:51:16 2017 +0200 + + Fix crash in broken documents + + Fixes bug #101525 + + poppler/JBIG2Stream.cc | 8 ++++++++ + 1 file changed, 8 insertions(+) + +commit 4e68bf998f886cab8a45fa315164d8ba7aa0dee4 +Author: Albert Astals Cid <aacid@kde.org> +Date: Tue Jun 20 23:43:23 2017 +0200 + + Fix crash on broken documents + + Fixes bug #101524 + + poppler/JBIG2Stream.cc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +commit 558cdb4a4efbb2227f4009f5d87cdd94bfb40107 +Author: Albert Astals Cid <aacid@kde.org> +Date: Tue Jun 20 23:37:26 2017 +0200 + + Fix crash in malformed documents + + Fixes bug #101523 + + poppler/GfxFont.cc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +commit f7030a0176ed0ab484a401acc26072060e420679 +Author: Albert Astals Cid <aacid@kde.org> +Date: Mon Jun 19 23:45:24 2017 +0200 + + Fix crash on broken documents + + Bug #101505 + + goo/GooHash.cc | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +commit e465d36b8ecf46b80af4ac6b941ae56eb4883a89 +Author: Albert Astals Cid <aacid@kde.org> +Date: Mon Jun 19 23:35:29 2017 +0200 + + Fix crash on malformed files + + Bug #101502 + + poppler/GfxState.cc | 9 +++++++++ + 1 file changed, 9 insertions(+) + +commit e2ab2fa9d8c41e0115b2c276a2594cd2f7c217e6 +Author: Albert Astals Cid <aacid@kde.org> +Date: Mon Jun 19 23:18:51 2017 +0200 + + Fix crash on malformed files + + Bug #101500 + + poppler/Function.cc | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +commit 17e4111da1ae5c9798ca0c040bf75c01bbb72a8a +Author: Albert Astals Cid <aacid@kde.org> +Date: Sat Jun 17 17:47:23 2017 +0200 + + Break earlier on reaching recursion limit + + Bug #101379 + + poppler/Parser.cc | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +commit 8e1a2474c5513f7b2f4718258ca90e2d6e03f127 +Author: Albert Astals Cid <aacid@kde.org> +Date: Sat Jun 17 12:35:41 2017 +0200 + + pdftohmtl: Initialize rotSkewMat + + Fixes uninitialized memory read at bug #100314 + + utils/HtmlFonts.cc | 1 + + 1 file changed, 1 insertion(+) + +commit dd7b0eec87ffc389ee3ba7319442e681e19b15ba +Author: Albert Astals Cid <aacid@kde.org> +Date: Sat Jun 17 12:33:35 2017 +0200 + + Remove unused constructor + + utils/HtmlFonts.h | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +commit 5b05222ccd18a121ea2ae1d67b8b5d4947cdfce0 +Author: Albert Astals Cid <aacid@kde.org> +Date: Sat Jun 17 12:33:06 2017 +0200 + + Fix crash in malformed file + + Bug #101429 + + poppler/Annot.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit e1b5053e54b0ef7d6b09f3b9c97883db533d509a +Author: Even Rouault <even.rouault@spatialys.com> +Date: Fri Jun 16 00:21:53 2017 +0200 + + Fix crash on broken file + + Fixes bug #101366 + + poppler/SplashOutputDev.cc | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +commit 9e05af3da0ce14c48f0652e01718960c6bc7b4b0 +Author: Hans-Ulrich Jüttner <huj@froreich-bioscientia.de> +Date: Wed Jun 14 23:19:48 2017 +0200 + + FormFieldButton::setState() shouldn't check the field is readOnly + + Bug #101419 + + poppler/Form.cc | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +commit 5c9b08a875b07853be6c44e43ff5f7f059df666a +Author: Albert Astals Cid <aacid@kde.org> +Date: Sat May 27 00:09:17 2017 +0200 + + pdfunite: Fix crash with broken documents + + Sometimes we can't parse pages so check before accessing them + + Thanks to Jiaqi Peng for the report + + Fixes bugs #101153 and #101149 + + utils/pdfunite.cc | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +commit ff05069f34a00d67cdddb033f6240a3407e90057 +Author: Albert Astals Cid <aacid@kde.org> +Date: Sun May 21 23:39:38 2017 +0200 + + Poppler 0.55.0 + + CMakeLists.txt | 2 +- + NEWS | 16 ++++++++++++++++ + configure.ac | 2 +- + cpp/Doxyfile | 2 +- + qt4/src/Doxyfile | 2 +- + qt5/src/Doxyfile | 2 +- + 6 files changed, 21 insertions(+), 5 deletions(-) + commit 680b3f6b80e6d342a6b6e3fe8f1953857784f737 Author: Albert Astals Cid <aacid@kde.org> Date: Sun May 21 23:20:56 2017 +0200 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/NEWS new/poppler-0.56.0/NEWS --- old/poppler-0.55.0/NEWS 2017-05-21 22:58:41.000000000 +0200 +++ new/poppler-0.56.0/NEWS 2017-06-21 22:34:02.000000000 +0200 @@ -1,3 +1,11 @@ +Release 0.56.0 + core: + * FormFieldButton::setState() shouldn't check the field is readOnly + * Fix crashes on multiple broken files + + utils: + * pdfunite: Fix crash with broken documents. Bugs #101153 #101149 + Release 0.55.0 core: * Fix abort in files with broken Decode arrays. KDE bug #379835 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/configure new/poppler-0.56.0/configure --- old/poppler-0.55.0/configure 2017-05-21 23:19:44.000000000 +0200 +++ new/poppler-0.56.0/configure 2017-06-21 22:36:51.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for poppler 0.55.0. +# Generated by GNU Autoconf 2.69 for poppler 0.56.0. # # Report bugs to https://bugs.freedesktop.org/enter_bug.cgi?product=poppler. # @@ -591,8 +591,8 @@ # Identity of this package. PACKAGE_NAME='poppler' PACKAGE_TARNAME='poppler' -PACKAGE_VERSION='0.55.0' -PACKAGE_STRING='poppler 0.55.0' +PACKAGE_VERSION='0.56.0' +PACKAGE_STRING='poppler 0.56.0' PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=poppler' PACKAGE_URL='' @@ -1554,7 +1554,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -`configure' configures poppler 0.55.0 to adapt to many kinds of systems. +`configure' configures poppler 0.56.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1629,7 +1629,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of poppler 0.55.0:";; + short | recursive ) echo "Configuration of poppler 0.56.0:";; esac cat <<_ACEOF @@ -1867,7 +1867,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<_ACEOF -poppler configure 0.55.0 +poppler configure 0.56.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2561,7 +2561,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by poppler $as_me 0.55.0, which was +It was created by poppler $as_me 0.56.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3425,7 +3425,7 @@ # Define the identity of the package. PACKAGE='poppler' - VERSION='0.55.0' + VERSION='0.56.0' cat >>confdefs.h <<_ACEOF @@ -18508,7 +18508,7 @@ cat >>confdefs.h <<_ACEOF -#define POPPLER_VERSION "0.55.0" +#define POPPLER_VERSION "0.56.0" _ACEOF @@ -25867,11 +25867,11 @@ POPPLER_MAJOR_VERSION=0 -POPPLER_MINOR_VERSION=55 +POPPLER_MINOR_VERSION=56 POPPLER_MICRO_VERSION=0 -POPPLER_VERSION=0.55.0 +POPPLER_VERSION=0.56.0 ac_config_files="$ac_config_files Makefile goo/Makefile fofi/Makefile splash/Makefile poppler/Makefile utils/Makefile glib/Makefile glib/poppler-features.h glib/reference/Makefile glib/reference/version.xml glib/demo/Makefile test/Makefile qt4/Makefile qt4/src/Makefile qt4/tests/Makefile qt4/demos/Makefile qt5/Makefile qt5/src/Makefile qt5/tests/Makefile qt5/demos/Makefile cpp/Makefile cpp/poppler-version.h cpp/tests/Makefile poppler.pc poppler-uninstalled.pc poppler-cairo.pc poppler-cairo-uninstalled.pc poppler-splash.pc poppler-splash-uninstalled.pc poppler-glib.pc poppler-glib-uninstalled.pc poppler-qt4.pc poppler-qt4-uninstalled.pc poppler-qt5.pc poppler-qt5-uninstalled.pc poppler-cpp.pc poppler-cpp-uninstalled.pc" @@ -26531,7 +26531,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by poppler $as_me 0.55.0, which was +This file was extended by poppler $as_me 0.56.