|
1 Patch taken from the Desktop consolidation. |
|
2 See BugDB CR #17302948 |
|
3 CVE-2012-2142 poppler, xpdf vulnerability |
|
4 for more details. |
|
5 |
|
6 This problem has already been fixed upstream. |
|
7 |
|
8 --- poppler-0.14.4/cpp/poppler-private.cpp.orig 2014-08-27 12:57:39.826804709 +0530 |
|
9 +++ poppler-0.14.4/cpp/poppler-private.cpp 2014-08-27 13:01:37.706710206 +0530 |
|
10 @@ -24,6 +24,7 @@ |
|
11 |
|
12 #include <ctime> |
|
13 #include <iostream> |
|
14 +#include <iomanip> |
|
15 #include <sstream> |
|
16 |
|
17 using namespace poppler; |
|
18 @@ -31,6 +32,7 @@ using namespace poppler; |
|
19 void detail::error_function(int pos, char *msg, va_list args) |
|
20 { |
|
21 std::ostringstream oss; |
|
22 + unsigned int i; |
|
23 if (pos >= 0) { |
|
24 oss << "poppler/error (" << pos << "): "; |
|
25 } else { |
|
26 @@ -38,7 +40,14 @@ void detail::error_function(int pos, cha |
|
27 } |
|
28 char buffer[4096]; // should be big enough |
|
29 vsnprintf(buffer, sizeof(buffer) - 1, msg, args); |
|
30 - oss << buffer; |
|
31 + for (i = 0; i < strlen (buffer); i++) { |
|
32 + if (isprint (buffer[i])) { |
|
33 + oss << buffer[i]; |
|
34 + } |
|
35 + else { |
|
36 + oss << "<" << std::hex << std::setfill ('0') << std::setw (2) << (int) (buffer[i] & 0xff) << ">"; |
|
37 + } |
|
38 + } |
|
39 std::cerr << oss.str(); |
|
40 } |
|
41 |
|
42 --- poppler-0.14.4/poppler/Error.cc.orig 2014-08-27 12:59:07.108117504 +0530 |
|
43 +++ poppler-0.14.4/poppler/Error.cc 2014-08-27 13:07:57.958757938 +0530 |
|
44 @@ -31,17 +31,30 @@ |
|
45 #include <stdio.h> |
|
46 #include <stddef.h> |
|
47 #include <stdarg.h> |
|
48 +#include <string.h> |
|
49 +#include <ctype.h> |
|
50 #include "GlobalParams.h" |
|
51 #include "Error.h" |
|
52 |
|
53 +#define MAX_ERR_MSG_SIZE 1024 |
|
54 + |
|
55 static void defaultErrorFunction(int pos, char *msg, va_list args) |
|
56 { |
|
57 + char msg_eval[MAX_ERR_MSG_SIZE]; |
|
58 + unsigned int i; |
|
59 + |
|
60 if (pos >= 0) { |
|
61 fprintf(stderr, "Error (%d): ", pos); |
|
62 } else { |
|
63 fprintf(stderr, "Error: "); |
|
64 } |
|
65 - vfprintf(stderr, msg, args); |
|
66 + vsnprintf(msg_eval, sizeof (msg_eval), msg, args); |
|
67 + for (i = 0; i < strlen (msg_eval); i++) { |
|
68 + if (isprint (msg_eval[i])) |
|
69 + fprintf (stderr, "%c", msg_eval[i]); |
|
70 + else |
|
71 + fprintf (stderr, "<%02x>", msg_eval[i] & 0xff); |
|
72 + } |
|
73 fprintf(stderr, "\n"); |
|
74 fflush(stderr); |
|
75 } |
|
76 --- poppler-0.14.4/qt4/src/poppler-private.cc.orig 2014-08-27 12:59:33.114745221 +0530 |
|
77 +++ poppler-0.14.4/qt4/src/poppler-private.cc 2014-08-27 14:03:45.654667518 +0530 |
|
78 @@ -36,6 +36,7 @@ namespace Poppler { |
|
79 { |
|
80 QString emsg; |
|
81 char buffer[1024]; // should be big enough |
|
82 + unsigned int i; |
|
83 |
|
84 if (pos >= 0) |
|
85 { |
|
86 @@ -46,7 +47,16 @@ namespace Poppler { |
|
87 emsg = QString::fromLatin1("Error: "); |
|
88 } |
|
89 qvsnprintf(buffer, sizeof(buffer) - 1, msg, args); |
|
90 - emsg += QString::fromAscii(buffer); |
|
91 + for (i = 0; i < strlen (buffer); i++) { |
|
92 + if (isprint (buffer[i])) { |
|
93 + emsg += QString(buffer[i]); |
|
94 + } |
|
95 + else { |
|
96 + emsg += QString::fromAscii("<"); |
|
97 + emsg += QString("%1").arg(buffer[i] & 0xff, 2, 16, QLatin1Char('0')); |
|
98 + emsg += QString::fromAscii(">"); |
|
99 + } |
|
100 + } |
|
101 qDebug() << qPrintable(emsg); |
|
102 } |
|
103 |