Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/desktop/poppler/patches/poppler-08-CVE-2012-2142.patch
changeset 5327 e8b0f6b16632 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/poppler/patches/poppler-08-CVE-2012-2142.patch	Mon Jan 25 14:14:00 2016 -0800
@@ -0,0 +1,103 @@
+Patch taken from the Desktop consolidation.
+See BugDB CR #17302948
+CVE-2012-2142 poppler, xpdf vulnerability
+for more details.
+
+This problem has already been fixed upstream.
+
+--- poppler-0.14.4/cpp/poppler-private.cpp.orig	2014-08-27 12:57:39.826804709 +0530
++++ poppler-0.14.4/cpp/poppler-private.cpp	2014-08-27 13:01:37.706710206 +0530
+@@ -24,6 +24,7 @@
+ 
+ #include <ctime>
+ #include <iostream>
++#include <iomanip>
+ #include <sstream>
+ 
+ using namespace poppler;
+@@ -31,6 +32,7 @@ using namespace poppler;
+ void detail::error_function(int pos, char *msg, va_list args)
+ {
+     std::ostringstream oss;
++    unsigned int i;
+     if (pos >= 0) {
+         oss << "poppler/error (" << pos << "): ";
+     } else {
+@@ -38,7 +40,14 @@ void detail::error_function(int pos, cha
+     }
+     char buffer[4096]; // should be big enough
+     vsnprintf(buffer, sizeof(buffer) - 1, msg, args);
+-    oss << buffer;
++    for (i = 0; i < strlen (buffer); i++) {
++      if (isprint (buffer[i])) {
++        oss << buffer[i];
++      }
++      else {
++        oss << "<" << std::hex << std::setfill ('0') << std::setw (2) << (int) (buffer[i] & 0xff) << ">";
++      }
++    }
+     std::cerr << oss.str();
+ }
+ 
+--- poppler-0.14.4/poppler/Error.cc.orig	2014-08-27 12:59:07.108117504 +0530
++++ poppler-0.14.4/poppler/Error.cc	2014-08-27 13:07:57.958757938 +0530
+@@ -31,17 +31,30 @@
+ #include <stdio.h>
+ #include <stddef.h>
+ #include <stdarg.h>
++#include <string.h>
++#include <ctype.h>
+ #include "GlobalParams.h"
+ #include "Error.h"
+ 
++#define MAX_ERR_MSG_SIZE 1024
++
+ static void defaultErrorFunction(int pos, char *msg, va_list args)
+ {
++  char msg_eval[MAX_ERR_MSG_SIZE];
++  unsigned int i;
++
+   if (pos >= 0) {
+     fprintf(stderr, "Error (%d): ", pos);
+   } else {
+     fprintf(stderr, "Error: ");
+   }
+-  vfprintf(stderr, msg, args);
++  vsnprintf(msg_eval, sizeof (msg_eval), msg, args);
++  for (i = 0; i < strlen (msg_eval); i++) {
++    if (isprint (msg_eval[i]))
++      fprintf (stderr, "%c", msg_eval[i]);
++    else
++      fprintf (stderr, "<%02x>", msg_eval[i] & 0xff);
++  }
+   fprintf(stderr, "\n");
+   fflush(stderr);
+ }
+--- poppler-0.14.4/qt4/src/poppler-private.cc.orig	2014-08-27 12:59:33.114745221 +0530
++++ poppler-0.14.4/qt4/src/poppler-private.cc	2014-08-27 14:03:45.654667518 +0530
+@@ -36,6 +36,7 @@ namespace Poppler {
+     {
+         QString emsg;
+         char buffer[1024]; // should be big enough
++        unsigned int i;
+ 
+         if (pos >= 0)
+         {
+@@ -46,7 +47,16 @@ namespace Poppler {
+             emsg = QString::fromLatin1("Error: ");
+         }
+         qvsnprintf(buffer, sizeof(buffer) - 1, msg, args);
+-        emsg += QString::fromAscii(buffer);
++        for (i = 0; i < strlen (buffer); i++) {
++          if (isprint (buffer[i])) {
++            emsg += QString(buffer[i]);
++          }
++          else {
++            emsg += QString::fromAscii("<");
++            emsg += QString("%1").arg(buffer[i] & 0xff, 2, 16, QLatin1Char('0'));
++            emsg += QString::fromAscii(">");
++          }
++        }
+         qDebug() << qPrintable(emsg);
+     }
+
upstream/oracle/userland-gate