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -26597,7 +26597,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\""`$]/\\&/g'`" ac_cs_version="\ -poppler config.status 0.55.0 +poppler config.status 0.56.0 configured by $0, generated by GNU Autoconf 2.69, with options \"$ac_cs_config\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/configure.ac new/poppler-0.56.0/configure.ac --- old/poppler-0.55.0/configure.ac 2017-05-21 23:00:53.000000000 +0200 +++ new/poppler-0.56.0/configure.ac 2017-06-21 22:34:43.000000000 +0200 @@ -1,5 +1,5 @@ m4_define([poppler_version_major],[0]) -m4_define([poppler_version_minor],[55]) +m4_define([poppler_version_minor],[56]) m4_define([poppler_version_micro],[0]) m4_define([poppler_version],[poppler_version_major.poppler_version_minor.poppler_version_micro]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/cpp/poppler-version.h new/poppler-0.56.0/cpp/poppler-version.h --- old/poppler-0.55.0/cpp/poppler-version.h 2017-05-21 23:19:54.000000000 +0200 +++ new/poppler-0.56.0/cpp/poppler-version.h 2017-06-21 22:37:02.000000000 +0200 @@ -21,9 +21,9 @@ #include "poppler-global.h" -#define POPPLER_VERSION "0.55.0" +#define POPPLER_VERSION "0.56.0" #define POPPLER_VERSION_MAJOR 0 -#define POPPLER_VERSION_MINOR 55 +#define POPPLER_VERSION_MINOR 56 #define POPPLER_VERSION_MICRO 0 namespace poppler diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/glib/reference/html/index.html new/poppler-0.56.0/glib/reference/html/index.html --- old/poppler-0.55.0/glib/reference/html/index.html 2017-05-21 23:32:45.000000000 +0200 +++ new/poppler-0.56.0/glib/reference/html/index.html 2017-06-21 22:48:30.000000000 +0200 @@ -15,7 +15,7 @@ <div> <div><table class="navigation" id="top" width="100%" cellpadding="2" cellspacing="0"><tr><th valign="middle"><p class="title">Poppler Reference Manual</p></th></tr></table></div> <div><p class="releaseinfo"> - for Poppler 0.55.0 + for Poppler 0.56.0 </p></div> </div> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/glib/reference/html/poppler-Version-and-Features-Information.html new/poppler-0.56.0/glib/reference/html/poppler-Version-and-Features-Information.html --- old/poppler-0.55.0/glib/reference/html/poppler-Version-and-Features-Information.html 2017-05-21 23:32:45.000000000 +0200 +++ new/poppler-0.56.0/glib/reference/html/poppler-Version-and-Features-Information.html 2017-06-21 22:48:30.000000000 +0200 @@ -189,7 +189,7 @@ <hr> <div class="refsect2"> <a name="POPPLER-MINOR-VERSION:CAPS"></a><h3>POPPLER_MINOR_VERSION</h3> -<pre class="programlisting">#define POPPLER_MINOR_VERSION (55) +<pre class="programlisting">#define POPPLER_MINOR_VERSION (56) </pre> <p>The major version number of the poppler header files (e.g. in poppler version 0.1.2 this is 1.)</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/glib/reference/version.xml new/poppler-0.56.0/glib/reference/version.xml --- old/poppler-0.55.0/glib/reference/version.xml 2017-05-21 23:19:54.000000000 +0200 +++ new/poppler-0.56.0/glib/reference/version.xml 2017-06-21 22:37:02.000000000 +0200 @@ -1 +1 @@ -0.55.0 +0.56.