Bug#694470: unblock (pre-approval): poppler/0.18.4-4
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi,
I would like to upload poppler 0.18.4-4 with the following two changes:
- backport an upstream commit to fix #693817 (wrong string manipulation
in some cases, leads to xpdf bug #649047)
- b-d on libcairo2-doc to fix cross-references to cairo methods in the
poppler-glib apidox
Attached the current diff out of the packaging repo of the changes
above.
Thanks,
--
Pino
diff --git a/debian/changelog b/debian/changelog
index f99e452..b0ab017 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+poppler (0.18.4-4) UNRELEASED; urgency=low
+
+ [ Pino Toscano ]
+ * Backport upstream commit 7ba15d11e56175601104d125d5e4a47619c224bf to fix
+ GooString::insert; patch upstream_fix-GooString-insert.patch.
+ (Closes: #693817)
+ * Add a libcairo2-doc build dependency to fix cross-references to cairo
+ methods in the poppler-glib apidox.
+
+ -- Pino Toscano <pino@debian.org> Mon, 26 Nov 2012 14:54:05 +0100
+
poppler (0.18.4-3) unstable; urgency=low
* Finally drop the libfontconfig1-dev dependency from libpoppler-dev,
diff --git a/debian/control b/debian/control
index 14ea239..4eab85e 100644
--- a/debian/control
+++ b/debian/control
@@ -24,7 +24,8 @@ Build-Depends: debhelper (>= 9),
pkg-config (>= 0.18),
libgirepository1.0-dev (>= 1.31.0-2~),
gobject-introspection (>= 1.31.0-2~),
- libglib2.0-doc
+ libglib2.0-doc,
+ libcairo2-doc
Standards-Version: 3.9.3
Homepage: http://poppler.freedesktop.org/
Vcs-Git: git://git.debian.org/pkg-freedesktop/poppler.git
diff --git a/debian/patches/series b/debian/patches/series
index d1150f3..bab73a2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@ ltmain-as-needed.diff
upstream_cairo-use-correct-userfont-font-bbox.patch
upstream_pdfinfo-decode-utf-16-surrogate-pairs.patch
upstream_Change-nnnnnn-to-number.patch
+upstream_fix-GooString-insert.patch
diff --git a/debian/patches/upstream_fix-GooString-insert.patch b/debian/patches/upstream_fix-GooString-insert.patch
new file mode 100644
index 0000000..5398863
--- /dev/null
+++ b/debian/patches/upstream_fix-GooString-insert.patch
@@ -0,0 +1,44 @@
+From 7ba15d11e56175601104d125d5e4a47619c224bf Mon Sep 17 00:00:00 2001
+From: Pino Toscano <pino@kde.org>
+Date: Mon, 26 Nov 2012 00:29:35 +0100
+Subject: [PATCH] fix GooString::insert()
+
+Hi,
+
+as reported in a Debian bug [1], it seems GooString::insert could lead
+to using uninitialized memory.
+The case is a simple:
+ GooString goo;
+ goo.insert(0, ".");
+ goo.insert(0, "This is a very long long test string");
+i.e. basically first insert a single character at position 0, and then a
+string longer than STR_STATIC_SIZE always at position 0.
+
+[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693817
+---
+ goo/GooString.cc | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/goo/GooString.cc b/goo/GooString.cc
+index 451a70e..e52380e 100644
+--- a/goo/GooString.cc
++++ b/goo/GooString.cc
+@@ -640,14 +640,12 @@ GooString *GooString::insert(int i, GooString *str) {
+ }
+
+ GooString *GooString::insert(int i, const char *str, int lengthA) {
+- int j;
+ int prevLen = length;
+ if (CALC_STRING_LEN == lengthA)
+ lengthA = strlen(str);
+
+ resize(length + lengthA);
+- for (j = prevLen; j >= i; --j)
+- s[j+lengthA] = s[j];
++ memmove(s+i+lengthA, s+i, prevLen);
+ memcpy(s+i, str, lengthA);
+ return this;
+ }
+--
+1.7.10.4
+
Reply to: