download.lst | 10 - external/libxml2/ExternalPackage_libxml2.mk | 2 external/libxml2/UnpackedTarball_libxml2.mk | 3 external/libxml2/libxml2-android.patch | 6 - external/libxml2/libxml2-config.patch.1 | 43 -------- external/libxml2/xml2-config.in | 28 +++++ external/poppler/StaticLibrary_poppler.mk | 5 external/poppler/UnpackedTarball_poppler.mk | 2 external/poppler/disable-freetype.patch.1 | 41 ++++++++ external/poppler/gcc7-EntityInfo.patch.1 | 48 +++++++++ external/poppler/poppler-c++11.patch.1 | 13 ++ external/poppler/poppler-config.patch.1 | 27 ++--- external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch | 29 +++++ external/zlib/UnpackedTarball_zlib.mk | 7 + external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch | 32 ++++++ sc/source/core/tool/interpr7.cxx | 3 sdext/Executable_xpdfimport.mk | 4 sdext/source/pdfimport/wrapper/wrapper.cxx | 52 ---------- sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx | 56 +++++++++-- sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx | 10 + test/source/xmltesttools.cxx | 2 unoxml/source/xpath/xpathobject.cxx | 2 22 files changed, 293 insertions(+), 132 deletions(-)
New commits: commit bd0765972823f8c53e05d71b4412f9aec798a75d Author: Michael Stahl <[email protected]> AuthorDate: Wed Sep 14 15:54:49 2022 +0200 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:37:44 2022 +0200 poppler: upgrade to release 22.09.0 Fixes CVE-2022-38784 Add external/poppler/disable-freetype.patch.1 to get rid of some new code that unconditionally requires freetype, to avoid building that on WNT/MACOSX. Change-Id: I854d1865286b6fb4112cdf37898cda0203c52f2e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139941 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 8fce9a0a41b1bbebd325fc9d98a79d8decd3950c) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139967 Reviewed-by: Thorsten Behrens <[email protected]> Reviewed-by: Noel Grandin <[email protected]> (cherry picked from commit bdbb450ed0ded86fb50d6b19a2cce0f11ca74b07) diff --git a/download.lst b/download.lst index d8fec3032f0d..0110ebcc6a90 100644 --- a/download.lst +++ b/download.lst @@ -204,8 +204,8 @@ export PIXMAN_SHA256SUM := 21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3 export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz export LIBPNG_SHA256SUM := 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca export LIBPNG_TARBALL := libpng-1.6.37.tar.xz -export POPPLER_SHA256SUM := 7d3493056b5b86413e5c693c2cae02c5c06cd8e618d14c2c31e2c84b67b2313e -export POPPLER_TARBALL := poppler-22.01.0.tar.xz +export POPPLER_SHA256SUM := d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e +export POPPLER_TARBALL := poppler-22.09.0.tar.xz export POSTGRESQL_SHA256SUM := 9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3 export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2 export PYTHON_SHA256SUM := c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049 diff --git a/external/poppler/UnpackedTarball_poppler.mk b/external/poppler/UnpackedTarball_poppler.mk index 0f29d38e097c..c08daa992060 100644 --- a/external/poppler/UnpackedTarball_poppler.mk +++ b/external/poppler/UnpackedTarball_poppler.mk @@ -16,6 +16,8 @@ $(eval $(call gb_UnpackedTarball_add_patches,poppler,\ external/poppler/poppler-c++11.patch.1 \ external/poppler/0001-Partially-revert-814fbda28cc8a37fed3134c2db8da28f86f.patch.1 \ external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1 \ + external/poppler/disable-freetype.patch.1 \ + external/poppler/gcc7-EntityInfo.patch.1 \ )) # std::make_unique is only available in C++14 diff --git a/external/poppler/disable-freetype.patch.1 b/external/poppler/disable-freetype.patch.1 new file mode 100644 index 000000000000..d59006eba979 --- /dev/null +++ b/external/poppler/disable-freetype.patch.1 @@ -0,0 +1,41 @@ +disable freetype dependent code + +--- poppler/poppler/Form.cc.orig 2022-09-14 15:46:48.588316681 +0200 ++++ poppler/poppler/Form.cc 2022-09-14 15:48:01.468274551 +0200 +@@ -46,7 +46,7 @@ + #include <cstdlib> + #include <cstring> + #include <cctype> +-#include "goo/ft_utils.h" ++//#include "goo/ft_utils.h" + #include "goo/gmem.h" + #include "goo/gfile.h" + #include "goo/GooString.h" +@@ -77,8 +77,8 @@ + #include "fofi/FoFiTrueType.h" + #include "fofi/FoFiIdentifier.h" + +-#include <ft2build.h> +-#include FT_FREETYPE_H ++//#include <ft2build.h> ++//#include FT_FREETYPE_H + + // return a newly allocated char* containing an UTF16BE string of size length + char *pdfDocEncodingToUTF16(const std::string &orig, int *length) +@@ -2730,6 +2730,8 @@ + + Form::AddFontResult Form::addFontToDefaultResources(const std::string &filepath, int faceIndex, const std::string &fontFamily, const std::string &fontStyle) + { ++ return {}; ++#if 0 + if (!GooString::endsWith(filepath, ".ttf") && !GooString::endsWith(filepath, ".ttc") && !GooString::endsWith(filepath, ".otf")) { + error(errIO, -1, "We only support embedding