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/goo/GooHash.cc new/poppler-0.56.0/goo/GooHash.cc --- old/poppler-0.55.0/goo/GooHash.cc 2014-10-01 22:11:06.000000000 +0200 +++ new/poppler-0.56.0/goo/GooHash.cc 2017-06-21 22:31:19.000000000 +0200 @@ -6,6 +6,20 @@ // //======================================================================== +//======================================================================== +// +// Modified under the Poppler project - http://poppler.freedesktop.org +// +// All changes made under the Poppler project to this file are licensed +// under GPL version 2 or later +// +// Copyright (C) 2017 Albert Astals Cid <aacid@kde.org> +// +// To see a description of the changes please see the Changelog file that +// came with your tarball or type make ChangeLog if you are building from git +// +//======================================================================== + #include <config.h> #ifdef USE_GCC_PRAGMAS @@ -15,6 +29,7 @@ #include "gmem.h" #include "GooString.h" #include "GooHash.h" +#include "GooLikely.h" //------------------------------------------------------------------------ @@ -339,6 +354,9 @@ GooHashBucket *GooHash::find(GooString *key, int *h) { GooHashBucket *p; + if (unlikely(!key)) + return nullptr; + *h = hash(key); for (p = tab[*h]; p; p = p->next) { if (!p->key->cmp(key)) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/Annot.cc new/poppler-0.56.0/poppler/Annot.cc --- old/poppler-0.55.0/poppler/Annot.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/Annot.cc 2017-06-21 22:31:18.000000000 +0200 @@ -5401,7 +5401,7 @@ action = NULL; if (dict->lookup("A", &obj1)->isDict()) { action = LinkAction::parseAction(&obj1, doc->getCatalog()->getBaseURI()); - if (action->getKind() == actionRendition && page == 0) { + if (action && action->getKind() == actionRendition && page == 0) { error (errSyntaxError, -1, "Invalid Rendition action: associated screen annotation without P"); delete action; action = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/Form.cc new/poppler-0.56.0/poppler/Form.cc --- old/poppler-0.55.0/poppler/Form.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/Form.cc 2017-06-21 22:31:09.000000000 +0200 @@ -17,6 +17,7 @@ // Copyright 2012 Fabio D'Urso <fabiodurso@hotmail.it> // Copyright 2015 André Guerreiro <aguerreiro1985@gmail.com> // Copyright 2015 André Esser <bepandre@hotmail.com> +// Copyright 2017 Hans-Ulrich Jüttner <huj@froreich-bioscientia.de> // //======================================================================== @@ -903,11 +904,6 @@ GBool FormFieldButton::setState(char *state) { - if (readOnly) { - error(errInternal, -1, "FormFieldButton::setState called on a readOnly field\n"); - return gFalse; - } - // A check button could behave as a radio button // when it's in a set of more than 1 buttons if (btype != formButtonRadio && btype != formButtonCheck) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/Function.cc new/poppler-0.56.0/poppler/Function.cc --- old/poppler-0.55.0/poppler/Function.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/Function.cc 2017-06-21 22:31:19.000000000 +0200 @@ -13,7 +13,7 @@ // All changes made under the Poppler project to this file are licensed // under GPL version 2 or later // -// Copyright (C) 2006, 2008-2010, 2013-2015 Albert Astals Cid <aacid@kde.org> +// Copyright (C) 2006, 2008-2010, 2013-2015, 2017 Albert Astals Cid <aacid@kde.org> // Copyright (C) 2006 Jeff Muizelaar <jeff@infidigm.net> // Copyright (C) 2010 Christian Feuers�nger <cfeuersaenger@googlemail.com> // Copyright (C) 2011 Andrea Canciani <ranma42@gmail.com> @@ -1623,7 +1623,9 @@ case psOpIdiv: i2 = stack->popInt(); i1 = stack->popInt(); - stack->pushInt(i1 / i2); + if (likely(i2 != 0)) { + stack->pushInt(i1 / i2); + } break; case psOpIndex: stack->index(stack->popInt()); @@ -1659,7 +1661,9 @@ case psOpMod: i2 = stack->popInt(); i1 = stack->popInt(); - stack->pushInt(i1 % i2); + if (likely(i2 != 0)) { + stack->pushInt(i1 % i2); + } break; case psOpMul: if (stack->topTwoAreInts()) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/GfxFont.cc new/poppler-0.56.0/poppler/GfxFont.cc --- old/poppler-0.55.0/poppler/GfxFont.