--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/poppler/patches/poppler-08-CVE-2012-2142.patch Mon Jan 25 14:14:00 2016 -0800
@@ -0,0 +1,103 @@
+Patch taken from the Desktop consolidation.
+See BugDB CR #17302948
+CVE-2012-2142 poppler, xpdf vulnerability
+for more details.
+
+This problem has already been fixed upstream.
+
+--- poppler-0.14.4/cpp/poppler-private.cpp.orig 2014-08-27 12:57:39.826804709 +0530
++++ poppler-0.14.4/cpp/poppler-private.cpp 2014-08-27 13:01:37.706710206 +0530
+@@ -24,6 +24,7 @@
+
+ #include <ctime>
+ #include <iostream>
++#include <iomanip>
+ #include <sstream>
+
+ using namespace poppler;
+@@ -31,6 +32,7 @@ using namespace poppler;
+ void detail::error_function(int pos, char *msg, va_list args)
+ {
+ std::ostringstream oss;
++ unsigned int i;
+ if (pos >= 0) {
+ oss << "poppler/error (" << pos << "): ";
+ } else {
+@@ -38,7 +40,14 @@ void detail::error_function(int pos, cha
+ }
+ char buffer[4096]; // should be big enough
+ vsnprintf(buffer, sizeof(buffer) - 1, msg, args);
+- oss << buffer;
++ for (i = 0; i < strlen (buffer); i++) {
++ if (isprint (buffer[i])) {
++ oss << buffer[i];
++ }
++ else {
++ oss << "<" << std::hex << std::setfill ('0') << std::setw (2) << (int) (buffer[i] & 0xff) << ">";
++ }
++ }
+ std::cerr << oss.str();
+ }
+
+--- poppler-0.14.4/poppler/Error.cc.orig 2014-08-27 12:59:07.108117504 +0530
++++ poppler-0.14.4/poppler/Error.cc 2014-08-27 13:07:57.958757938 +0530
+@@ -31,17 +31,30 @@
+ #include <stdio.h>
+ #include <stddef.h>
+ #include <stdarg.h>
++#include <string.h>
++#include <ctype.h>
+ #include "GlobalParams.h"
+ #include "Error.h"
+
++#define MAX_ERR_MSG_SIZE 1024
++
+ static void defaultErrorFunction(int pos, char *msg, va_list args)
+ {
++ char msg_eval[MAX_ERR_MSG_SIZE];
++ unsigned int i;
++
+ if (pos >= 0) {
+ fprintf(stderr, "Error (%d): ", pos);
+ } else {
+ fprintf(stderr, "Error: ");
+ }
+- vfprintf(stderr, msg, args);
++ vsnprintf(msg_eval, sizeof (msg_eval), msg, args);
++ for (i = 0; i < strlen (msg_eval); i++) {
++ if (isprint (msg_eval[i]))
++ fprintf (stderr, "%c", msg_eval[i]);
++ else
++ fprintf (stderr, "<%02x>", msg_eval[i] & 0xff);
++ }
+ fprintf(stderr, "\n");
+ fflush(stderr);
+ }
+--- poppler-0.14.4/qt4/src/poppler-private.cc.orig 2014-08-27 12:59:33.114745221 +0530
++++ poppler-0.14.4/qt4/src/poppler-private.cc 2014-08-27 14:03:45.654667518 +0530
+@@ -36,6 +36,7 @@ namespace Poppler {
+ {
+ QString emsg;
+ char buffer[1024]; // should be big enough
++ unsigned int i;
+
+ if (pos >= 0)
+ {
+@@ -46,7 +47,16 @@ namespace Poppler {
+ emsg = QString::fromLatin1("Error: ");
+ }
+ qvsnprintf(buffer, sizeof(buffer) - 1, msg, args);
+- emsg += QString::fromAscii(buffer);
++ for (i = 0; i < strlen (buffer); i++) {
++ if (isprint (buffer[i])) {
++ emsg += QString(buffer[i]);
++ }
++ else {
++ emsg += QString::fromAscii("<");
++ emsg += QString("%1").arg(buffer[i] & 0xff, 2, 16, QLatin1Char('0'));
++ emsg += QString::fromAscii(">");
++ }
++ }
+ qDebug() << qPrintable(emsg);
+ }
+