ttf/ttc/otf fonts for now. The font file for {0:s} {1:s} was {2:s}", fontFamily.c_str(), fontStyle.c_str(), filepath.c_str()); + return {}; +@@ -2939,6 +2941,7 @@ + } + + return { dictFontName, fontDictRef }; ++#endif + } + + std::string Form::getFallbackFontForChar(Unicode uChar, const GfxFont &fontToEmulate) const diff --git a/external/poppler/gcc7-EntityInfo.patch.1 b/external/poppler/gcc7-EntityInfo.patch.1 new file mode 100644 index 000000000000..b450bff93af9 --- /dev/null +++ b/external/poppler/gcc7-EntityInfo.patch.1 @@ -0,0 +1,48 @@ +gcc 7.3.1 says: + +workdir/UnpackedTarball/poppler/poppler/CertificateInfo.cc:42:34: error: function ‘X509CertificateInfo::EntityInfo& X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ + +--- poppler/poppler/CertificateInfo.h.orig 2022-09-14 19:32:12.426351385 +0200 ++++ poppler/poppler/CertificateInfo.h 2022-09-14 19:32:18.947347812 +0200 +@@ -70,7 +70,7 @@ + ~EntityInfo(); + + EntityInfo(EntityInfo &&) noexcept; +- EntityInfo &operator=(EntityInfo &&) noexcept; ++ EntityInfo &operator=(EntityInfo &&) /*noexcept*/; + + EntityInfo(const EntityInfo &) = delete; + EntityInfo &operator=(const EntityInfo &) = delete; +--- poppler/poppler/CertificateInfo.cc.orig 2022-09-14 19:31:10.225385467 +0200 ++++ poppler/poppler/CertificateInfo.cc 2022-09-14 19:31:12.572384182 +0200 +@@ -39,7 +39,7 @@ + + X509CertificateInfo::EntityInfo::EntityInfo(X509CertificateInfo::EntityInfo &&other) noexcept = default; + +-X509CertificateInfo::EntityInfo &X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo &&other) noexcept = default; ++X509CertificateInfo::EntityInfo &X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo &&other) /*noexcept*/ = default; + + X509CertificateInfo::X509CertificateInfo() : ku_extensions(KU_NONE), cert_version(-1), is_self_signed(false) { } + +--- poppler/poppler/GfxFont.cc.orig 2022-09-14 20:24:32.569607333 +0200 ++++ poppler/poppler/GfxFont.cc 2022-09-14 20:24:52.323596186 +0200 +@@ -180,7 +180,7 @@ + + GfxFontLoc::GfxFontLoc(GfxFontLoc &&other) noexcept = default; + +-GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) noexcept = default; ++GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) /*noexcept*/ = default; + + void GfxFontLoc::setPath(GooString *pathA) + { +--- poppler/poppler/GfxFont.h.orig 2022-09-14 20:24:30.784608340 +0200 ++++ poppler/poppler/GfxFont.h 2022-09-14 20:25:08.850586861 +0200 +@@ -124,7 +124,7 @@ + GfxFontLoc(const GfxFontLoc &) = delete; + GfxFontLoc(GfxFontLoc &&) noexcept; + GfxFontLoc &operator=(const GfxFontLoc &) = delete; +- GfxFontLoc &operator=(GfxFontLoc &&other) noexcept; ++ GfxFontLoc &operator=(GfxFontLoc &&other) /*noexcept*/; + + // Set the 'path' string from a GooString on the heap. + // Ownership of the object is taken. diff --git a/external/poppler/poppler-c++11.patch.1 b/external/poppler/poppler-c++11.patch.1 index 9e607b381de0..05b47bc91299 100644 --- a/external/poppler/poppler-c++11.patch.1 +++ b/external/poppler/poppler-c++11.patch.1 @@ -18,7 +18,7 @@ remove usage of newfangled C++ that baseline toolchains don't support - const std::string modeStr = mode + "e"s; + const std::string modeStr = mode + std::string("e"); FILE *file = fopen(path, modeStr.c_str()); - if (file != nullptr) + if (file != nullptr) { return file; --- poppler/goo/gmem.h.orig 2019-01-16 11:25:28.161920038 +0100 +++ poppler/goo/gmem.h 2019-01-16 11:25:53.756882295 +0100 @@ -29,3 +29,14 @@ remove usage of newfangled C++ that baseline toolchains don't support +#include <o3tl/make_unique.hxx> + #endif // GMEM_H +--- poppler/goo/gfile.cc.orig2 2022-09-15 12:33:24.163562177 +0200 ++++ poppler/goo/gfile.cc 2022-09-15 12:33:49.501547336 +0200 +@@ -50,6 +50,8 @@ + #include "gfile.h" + #include "gdir.h" + ++#include <o3tl/make_unique.hxx> ++ + // Some systems don't define this, so just make it something reasonably + // large. + #ifndef PATH_MAX diff --git a/external/poppler/poppler-config.patch.1 b/external/poppler/poppler-config.patch.1 index 2a24d4510197..455a88e2afc4 100644 --- a/external/poppler/poppler-config.patch.1 +++ b/external/poppler/poppler-config.patch.1 @@ -16,7 +16,7 @@ new file mode 100644 index 0fbd336a..451213f8 100644 --- /dev/null +++ b/config.h -@@ -0,0 +1,223 @@ +@@ -0,0 +1,220 @@ +/* config.h. Generated from config.h.cmake by cmake. */ + +/* Build against libcurl. */ @@ -105,9 +105,6 @@ index 0fbd336a..451213f8 100644 +#define HAVE_TIMEGM 1 +#endif + -+/* Define if you have the iconv() function and it works. */ -+/* #undef HAVE_ICONV */ -+ +/* Define to 1 if you have the `z' library (-lz). */ +/* #undef HAVE_LIBZ */ + @@ -176,7 +173,7 @@ index 0fbd336a..451213f8 100644 +#define PACKAGE_NAME "poppler" + +/* Define to the full name and version of this package. */ -+#define PACKAGE_STRING "poppler 21.11.0" ++#define PACKAGE_STRING "poppler 22.09.0" + +/* Define to the one symbol short name of this package. */ +#define PACKAGE_TARNAME "poppler" @@ -185,7 +182,7 @@ index 0fbd336a..451213f8 100644 +#define PACKAGE_URL "" + +/* Define to the version of this package. */ -+#define PACKAGE_VERSION "21.11.0" ++#define PACKAGE_VERSION "22.09.0" + +/* Poppler data dir */ +#define POPPLER_DATADIR "/usr/local/share/poppler" @@ -203,7 +200,7 @@ index 0fbd336a..451213f8 100644 +/* #undef USE_FLOAT */ + +/* Version number of package */ -+#define VERSION "21.11.0" ++#define VERSION "22.09.0" + +#if defined(__APPLE__) +#elif defined (_WIN32) @@ -229,7 +226,7 @@ index 0fbd336a..451213f8 100644 +#define popen _popen +#define pclose _pclose +#define strncasecmp _strnicmp -+// error C4005: "strcasecmp": macro redefinition #define strcasecmp _stricmp ++#define strcasecmp _stricmp +#endif + +/* Number of bits in a file offset, on hosts where this is settable. */ @@ -250,7 +247,7 @@ index 0fbd336a..451213f8 100644 +// +// poppler-config.h +// -+// Copyright 1996-2011 Glyph & Cog, LLC ++// Copyright 1996-2011, 2022 Glyph & Cog, LLC +// +//======================================================================== + @@ -284,7 +281,7 @@ index 0fbd336a..451213f8 100644 + +/* Defines the poppler version. */ +#ifndef POPPLER_VERSION -+#define POPPLER_VERSION "21.11.0" ++#define POPPLER_VERSION "22.09.0" +#endif + +/* Use single precision arithmetic in the Splash backend */ @@ -376,8 +373,8 @@ index 0fbd336a..451213f8 100644 +//------------------------------------------------------------------------ + +// copyright notice -+#define popplerCopyright "Copyright 2005-2021 The Poppler Developers - http://poppler.freedesktop.org"; -+#define xpdfCopyright "Copyright 1996-2011 Glyph & Cog, LLC" ++#define popplerCopyright "Copyright 2005-2022 The Poppler Developers - http://poppler.freedesktop.org"; ++#define xpdfCopyright "Copyright 1996-2011, 2022 Glyph & Cog, LLC" + +//------------------------------------------------------------------------ +// Win32 stuff @@ -436,9 +433,9 @@ index 0fbd336a..451213f8 100644 + +#include "poppler-global.h" + -+#define POPPLER_VERSION "21.11.0" -+#define POPPLER_VERSION_MAJOR 21 -+#define POPPLER_VERSION_MINOR 11 ++#define POPPLER_VERSION "22.09.0" ++#define POPPLER_VERSION_MAJOR 22 ++#define POPPLER_VERSION_MINOR 9 +#define POPPLER_VERSION_MICRO 0 + +namespace poppler diff --git a/sdext/Executable_xpdfimport.mk b/sdext/Executable_xpdfimport.mk index dde84963a1fb..fd07f7b43956 100644 --- a/sdext/Executable_xpdfimport.mk +++ b/sdext/Executable_xpdfimport.mk @@ -22,4 +22,8 @@ $(eval $(call gb_Executable_add_exception_objects,xpdfimport,\ sdext/source/pdfimport/xpdfwrapper/wrapper_gpl \ )) +$(eval $(call gb_Executable_use_system_win32_libs,xpdfimport,\ + shell32 \ +)) + # vim:set noet sw=4 ts=4: commit a409a18bd2ba7e6027f49e40a90f65a428b5934c Author: Caolán McNamara <[email protected]> AuthorDate: Thu Jan 13 19:41:59 2022 +0000 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:12:51 2022 +0200 upgrade poppler to 22.01.0 and popppler-data to 0.4.11 Change-Id: Ibd8c28f36408a670b5853f1b266c6b8c36916a61 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128398 Tested-by: Jenkins Reviewed-by: Caolán McNamara <[email protected]> (cherry picked from commit 9dbfda4cea569459e42203771754b902c1a09759) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139966 Reviewed-by: Michael Stahl <[email protected]> Tested-by: Noel Grandin <[email protected]> Reviewed-by: Noel Grandin <[email protected]> (cherry picked from commit 486a1004982b4072b488e8c42a7e09afd8043c2e) diff --git a/download.lst b/download.lst index 2b3d746ff397..d8fec3032f0d 100644 --- a/download.lst +++ b/download.lst @@ -204,8 +204,8 @@ export PIXMAN_SHA256SUM := 21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3 export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz export LIBPNG_SHA256SUM := 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca export LIBPNG_TARBALL := libpng-1.6.37.tar.xz -export POPPLER_SHA256SUM := 31b76b5cac0a48612fdd154c02d9eca01fd38fb8eaa77c1196840ecdeb53a584 -export POPPLER_TARBALL := poppler-21.11.0.tar.xz +export POPPLER_SHA256SUM := 7d3493056b5b86413e5c693c2cae02c5c06cd8e618d14c2c31e2c84b67b2313e +export POPPLER_TARBALL := poppler-22.01.0.tar.xz export POSTGRESQL_SHA256SUM := 9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3 export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2 export PYTHON_SHA256SUM := c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049 diff --git a/external/poppler/StaticLibrary_poppler.mk b/external/poppler/StaticLibrary_poppler.mk index aab71eac9a6a..7eb541650373 100644 --- a/external/poppler/StaticLibrary_poppler.mk +++ b/external/poppler/StaticLibrary_poppler.mk @@ -100,6 +100,8 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/poppler/Decrypt \ UnpackedTarball/poppler/poppler/Dict \ UnpackedTarball/poppler/poppler/Error \ + UnpackedTarball/poppler/poppler/FDPDFDocBuilder \ + UnpackedTarball/poppler/poppler/FILECacheLoader \ UnpackedTarball/poppler/poppler/FileSpec \ UnpackedTarball/poppler/poppler/FontEncodingTables \ UnpackedTarball/poppler/poppler/Form \ @@ -110,6 +112,7 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/poppler/GfxState \ UnpackedTarball/poppler/poppler/GlobalParams \ UnpackedTarball/poppler/poppler/Hints \ + UnpackedTarball/poppler/poppler/ImageEmbeddingUtils \ UnpackedTarball/poppler/poppler/JArithmeticDecoder \ UnpackedTarball/poppler/poppler/JBIG2Stream \ UnpackedTarball/poppler/poppler/JSInfo \ @@ -146,8 +149,6 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/poppler/TextOutputDev \ UnpackedTarball/poppler/poppler/PageLabelInfo \ UnpackedTarball/poppler/poppler/SecurityHandler \ - UnpackedTarball/poppler/poppler/StdinCachedFile \ - UnpackedTarball/poppler/poppler/StdinPDFDocBuilder \ UnpackedTarball/poppler/poppler/Sound \ UnpackedTarball/poppler/poppler/ViewerPreferences \ UnpackedTarball/poppler/poppler/Movie \ commit 787c7b94ddf4144d2158f256b6d29bf69668b20a Author: Kevin Suo <[email protected]> AuthorDate: Sat Jul 10 11:47:39 2021 +0800 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:12:51 2022 +0200 tdf#78427 sdext.pdfimport: No need to read a font file for the purpose of... ...determining the bold/italic/underline etc. The purpose for reading a font file is that in case the font attributes determined by the xpdfimport process is not enough, then we use the lo core font classes which read in the font file and then determine whether it is bold, italic etc. However, while this works in some cases, it does not work in many cases when the font file was actually a subset and a toUnicode map is followed in the PDF, see tdf#78427. In addition, in case the information collected from the xpdfimport process is enough, there is no need to read the font file. This commit removes the read of font file part. Also, this commit uses gfxFont->getNameWithoutSubsetTag() to get the font name with the subset tags removed, thus simplified the code in wrapper.cxx while also improves performace as the remove of subset tags is only run when the font is a subset (the previous code did this for all the font names). Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118733 Reviewed-by: Noel Grandin <[email protected]> Tested-by: Jenkins (cherry picked from commit da59686672fd2bc98f8cb28d5f04dc978b50ac13) restore compatibility with older popplers with poppler 20.09: /home/rene/LibreOffice/git/libreoffice-7-2/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx: In member function 'int pdfi::PDFOutDev::parseFont(long long int, GfxFont*, GfxState*) const': /home/rene/LibreOffice/git/libreoffice-7-2/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx:438:39: error: 'class GfxFont' has no member named 'getNameWithoutSubsetTag' https://www.google.com/search?q=getNameWithoutSubsetTag&oq=getNameWithoutSubsetTag&aqs=chrome..69i57.784j0j7&sourceid=chrome&ie=UTF-8 suggests it was added in 20.12 Change-Id: I4eacd2d740cb689ff9b3c6cab59376e01b1ba162 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118977 Tested-by: René Engelhard <[email protected]> Tested-by: Jenkins Reviewed-by: Noel Grandin <[email protected]> (cherry picked from commit 07087041610ca8351d764c838ae07fa58f3bdf9e) diff --git a/sdext/source/pdfimport/wrapper/wrapper.cxx b/sdext/source/pdfimport/wrapper/wrapper.cxx index 7d3d68901e37..2d4ad4cd5763 100644 --- a/sdext/source/pdfimport/wrapper/wrapper.cxx +++ b/sdext/source/pdfimport/wrapper/wrapper.cxx @@ -494,12 +494,6 @@ void Parser::parseFontFamilyName( FontAttributes& rResult ) const sal_Unicode* pCopy = rResult.familyName.getStr(); sal_Int32 nLen = rResult.familyName.getLength(); - // parse out truetype subsets (e.g. BAAAAA+Thorndale) - if( nLen > 8 && pCopy[6] == '+' ) - { - pCopy += 7; - nLen -= 7; - } // TODO: Looks like this block needs to be refactored while( nLen ) @@ -621,52 +615,6 @@ void Parser::readFont() // extract textual attributes (bold, italic in the name, etc.) parseFontFamilyName(aResult); - // need to read font file? - if( nFileLen ) - { - uno::Sequence<sal_Int8> aFontFile(nFileLen); - readBinaryData( aFontFile ); - - awt::FontDescriptor aFD; - uno::Sequence< uno::Any > aArgs(1); - aArgs[0] <<= aFontFile; - - try - { - uno::Reference< beans::XMaterialHolder > xMat( - m_xContext->getServiceManager()->createInstanceWithArgumentsAndContext( - "com.sun.star.awt.FontIdentificator", aArgs, m_xContext ), - uno::UNO_QUERY ); - if( xMat.is() ) - { - uno::Any aRes( xMat->getMaterial() ); - if( aRes >>= aFD ) - { - if (!aFD.Name.isEmpty()) - { - aResult.familyName = aFD.Name; - parseFontFamilyName(aResult); - } - aResult.isBold = (aFD.Weight > 100.0); - aResult.isItalic = (aFD.Slant == awt::FontSlant_OBLIQUE || - aFD.Slant == awt::FontSlant_ITALIC ); - aResult.isUnderline = false; - aResult.size = 0; - } - } - } - catch( uno::Exception& ) - { - } - - if( aResult.familyName.isEmpty() ) - { - // last fallback - aResult.familyName = "Arial"; - aResult.isUnderline = false; - } - - } if (!m_xDev) m_xDev.disposeAndReset(VclPtr<VirtualDevice>::Create()); diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx index 561fca3c64a3..a763ea7e54d1 100644 --- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx +++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx @@ -432,14 +432,19 @@ int PDFOutDev::parseFont( long long nNewId, GfxFont* gfxFont, GfxState* state ) FontAttributes aNewFont; int nSize = 0; -#if POPPLER_CHECK_VERSION(0, 64, 0) - const +#if POPPLER_CHECK_VERSION(20, 12, 0) + std::string familyName = gfxFont->getNameWithoutSubsetTag(); +#else + std::string familyName = gfxFont->getName()->toStr(); + if (familyName.length() > 7 && familyName.at(6) == '+') + { + familyName = familyName.substr(7); + } #endif - GooString* pFamily = gfxFont->getName(); - if( pFamily ) + if( familyName != "" ) { aNewFont.familyName.clear(); - aNewFont.familyName.append( gfxFont->getName() ); + aNewFont.familyName.append( familyName ); } else { @@ -823,8 +828,6 @@ void PDFOutDev::updateFont(GfxState *state) } printf( "\n" ); - if( nEmbedSize ) - writeFontFile(gfxFont); } } commit 74cd48b887716c91af7f2f08ddd6f6ab493e78ac Author: Sam James <[email protected]> AuthorDate: Fri Sep 2 04:31:18 2022 +0100 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:12:51 2022 +0200 Fix build with Poppler 22.09.0 With Poppler 22.09.0, LO fails to build with: ``` /var/tmp/portage/app-office/libreoffice-7.3.5.2/work/libreoffice-7.3.5.2/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx:682:36: error: too many arguments to function call, expected single argument 'start', have 3 arguments state->getLineDash(&dashArray, &arrayLen, &startOffset); ~~~~~~~~~~~~~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~ /usr/include/poppler/GfxState.h:1506:32: note: 'getLineDash' declared here const std::vector<double> &getLineDash(double *start) ^ 1 error generated. ``` Poppler changed the getLineDash interface: ``` - void getLineDash(double **dash, int *length, double *start) + const std::vector<double> &getLineDash(double *start) ``` Signed-off-by: Sam James <[email protected]> Change-Id: I29e18f20d7650a7fcac1bc8ab4aaa04aaa2ab8fb Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139249 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit b7d63694985bbb1cf86eb71769feadb28ce68c17) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139835 (cherry picked from commit 89d2ecd6bc71fc6e581cff595b18ae67a13d8b11) diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx index e423e70d0e1d..561fca3c64a3 100644 --- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx +++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx @@ -661,8 +661,15 @@ void PDFOutDev::updateLineDash(GfxState *state) return; assert(state); - double* dashArray; int arrayLen; double startOffset; + int arrayLen; double startOffset; +#if POPPLER_CHECK_VERSION(22, 9, 0) + const std::vector<double> &dash = state->getLineDash(&startOffset); + const double* dashArray = dash.data(); + arrayLen = dash.size(); +#else + double* dashArray; state->getLineDash(&dashArray, &arrayLen, &startOffset); +#endif printf( "updateLineDash" ); if( arrayLen && dashArray ) commit c864024380f72197d2fcb875b5783af6b4b6021d Author: Nathan Pratta Teodosio <[email protected]> AuthorDate: Tue Jun 21 08:47:14 2022 -0300 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:12:50 2022 +0200 Update for Poppler 22.06 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136261 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 0d0469b4302dfe95b016a6f04b145834b79d5ed3) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136319 Reviewed-by: Adolfo Jayme Barrientos <[email protected]> (cherry picked from commit 56c7e666ebf47d6cdf29adf85fc5de56246be86d) Follow-up for Poppler 22.06 update Change-Id: I8ee9f1a53cc4389e6a4d44e9765b478b5edfffd4 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136342 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit ad1ffc62e40c2409b610dfff25a8483b1f2556ad) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136382 Reviewed-by: Adolfo Jayme Barrientos <[email protected]> (cherry picked from commit 71fb0151f985924af60c383331b214a5a27790a5) diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx index 83c734c9bf6f..e423e70d0e1d 100644 --- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx +++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx @@ -456,12 +456,21 @@ int PDFOutDev::parseFont( long long nNewId, GfxFont* gfxFont, GfxState* state ) { // TODO(P3): Unfortunately, need to read stream twice, since // we must write byte count to stdout before +#if POPPLER_CHECK_VERSION(22, 6, 0) + std::optional<std::vector<unsigned char>> pBuf = gfxFont->readEmbFontFile( m_pDoc->getXRef() ); + if ( pBuf ) + { + aNewFont.isEmbedded = true; + nSize = pBuf->size(); + } +#else char* pBuf = gfxFont->readEmbFontFile( m_pDoc->getXRef(), &nSize ); if( pBuf ) { aNewFont.isEmbedded = true; gfree(pBuf); } +#endif } m_aFontMap[ nNewId ] = aNewFont; @@ -474,13 +483,29 @@ void PDFOutDev::writeFontFile( GfxFont* gfxFont ) const return; int nSize = 0; +#if POPPLER_CHECK_VERSION(22, 6, 0) + std::optional<std::vector<unsigned char>> pBuf = gfxFont->readEmbFontFile( m_pDoc->getXRef() ); + if ( pBuf ) + nSize = pBuf->size(); + if ( nSize == 0 ) + return; +#else char* pBuf = gfxFont->readEmbFontFile( m_pDoc->getXRef(), &nSize ); if( !pBuf ) return; +#endif // ---sync point--- see SYNC STREAMS above fflush(stdout); +#if POPPLER_CHECK_VERSION(22, 6, 0) + if( fwrite(pBuf->data(), sizeof(*pBuf->data()), nSize, g_binary_out) != static_cast<size_t>(nSize) ) + { + exit(1); // error + } + // ---sync point--- see SYNC STREAMS above + fflush(g_binary_out); +#else if( fwrite(pBuf, sizeof(char), nSize, g_binary_out) != static_cast<size_t>(nSize) ) { gfree(pBuf); @@ -489,6 +514,7 @@ void PDFOutDev::writeFontFile( GfxFont* gfxFont ) const // ---sync point--- see SYNC STREAMS above fflush(g_binary_out); gfree(pBuf); +#endif } #if POPPLER_CHECK_VERSION(0, 83, 0) @@ -742,7 +768,11 @@ void PDFOutDev::updateFont(GfxState *state) { assert(state); +#if POPPLER_CHECK_VERSION(22, 6, 0) + GfxFont *gfxFont = state->getFont().get(); +#else GfxFont *gfxFont = state->getFont(); +#endif if( gfxFont ) { FontAttributes aFont; diff --git a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx index 48d6160a8c10..fd7ba9c332ea 100644 --- a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx +++ b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx @@ -119,6 +119,15 @@ int main(int argc, char **argv) _setmode( _fileno( g_binary_out ), _O_BINARY ); #endif +#if POPPLER_CHECK_VERSION(22, 6, 0) + PDFDoc aDoc( std::make_unique<GooString>(pFileName), + std::optional<GooString>(pOwnerPasswordStr), + std::optional<GooString>(pUserPasswordStr) ); + + PDFDoc aErrDoc( std::make_unique<GooString>(pErrFileName), + std::optional<GooString>(pOwnerPasswordStr), + std::optional<GooString>(pUserPasswordStr) ); +#else PDFDoc aDoc( pFileName, pOwnerPasswordStr, pUserPasswordStr ); @@ -126,6 +135,7 @@ int main(int argc, char **argv) PDFDoc aErrDoc( pErrFileName, pOwnerPasswordStr, pUserPasswordStr ); +#endif // Check various permissions for aDoc. PDFDoc &rDoc = aDoc.isOk()? aDoc: aErrDoc; commit 338d556c1da58bcba3fd03e4fe6eb29b7f201a3b Author: Michael Stahl <[email protected]> AuthorDate: Wed Sep 14 10:27:02 2022 +0200 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:12:50 2022 +0200 libxml2: upgrade to release 2.10.2 Fixes CVE-2022-2309 Change-Id: I180218be275d3b6d38f8f74aa51c57e50d2734ee Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139911 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit d621a8839cebf96fe3ac374026f344f8e68bf011) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139954 Reviewed-by: Thorsten Behrens <[email protected]> diff --git a/download.lst b/download.lst index 2e4d44ecf924..2b3d746ff397 100644 --- a/download.lst +++ b/download.lst @@ -152,9 +152,9 @@ export LIBTOMMATH_SHA256SUM := 083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304 export LIBTOMMATH_TARBALL := ltm-1.0.zip export XMLSEC_SHA256SUM := 967ca83edf25ccb5b48a3c4a09ad3405a63365576503bf34290a42de1b92fcd2 export XMLSEC_TARBALL := xmlsec1-1.2.25.tar.gz -export LIBXML_SHA256SUM := 60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee -export LIBXML_VERSION_MICRO := 14 -export LIBXML_TARBALL := libxml2-2.9.$(LIBXML_VERSION_MICRO).tar.xz +export LIBXML_SHA256SUM := d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265 +export LIBXML_VERSION_MICRO := 2 +export LIBXML_TARBALL := libxml2-2.10.$(LIBXML_VERSION_MICRO).tar.xz export LIBXSLT_SHA256SUM := 8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79 export LIBXSLT_VERSION_MICRO := 35 export LIBXSLT_TARBALL := libxslt-1.1.$(LIBXSLT_VERSION_MICRO).tar.xz diff --git a/external/libxml2/ExternalPackage_libxml2.mk b/external/libxml2/ExternalPackage_libxml2.mk index d38eb68df0cb..6338fb20b9df 100644 --- a/external/libxml2/ExternalPackage_libxml2.mk +++ b/external/libxml2/ExternalPackage_libxml2.mk @@ -21,7 +21,7 @@ else # COM=MSC $(eval $(call gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.dll,win32/bin.msvc/libxml2.dll)) endif else # OS!=WNT -$(eval $(call gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.9.$(LIBXML_VERSION_MICRO))) +$(eval $(call gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.10.