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/GfxFont.cc 2017-06-21 22:31:19.000000000 +0200 @@ -13,7 +13,7 @@ // All changes made under the Poppler project to this file are licensed // under GPL version 2 or later // -// Copyright (C) 2005, 2006, 2008-2010, 2012, 2014, 2015 Albert Astals Cid <aacid@kde.org> +// Copyright (C) 2005, 2006, 2008-2010, 2012, 2014, 2015, 2017 Albert Astals Cid <aacid@kde.org> // Copyright (C) 2005, 2006 Kristian Høgsberg <krh@redhat.com> // Copyright (C) 2006 Takashi Iwai <tiwai@suse.de> // Copyright (C) 2007 Julien Rebetez <julienr@svn.gnome.org> @@ -2371,7 +2371,7 @@ Ref embID; *mapsizep = 0; - if (!ctu) return NULL; + if (!ctu || !getCollection()) return NULL; if (getCollection()->cmp("Adobe-Identity") == 0) return NULL; if (getEmbeddedFontID(&embID)) { /* if this font is embedded font, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/GfxState.cc new/poppler-0.56.0/poppler/GfxState.cc --- old/poppler-0.55.0/poppler/GfxState.cc 2017-05-21 22:36:45.000000000 +0200 +++ new/poppler-0.56.0/poppler/GfxState.cc 2017-06-21 22:31:20.000000000 +0200 @@ -4034,11 +4034,17 @@ void GfxUnivariateShading::getColor(double t, GfxColor *color) { double out[gfxColorMaxComps]; - int i, nComps; + int i; // NB: there can be one function with n outputs or n functions with // one output each (where n = number of color components) - nComps = nFuncs * funcs[0]->getOutputSize(); + const int nComps = nFuncs * funcs[0]->getOutputSize(); + + if (unlikely(nFuncs < 1 || nComps > gfxColorMaxComps)) { + for (int i = 0; i < gfxColorMaxComps; i++) + color->c[i] = 0; + return; + } if (cacheSize > 0) { double x, ix, *l, *u, *upper; @@ -4089,6 +4095,9 @@ cacheBounds = NULL; cacheSize = 0; + if (unlikely(nFuncs < 1)) + return; + // NB: there can be one function with n outputs or n functions with // one output each (where n = number of color components) nComps = nFuncs * funcs[0]->getOutputSize(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/JBIG2Stream.cc new/poppler-0.56.0/poppler/JBIG2Stream.cc --- old/poppler-0.55.0/poppler/JBIG2Stream.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/JBIG2Stream.cc 2017-06-21 22:31:19.000000000 +0200 @@ -15,7 +15,7 @@ // // Copyright (C) 2006 Raj Kumar <rkumar@archive.org> // Copyright (C) 2006 Paul Walmsley <paul@booyaka.com> -// Copyright (C) 2006-2010, 2012, 2014-2016 Albert Astals Cid <aacid@kde.org> +// Copyright (C) 2006-2010, 2012, 2014-2017 Albert Astals Cid <aacid@kde.org> // Copyright (C) 2009 David Benjamin <davidben@mit.edu> // Copyright (C) 2011 Edward Jiang <ejiang@google.com> // Copyright (C) 2012 William Bader <williambader@hotmail.com> @@ -760,6 +760,10 @@ JBIG2Bitmap *slice; Guint xx, yy; + if (!data) { + return nullptr; + } + slice = new JBIG2Bitmap(0, wA, hA); if (slice->isOk()) { slice->clearToZero(); @@ -892,7 +896,7 @@ oneByte = x0 == ((x1 - 1) & ~7); for (yy = y0; yy < y1; ++yy) { - if (unlikely(y + yy) >= h) + if (unlikely((y + yy >= h) || (y + yy < 0))) continue; // one byte per line -- need to mask both left and right side @@ -1304,7 +1308,7 @@ int JBIG2Stream::getChars(int nChars, Guchar *buffer) { int n, i; - if (nChars <= 0) { + if (nChars <= 0 || !dataPtr) { return 0; } if (dataEnd - dataPtr < nChars) { @@ -3827,6 +3831,10 @@ JBIG2BitmapPtr tpgrCXPtr2 = {0}; int x, y, pix; + if (!refBitmap) { + return nullptr; + } + bitmap = new JBIG2Bitmap(0, w, h); if (!bitmap->isOk()) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/Parser.cc new/poppler-0.56.0/poppler/Parser.cc --- old/poppler-0.55.0/poppler/Parser.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/Parser.cc 2017-06-21 22:31:19.000000000 +0200 @@ -13,7 +13,7 @@ // All changes made under the Poppler project to this file are licensed // under GPL version 2 or later // -// Copyright (C) 2006, 2009, 201, 2010, 2013, 2014 Albert Astals Cid <aacid@kde.org> +// Copyright (C) 2006, 2009, 201, 2010, 2013, 2014, 2017 Albert Astals Cid <aacid@kde.org> // Copyright (C) 2006 Krzysztof Kowalczyk <kkowalczyk@gmail.com> // Copyright (C) 2009 Ilya Gorenbein <igorenbein@finjan.com> // Copyright (C) 2012 Hib Eris <hib@hiberis.nl> @@ -87,8 +87,14 @@ inlineImg = 0; } + if (unlikely(recursion >= recursionLimit)) { + obj->free(); + obj->initError(); + return obj; + } + // array - if (!simpleOnly && likely(recursion < recursionLimit) && buf1.isCmd("[")) { + if (!simpleOnly && buf1.isCmd("[")) { shift(); obj->initArray(xref); while (!buf1.isCmd("]") && !buf1.isEOF()) @@ -101,7 +107,7 @@ shift(); // dictionary or stream - } else if (!simpleOnly && likely(recursion < recursionLimit) && buf1.isCmd("<<")) { + } else if (!simpleOnly && buf1.isCmd("<<")) { shift(objNum); obj->initDict(xref); while (!buf1.isCmd(">>") && !buf1.isEOF()) { @@ -119,6 +125,9 @@ break; } obj->dictAdd(key, getObj(&obj2, gFalse, fileKey, encAlgorithm, keyLength, objNum, objGen, recursion + 1)); + if (unlikely(obj2.isError() && recursion + 1 >= recursionLimit)) { + break; + } } } if (buf1.isEOF()) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/SplashOutputDev.cc new/poppler-0.56.0/poppler/SplashOutputDev.cc --- old/poppler-0.55.0/poppler/SplashOutputDev.cc 2017-05-16 23:54:47.000000000 +0200 +++ new/poppler-0.56.0/poppler/SplashOutputDev.cc 2017-06-21 22:31:18.000000000 +0200 @@ -37,6 +37,7 @@ // Copyright (C) 2015 Tamas Szekeres <szekerest@gmail.com> // Copyright (C) 2015 Kenji Uno <ku@digitaldolphins.jp> // Copyright (C) 2016 Takahiro Hashimoto <kenya888.en@gmail.com> +// Copyright (C) 2017 Even Rouault <even.rouault@spatialys.com> // // To see a description of the changes please see the Changelog file that // came with your tarball or type make ChangeLog if you are building from git @@ -2725,7 +2726,7 @@ int i, j; // ignore multiple d0/d1 operators - if (t3GlyphStack->haveDx) { + if (!t3GlyphStack || t3GlyphStack->haveDx) { return; } t3GlyphStack->haveDx = gTrue; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/poppler/Stream.cc new/poppler-0.56.0/poppler/Stream.cc --- old/poppler-0.55.0/poppler/Stream.cc 2017-05-21 18:17:43.000000000 +0200 +++ new/poppler-0.56.0/poppler/Stream.cc 2017-06-21 22:31:20.000000000 +0200 @@ -32,6 +32,7 @@ // Copyright (C) 2013 Pino Toscano <pino@kde.org> // Copyright (C) 2015 Suzuki Toshiya <mpsuzuki@hiroshima-u.ac.jp> // Copyright (C) 2015 Jason Crain <jason@aquaticape.us> +// Copyright (C) 2017 Jose Aliste <jaliste@src.gnome.org> // // To see a description of the changes please see the Changelog file that // came with your tarball or type make ChangeLog if you are building from git @@ -468,7 +469,7 @@ nVals = width * nComps; inputLineSize = (nVals * nBits + 7) >> 3; - if (nBits <= 0 || nVals > INT_MAX / nBits - 7 || width > INT_MAX / nComps) { + if (nComps <= 0 || nBits <= 0 || nVals > INT_MAX / nBits - 7 || width > INT_MAX / nComps) { inputLineSize = -1; } inputLine = (Guchar *)gmallocn_checkoverflow(inputLineSize, sizeof(char)); @@ -3585,6 +3586,12 @@ height = read16(); width = read16(); numComps = str->getChar(); + + if (numComps <= 0 || numComps > 4) { + error(errSyntaxError, getPos(), "Bad number of