diff options
| author |   Daniel Gryniewicz <dang@gentoo.org> | 2007-03-07 17:26:44 +0000 |
|---|---|---|
| committer | Daniel Gryniewicz <dang@gentoo.org> | 2007-03-07 17:26:44 +0000 |
| commit | aa41b17e1a4db7487d8acb70a2410fa9e75edeae (patch) | |
| tree | 7c0826f7541a134a1b89234a6050c3ccbbef80e6 | |
| parent | Change all instances of [ to [[. (diff) | |
| download | gentoo-2-aa41b17e1a4db7487d8acb70a2410fa9e75edeae.tar.gz gentoo-2-aa41b17e1a4db7487d8acb70a2410fa9e75edeae.tar.bz2 gentoo-2-aa41b17e1a4db7487d8acb70a2410fa9e75edeae.zip | |
fix for bug #169675
(Portage version: 2.1.2.1)
| -rw-r--r-- | app-text/libwpd/ChangeLog | 8 | ||||
| -rw-r--r-- | app-text/libwpd/files/digest-libwpd-0.8.4-r1 | 3 | ||||
| -rw-r--r-- | app-text/libwpd/files/libwpd-0.8.4-heap-overflow.patch | 87 | ||||
| -rw-r--r-- | app-text/libwpd/libwpd-0.8.4-r1.ebuild | 38 |
4 files changed, 135 insertions, 1 deletions
diff --git a/app-text/libwpd/ChangeLog b/app-text/libwpd/ChangeLog index 077c027275fb..73d15feb63e8 100644 --- a/app-text/libwpd/ChangeLog +++ b/app-text/libwpd/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-text/libwpd # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/libwpd/ChangeLog,v 1.39 2007/02/21 23:33:16 peper Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/libwpd/ChangeLog,v 1.40 2007/03/07 17:26:44 dang Exp $ + +*libwpd-0.8.4-r1 (07 Mar 2007) + + 07 Mar 2007; Daniel Gryniewicz <dang@gentoo.org> + +files/libwpd-0.8.4-heap-overflow.patch, +libwpd-0.8.4-r1.ebuild: + fix for bug #169675 21 Feb 2007; Piotr Jaroszyński <peper@gentoo.org> ChangeLog: Transition to Manifest2. diff --git a/app-text/libwpd/files/digest-libwpd-0.8.4-r1 b/app-text/libwpd/files/digest-libwpd-0.8.4-r1 new file mode 100644 index 000000000000..990dbdb70111 --- /dev/null +++ b/app-text/libwpd/files/digest-libwpd-0.8.4-r1 @@ -0,0 +1,3 @@ +MD5 0461d4bf2da534b4bed041b67d7f7064 libwpd-0.8.4.tar.gz 491831 +RMD160 ce5826683e37e1b3f1220f8d5c6c40b48610f054 libwpd-0.8.4.tar.gz 491831 +SHA256 b6393088bf6c49b72a07d2aec7d84d14f6cab0ab00ad177c17157f03095f2096 libwpd-0.8.4.tar.gz 491831 diff --git a/app-text/libwpd/files/libwpd-0.8.4-heap-overflow.patch b/app-text/libwpd/files/libwpd-0.8.4-heap-overflow.patch new file mode 100644 index 000000000000..4bd689a30c78 --- /dev/null +++ b/app-text/libwpd/files/libwpd-0.8.4-heap-overflow.patch @@ -0,0 +1,87 @@ +diff --exclude-from=/home/dang/bin/scripts/diffrc -up -ruN libwpd-0.8.4.orig/src/lib/WP5DefinitionGroup.cpp libwpd-0.8.4/src/lib/WP5DefinitionGroup.cpp +--- libwpd-0.8.4.orig/src/lib/WP5DefinitionGroup.cpp 2005-12-05 08:51:35.000000000 -0500 ++++ libwpd-0.8.4/src/lib/WP5DefinitionGroup.cpp 2007-03-07 11:59:45.000000000 -0500 +@@ -26,7 +26,7 @@ + #include "WPXListener.h" + #include "libwpd_internal.h" + +-WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup(WPXInputStream *input) : ++WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup(WPXInputStream *input, uint16_t subGroupSize) : + WP5VariableLengthGroup_SubGroup(), + m_position(0), + m_numColumns(0), +@@ -34,6 +34,7 @@ WP5DefinitionGroup_DefineTablesSubGroup: + m_leftGutter(0), + m_rightGutter(0) + { ++ long startPosition = input->tell(); + // Skip useless old values to read the old column number + input->seek(2, WPX_SEEK_CUR); + m_numColumns = readU16(input); +@@ -50,12 +51,26 @@ WP5DefinitionGroup_DefineTablesSubGroup: + input->seek(10, WPX_SEEK_CUR); + m_leftOffset = readU16(input); + int i; ++ if ((m_numColumns > 32) || ((input->tell() - startPosition + m_numColumns*5) > (subGroupSize - 4))) ++ throw FileException(); + for (i=0; i < m_numColumns; i++) ++ { ++ if (input->atEOS()) ++ throw FileException(); + m_columnWidth[i] = readU16(input); ++ } + for (i=0; i < m_numColumns; i++) ++ { ++ if (input->atEOS()) ++ throw FileException(); + m_attributeBits[i] = readU16(input); ++ } + for (i=0; i < m_numColumns; i++) ++ { ++ if (input->atEOS()) ++ throw FileException(); + m_columnAlignment[i] = readU8(input); ++ } + } + + void WP5DefinitionGroup_DefineTablesSubGroup::parse(WP5Listener *listener) +@@ -86,7 +101,7 @@ void WP5DefinitionGroup::_readContents(W + switch(getSubGroup()) + { + case WP5_TOP_DEFINITION_GROUP_DEFINE_TABLES: +- m_subGroupData = new WP5DefinitionGroup_DefineTablesSubGroup(input); ++ m_subGroupData = new WP5DefinitionGroup_DefineTablesSubGroup(input, getSize()); + break; + default: + break; +diff --exclude-from=/home/dang/bin/scripts/diffrc -up -ruN libwpd-0.8.4.orig/src/lib/WP5DefinitionGroup.h libwpd-0.8.4/src/lib/WP5DefinitionGroup.h +--- libwpd-0.8.4.orig/src/lib/WP5DefinitionGroup.h 2005-12-05 08:51:35.000000000 -0500 ++++ libwpd-0.8.4/src/lib/WP5DefinitionGroup.h 2007-03-07 12:02:13.000000000 -0500 +@@ -31,7 +31,7 @@ + class WP5DefinitionGroup_DefineTablesSubGroup : public WP5VariableLengthGroup_SubGroup + { + public: +- WP5DefinitionGroup_DefineTablesSubGroup(WPXInputStream *input); ++ WP5DefinitionGroup_DefineTablesSubGroup(WPXInputStream *input, uint16_t subGroupSize); + virtual void parse(WP5Listener *listener); + + private: +@@ -58,7 +58,6 @@ protected: + + private: + WP5VariableLengthGroup_SubGroup * m_subGroupData; +- + }; + + #endif /* WP5DEFINITIONGROUP_H */ +diff --exclude-from=/home/dang/bin/scripts/diffrc -up -ruN libwpd-0.8.4.orig/src/lib/WP5VariableLengthGroup.h libwpd-0.8.4/src/lib/WP5VariableLengthGroup.h +--- libwpd-0.8.4.orig/src/lib/WP5VariableLengthGroup.h 2005-12-05 08:51:37.000000000 -0500 ++++ libwpd-0.8.4/src/lib/WP5VariableLengthGroup.h 2007-03-07 12:19:51.000000000 -0500 +@@ -48,6 +48,7 @@ class WP5VariableLengthGroup : public WP + virtual void _readContents(WPXInputStream *input) {} // we don't always need more information than that provided generically + + const uint8_t getSubGroup() const { return m_subGroup; } ++ const uint16_t getSize() const { return m_size; } + + private: + uint8_t m_subGroup; diff --git a/app-text/libwpd/libwpd-0.8.4-r1.ebuild b/app-text/libwpd/libwpd-0.8.4-r1.ebuild new file mode 100644 index 000000000000..dfcb9475ae4b --- /dev/null +++ b/app-text/libwpd/libwpd-0.8.4-r1.ebuild @@ -0,0 +1,38 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-text/libwpd/libwpd-0.8.4-r1.ebuild,v 1.1 2007/03/07 17:26:44 dang Exp $ + +inherit eutils + +DESCRIPTION="WordPerfect Document import/export library" +HOMEPAGE="http://libwpd.sf.net" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc-macos ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="doc" + +RDEPEND=">=dev-libs/glib-2 + >=gnome-extra/libgsf-1.6 + doc? ( app-doc/doxygen )" + +DEPEND="${RDEPEND} + dev-util/pkgconfig" + +src_unpack() { + unpack ${A} + cd ${S} + # Fix for bug #169675 + epatch "${FILESDIR}"/${P}-heap-overflow.patch +} + +src_compile() { + econf $(use_with doc docs) || die + emake || die +} + +src_install() { + einstall || die + dodoc CHANGES COPYING CREDITS INSTALL README TODO +} |