$(LIBXML_VERSION_MICRO))) endif endif # DISABLE_DYNLOADING diff --git a/external/libxml2/libxml2-android.patch b/external/libxml2/libxml2-android.patch index 42af83274026..acf9b17e02db 100644 --- a/external/libxml2/libxml2-android.patch +++ b/external/libxml2/libxml2-android.patch @@ -2,9 +2,9 @@ +++ misc/build/libxml2-2.7.6/Makefile.in @@ -1635,7 +1635,7 @@ $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-recursive --all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(MANS) $(DATA) \ + $(MAKE) $(AM_MAKEFLAGS) check-local + check: check-recursive +-all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(DATA) \ +all-am: Makefile $(LTLIBRARIES) \ config.h install-binPROGRAMS: install-libLTLIBRARIES diff --git a/sc/source/core/tool/interpr7.cxx b/sc/source/core/tool/interpr7.cxx index 7b11e6faddab..56f6b2b3e6d4 100644 --- a/sc/source/core/tool/interpr7.cxx +++ b/sc/source/core/tool/interpr7.cxx @@ -220,6 +220,7 @@ void ScInterpreter::ScFilterXML() case XPATH_STRING: PushString(OUString::createFromAscii(reinterpret_cast<char*>(pXPathObj->stringval))); break; +#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED) case XPATH_POINT: PushNoValue(); break; @@ -229,13 +230,13 @@ void ScInterpreter::ScFilterXML() case XPATH_LOCATIONSET: PushNoValue(); break; +#endif case XPATH_USERS: PushNoValue(); break; case XPATH_XSLT_TREE: PushNoValue(); break; - } } } diff --git a/test/source/xmltesttools.cxx b/test/source/xmltesttools.cxx index ab373ccae96c..f61476c39f7a 100644 --- a/test/source/xmltesttools.cxx +++ b/test/source/xmltesttools.cxx @@ -106,9 +106,11 @@ OUString XmlTestTools::getXPathContent(xmlDocPtr pXmlDoc, const OString& rXPath) return OUString::number(pXmlObj->floatval); case XPATH_STRING: return convert(pXmlObj->stringval); +#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED) case XPATH_POINT: case XPATH_RANGE: case XPATH_LOCATIONSET: +#endif case XPATH_USERS: case XPATH_XSLT_TREE: CPPUNIT_FAIL("Unsupported XPath type"); diff --git a/unoxml/source/xpath/xpathobject.cxx b/unoxml/source/xpath/xpathobject.cxx index 2a055f10cdc4..6da7ed351f80 100644 --- a/unoxml/source/xpath/xpathobject.cxx +++ b/unoxml/source/xpath/xpathobject.cxx @@ -44,12 +44,14 @@ namespace XPath return XPathObjectType_XPATH_NUMBER; case XPATH_STRING: return XPathObjectType_XPATH_STRING; +#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED) case XPATH_POINT: return XPathObjectType_XPATH_POINT; case XPATH_RANGE: return XPathObjectType_XPATH_RANGE; case XPATH_LOCATIONSET: return XPathObjectType_XPATH_LOCATIONSET; +#endif case XPATH_USERS: return XPathObjectType_XPATH_USERS; case XPATH_XSLT_TREE: commit 1ee16063e9927b431a3fb816c8d990cecb4d98ee Author: Jan-Marek Glogowski <[email protected]> AuthorDate: Sun May 30 13:23:16 2021 +0200 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 12:12:50 2022 +0200 libxml2: use xml2-config dummy for internal build When building a static LO with --disable-dynloading on Linux, --without-system-libs failed for me. And it left me really puzzled: raptor configure failed and claimed it couldn't link libxml2. raptor's config.log showed missing math functions. xml2-config of LO's build is patched and it includes a -lm. The xml2-config in my chroot doesn't. But we explicitly pass the xml2-config for non-system-libxml2 build. Reading the configure from raptor didn't reveal a way, that it could somehow pick up the xml2-config from the chroot, but that code is autoconf-complex... When running "sh -x configure", it turned out the configure script actually picks up the LIBXML_* flags from the environment, which are set by LO's config_host.mk. These just add -lm for Android. So this adds a xml2-config.in "dummy", which overwrites the one from the libxml2 source and just echos LO's LIBXML_* values and it adds -lm for all DISABLE_DYNLOADING targets. Change-Id: Ia713cf80c8e7dc989cf23c224e7a0f7ea1210a87 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116409 Tested-by: Jenkins Reviewed-by: Jan-Marek Glogowski <[email protected]> (cherry picked from commit 8b9f8f0f9d38cc64f742fe5358fce88d0f82391a) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139965 Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 5c044ae7a3246bddbd0513bd5ed3efef10cb1503) diff --git a/external/libxml2/UnpackedTarball_libxml2.mk b/external/libxml2/UnpackedTarball_libxml2.mk index 00398f16af56..4ec3fa074dea 100644 --- a/external/libxml2/UnpackedTarball_libxml2.mk +++ b/external/libxml2/UnpackedTarball_libxml2.mk @@ -14,11 +14,12 @@ $(eval $(call gb_UnpackedTarball_set_tarball,libxml2,$(LIBXML_TARBALL),,libxml2) $(eval $(call gb_UnpackedTarball_update_autoconf_configs,libxml2)) $(eval $(call gb_UnpackedTarball_add_patches,libxml2,\ - external/libxml2/libxml2-config.patch.1 \ external/libxml2/libxml2-global-symbols.patch \ external/libxml2/libxml2-vc10.patch \ $(if $(filter ANDROID,$(OS)),external/libxml2/libxml2-android.patch) \ external/libxml2/libxml2-icu.patch.0 \ )) +$(eval $(call gb_UnpackedTarball_add_file,libxml2,xml2-config.in,external/libxml2/xml2-config.in)) + # vim: set noet sw=4 ts=4: diff --git a/external/libxml2/libxml2-config.patch.1 b/external/libxml2/libxml2-config.patch.1 deleted file mode 100644 index 5a2ef1485e92..000000000000 --- a/external/libxml2/libxml2-config.patch.1 +++ /dev/null @@ -1,43 +0,0 @@ -Hack the xml2-config to return paths into WORKDIR. - ---- a/xml2-config.in 2009-12-17 