components in DCT stream"); + numComps = 0; + return gFalse; + } if (prec != 8) { error(errSyntaxError, getPos(), "Bad DCT precision {0:d}", prec); return gFalse; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/utils/HtmlFonts.cc new/poppler-0.56.0/utils/HtmlFonts.cc --- old/poppler-0.55.0/utils/HtmlFonts.cc 2014-02-09 16:10:35.000000000 +0100 +++ new/poppler-0.56.0/utils/HtmlFonts.cc 2017-06-21 22:31:18.000000000 +0200 @@ -156,6 +156,7 @@ pos = font_num; if (!DefaultFont) DefaultFont=new GooString(fonts[font_num].name); + rotSkewMat[0] = rotSkewMat[1] = rotSkewMat[2] = rotSkewMat[3] = 0; } HtmlFont::HtmlFont(const HtmlFont& x){ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/utils/HtmlFonts.h new/poppler-0.56.0/utils/HtmlFonts.h --- old/poppler-0.55.0/utils/HtmlFonts.h 2015-11-15 22:05:22.000000000 +0100 +++ new/poppler-0.56.0/utils/HtmlFonts.h 2017-06-21 22:31:18.000000000 +0200 @@ -18,7 +18,7 @@ // under GPL version 2 or later // // Copyright (C) 2010 OSSD CDAC Mumbai by Leena Chourey (leenac@cdacmumbai.in) and Onkar Potdar (onkar@cdacmumbai.in) -// Copyright (C) 2010, 2012 Albert Astals Cid <aacid@kde.org> +// Copyright (C) 2010, 2012, 2017 Albert Astals Cid <aacid@kde.org> // Copyright (C) 2011 Steven Murdoch <Steven.Murdoch@cl.cam.ac.uk> // Copyright (C) 2011 Joshua Richardson <jric@chegg.com> // Copyright (C) 2012 Igor Slepchin <igor.slepchin@gmail.com> @@ -72,7 +72,6 @@ double rotSkewMat[4]; // only four values needed for rotation and skew public: - HtmlFont(){FontName=NULL; rotOrSkewed = gFalse;} HtmlFont(GfxFont *font,int _size, GfxRGB rgb); HtmlFont(const HtmlFont& x); HtmlFont& operator=(const HtmlFont& x); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poppler-0.55.0/utils/pdfunite.cc new/poppler-0.56.0/utils/pdfunite.cc --- old/poppler-0.55.0/utils/pdfunite.cc 2017-05-16 23:54:48.000000000 +0200 +++ new/poppler-0.56.0/utils/pdfunite.cc 2017-06-17 18:35:25.000000000 +0200 @@ -7,7 +7,7 @@ // Copyright (C) 2011-2015, 2017 Thomas Freitag <Thomas.Freitag@alfa.de> // Copyright (C) 2012 Arseny Solokha <asolokha@gmx.com> // Copyright (C) 2012 Fabio D'Urso <fabiodurso@hotmail.it> -// Copyright (C) 2012, 2014 Albert Astals Cid <aacid@kde.org> +// Copyright (C) 2012, 2014, 2017 Albert Astals Cid <aacid@kde.org> // Copyright (C) 2013 Adrian Johnson <ajohnson@redneon.com> // Copyright (C) 2013 Hib Eris <hib@hiberis.nl> // Copyright (C) 2015 Arthur Stavisky <vovodroid@gmail.com> @@ -268,15 +268,15 @@ catDict->lookup("OutputIntents", &intents); catDict->lookupNF("AcroForm", &afObj); Ref *refPage = docs[0]->getCatalog()->getPageRef(1); - if (!afObj.isNull()) { + if (!afObj.isNull() && refPage) { docs[0]->markAcroForm(&afObj, yRef, countRef, 0, refPage->num, refPage->num); } catDict->lookupNF("OCProperties", &ocObj); - if (!ocObj.isNull() && ocObj.isDict()) { + if (!ocObj.isNull() && ocObj.isDict() && refPage) { docs[0]->markPageObjects(ocObj.getDict(), yRef, countRef, 0, refPage->num, refPage->num); } catDict->lookup("Names", &names); - if (!names.isNull() && names.isDict()) { + if (!names.isNull() && names.isDict() && refPage) { docs[0]->markPageObjects(names.getDict(), yRef, countRef, 0, refPage->num, refPage->num); } if (intents.isArray() && intents.arrayGetLength() > 0) { @@ -353,6 +353,10 @@ for (i = 0; i < (int) docs.size(); i++) { for (j = 1; j <= docs[i]->getNumPages(); j++) { + if (!docs[i]->getCatalog()->getPage(j)) { + continue; + } + PDFRectangle *cropBox = NULL; if (docs[i]->getCatalog()->getPage(j)->isCropped()) cropBox = docs[i]->getCatalog()->getPage(j)->getCropBox();
participants (1)
-
root@hilbert.suse.de