11:45:20.000000000 +0000 -+++ b/xml2-config.in 2009-12-17 11:45:36.000000000 +0000 -@@ -1,9 +1,14 @@ - #! /bin/sh - --prefix=@prefix@ --exec_prefix=@exec_prefix@ --includedir=@includedir@ --libdir=@libdir@ -+#prefix=@prefix@ -+#exec_prefix=@exec_prefix@ -+#includedir=@includedir@ -+#libdir=@libdir@ -+ -+prefix=${WORKDIR}/UnpackedTarball/libxml2 -+exec_prefix=${WORKDIR}/UnpackedTarball/libxml2 -+includedir=${WORKDIR}/UnpackedTarball/libxml2/include -+libdir=${WORKDIR}/UnpackedTarball/libxml2/.libs - cflags= - libs= - -@@ -67,7 +72,8 @@ - ;; - - --cflags) -- cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@" -+ #cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@" -+ cflags="-I${includedir}" - ;; - - --libtool-libs) -@@ -91,7 +96,8 @@ - libs="@XML_LIBDIR@ $libs" - fi - -- libs="$libs @WIN32_EXTRA_LIBADD@" -+ #libs="$libs @WIN32_EXTRA_LIBADD@" -+ libs="-L${libdir} -lxml2 -lm" - ;; - - *) diff --git a/external/libxml2/xml2-config.in b/external/libxml2/xml2-config.in new file mode 100644 index 000000000000..164508e47e67 --- /dev/null +++ b/external/libxml2/xml2-config.in @@ -0,0 +1,28 @@ +#! /bin/sh + +while test $# -gt 0; do + case "$1" in + -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; + *) optarg= ;; + esac + + case "$1" in + --version) + echo @VERSION@ + exit 0 + ;; + --cflags) + cflags="$LIBXML_CFLAGS" + ;; + --libs) + libs="$LIBXML_LIBS" + ;; + esac + shift +done + +if test -n "$cflags$libs"; then + echo $cflags $libs +fi + +exit 0 commit 4c9e536ff0e17cb451152627ec687c2318bb8ae6 Author: Michael Stahl <[email protected]> AuthorDate: Wed Sep 14 11:10:57 2022 +0200 Commit: Michael Stahl <[email protected]> CommitDate: Thu Sep 15 11:12:19 2022 +0200 zlib: add patch for CVE-2022-37434 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139913 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 521e920dda79f44a0ad637b6062f3dcb574f884b) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139849 Reviewed-by: Thorsten Behrens <[email protected]> (cherry picked from commit 832e2a266005d8ef5f9bcc7f51b545d5dc4ce165) Change-Id: If09c419ba00fc9be021249e4d4da27d1650b9080 diff --git a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch new file mode 100644 index 000000000000..c5c95a92b28a --- /dev/null +++ b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch @@ -0,0 +1,29 @@ +From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001 +From: Mark Adler <[email protected]> +Date: Mon, 8 Aug 2022 10:50:09 -0700 +Subject: [PATCH] Fix extra field processing bug that dereferences NULL + state->head. + +The recent commit to fix a gzip header extra field processing bug +introduced the new bug fixed here. +--- + inflate.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index 7a7289749..2a3c4fe98 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -763,10 +763,10 @@ int flush; + copy = state->length; + if (copy > have) copy = have; + if (copy) { +- len = state->head->extra_len - state->length; + if (state->head != Z_NULL && + state->head->extra != Z_NULL && +- len < state->head->extra_max) { ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); diff --git a/external/zlib/UnpackedTarball_zlib.mk b/external/zlib/UnpackedTarball_zlib.mk index fa476b918b7c..10ee74b9568a 100644 --- a/external/zlib/UnpackedTarball_zlib.mk +++ b/external/zlib/UnpackedTarball_zlib.mk @@ -16,4 +16,11 @@ $(eval $(call gb_UnpackedTarball_set_post_action,zlib,\ cp $(addsuffix .c,adler32 compress crc32 deflate inffast inflate inftrees trees zutil) x64 \ )) +$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,1)) + +$(eval $(call gb_UnpackedTarball_add_patches,zlib,\ + external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch \ + external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch \ +)) + # vim: set noet sw=4 ts=4: diff --git a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch new file mode 100644 index 000000000000..dc84d3a1d385 --- /dev/null +++ b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch @@ -0,0 +1,32 @@ +From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001 +From: Mark Adler <[email protected]> +Date: Sat, 30 Jul 2022 15:51:11 -0700 +Subject: [PATCH] Fix a bug when getting a gzip header extra field with + inflate(). + +If the extra field was larger than the space the user provided with +inflateGetHeader(), and if multiple calls of inflate() delivered +the extra header data, then there could be a buffer overflow of the +provided space. This commit assures that provided space is not +exceeded. +--- + inflate.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index 7be8c6366..7a7289749 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -763,9 +763,10 @@ int flush; + copy = state->length; + if (copy > have) copy = have; + if (copy) { ++ len = state->head->extra_len - state->length; + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ len < state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy);
