[gentoo-commits] repo/gentoo:master commit in: app-text/mupdf/files/, app-text/mupdf/

["Sam James" <sam@gentoo.org>]

commit:     6f8610d53861f805bf4c4b6e1366935ad660b141
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 24 16:09:26 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Feb 24 16:21:44 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f8610d5

app-text/mupdf: patch CVE-2021-3407

Bug: https://bugs.gentoo.org/772311
Package-Manager: Portage-3.0.14, Repoman-3.0.2
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../mupdf/files/mupdf-1.18.0-CVE-2021-3407.patch   |  51 ++++++++
 app-text/mupdf/mupdf-1.18.0-r3.ebuild              | 145 +++++++++++++++++++++
 2 files changed, 196 insertions(+)

diff --git a/app-text/mupdf/files/mupdf-1.18.0-CVE-2021-3407.patch b/app-text/mupdf/files/mupdf-1.18.0-CVE-2021-3407.patch
new file mode 100644
index 00000000000..566ee562389
--- /dev/null
+++ b/app-text/mupdf/files/mupdf-1.18.0-CVE-2021-3407.patch
@@ -0,0 +1,51 @@
+https://bugs.gentoo.org/772311
+
+From cee7cefc610d42fd383b3c80c12cbc675443176a Mon Sep 17 00:00:00 2001
+From: Robin Watts <Robin.Watts@artifex.com>
+Date: Fri, 22 Jan 2021 17:05:15 +0000
+Subject: [PATCH 1/1] Bug 703366: Fix double free of object during
+ linearization.
+
+This appears to happen because we parse an illegal object from
+a broken file and assign it to object 0, which is defined to
+be free.
+
+Here, we fix the parsing code so this can't happen.
+---
+ source/pdf/pdf-parse.c | 6 ++++++
+ source/pdf/pdf-xref.c  | 2 ++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/source/pdf/pdf-parse.c b/source/pdf/pdf-parse.c
+index 7abc8c3d4..5761c3351 100644
+--- a/source/pdf/pdf-parse.c
++++ b/source/pdf/pdf-parse.c
+@@ -749,6 +749,12 @@ pdf_parse_ind_obj(fz_context *ctx, pdf_document *doc,
+ 		fz_throw(ctx, FZ_ERROR_SYNTAX, "expected generation number (%d ? obj)", num);
+ 	}
+ 	gen = buf->i;
++	if (gen < 0 || gen >= 65536)
++	{
++		if (try_repair)
++			*try_repair = 1;
++		fz_throw(ctx, FZ_ERROR_SYNTAX, "invalid generation number (%d)", gen);
++	}
+ 
+ 	tok = pdf_lex(ctx, file, buf);
+ 	if (tok != PDF_TOK_OBJ)
+diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
+index 1b2bdcd59..30197b4b8 100644
+--- a/source/pdf/pdf-xref.c
++++ b/source/pdf/pdf-xref.c
+@@ -1190,6 +1190,8 @@ pdf_read_new_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf)
+ 	{
+ 		ofs = fz_tell(ctx, doc->file);
+ 		trailer = pdf_parse_ind_obj(ctx, doc, doc->file, buf, &num, &gen, &stm_ofs, NULL);
++		if (num == 0)
++			fz_throw(ctx, FZ_ERROR_GENERIC, "Trailer object number cannot be 0\n");
+ 	}
+ 	fz_catch(ctx)
+ 	{
+-- 
+2.17.1
+

diff --git a/app-text/mupdf/mupdf-1.18.0-r3.ebuild b/app-text/mupdf/mupdf-1.18.0-r3.ebuild
new file mode 100644
index 00000000000..4e67ceb7f20
--- /dev/null
+++ b/app-text/mupdf/mupdf-1.18.0-r3.ebuild
@@ -0,0 +1,145 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit desktop flag-o-matic toolchain-funcs xdg
+
+DESCRIPTION="A lightweight PDF viewer and toolkit written in portable C"
+HOMEPAGE="https://mupdf.com/ https://git.ghostscript.com/?p=mupdf.git"
+SRC_URI="https://mupdf.com/downloads/archive/${P}-source.tar.xz"
+S="${WORKDIR}/${P}-source"
+
+LICENSE="AGPL-3"
+SLOT="0/${PV}"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~x86"
+IUSE="X +javascript libressl opengl ssl"
+REQUIRED_USE="opengl? ( javascript )"
+
+# Although we use the bundled, patched version of freeglut in mupdf (because of
+# bug #653298), the best way to ensure that its dependencies are present is to
+# install system's freeglut.
+BDEPEND="virtual/pkgconfig"
+RDEPEND="
+	dev-libs/gumbo
+	media-libs/freetype:2=
+	media-libs/harfbuzz:=[truetype]
+	media-libs/jbig2dec:=
+	media-libs/libpng:0=
+	>=media-libs/openjpeg-2.1:2=
+	virtual/jpeg
+	javascript? ( >=dev-lang/mujs-1.0.7:= )
+	opengl? ( >=media-libs/freeglut-3.0.0 )
+	ssl? (
+		libressl? ( >=dev-libs/libressl-3.1.4:0= )
+		!libressl? ( >=dev-libs/openssl-1.1:0= )
+	)
+	X? (
+		x11-libs/libX11
+		x11-libs/libXext
+	)"
+DEPEND="${RDEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.15-CFLAGS.patch
+	"${FILESDIR}"/${PN}-1.18-Makefile.patch
+	"${FILESDIR}"/${PN}-1.10a-add-desktop-pc-xpm-files.patch
+	# See bugs #662352
+	"${FILESDIR}"/${PN}-1.15-openssl-x11.patch
+	# General cross fixes from Debian (refreshed)
+	"${FILESDIR}"/${PN}-1.18.0-cross-fixes.patch
+	# Additional security patches post-1.18.0
+	"${FILESDIR}"/${P}-fix-oob-in-pdf-layer.c
+	"${FILESDIR}"/${P}-fix-oob-in-pixmap.c
+	"${FILESDIR}"/${P}-CVE-2021-3407.patch
+)
+
+src_prepare() {
+	xdg_src_prepare
+
+	use hppa && append-cflags -ffunction-sections
+
+	append-cflags "-DFZ_ENABLE_JS=$(usex javascript 1 0)"
+
+	sed -e "1iOS = Linux" \
+		-e "1iCC = $(tc-getCC)" \
+		-e "1iCXX = $(tc-getCXX)" \
+		-e "1iLD = $(tc-getLD)" \
+		-e "1iAR = $(tc-getAR)" \
+		-e "1iverbose = yes" \
+		-e "1ibuild = debug" \
+		-e "1iprefix = ${ED}/usr" \
+		-e "1ilibdir = ${ED}/usr/$(get_libdir)" \
+		-e "1idocdir = ${ED}/usr/share/doc/${PF}" \
+		-i Makerules || die
+}
+
+_emake() {
+	# When HAVE_OBJCOPY is yes, we end up with a lot of QA warnings.
+	# Bundled libs
+	# * General
+	# Note that USE_SYSTEM_LIBS=yes is a metaoption which will set to upstream's
+	# recommendations. It does not mean "always use system libs".
+	# See [0] below for what it means in a specific version.
+	#
+	# * freeglut
+	# We don't use system's freeglut because upstream has a special modified
+	# version of it that gives mupdf clipboard support. See bug #653298
+	#
+	# * mujs
+	# As of v1.15.0, mupdf started using symbols in mujs that were not part
+	# of any release. We then went back to using the bundled version of it.
+	# But v1.17.0 looks ok, so we'll go unbundled again. Be aware of this risk
+	# when bumping and check!
+	# See bug #685244
+	#
+	# * lmms2
+	# mupdf uses a bundled version of lcms2 [0] because Artifex have forked it [1].
+	# It is therefore not appropriate for us to unbundle it at this time.
+	#
+	# [0] https://git.ghostscript.com/?p=mupdf.git;a=blob;f=Makethird;h=c4c540fa4a075df0db85e6fdaab809099881f35a;hb=HEAD#l9
+	# [1] https://www.ghostscript.com/doc/lcms2mt/doc/WhyThisFork.txt
+	emake \
+		GENTOO_PV=${PV} \
+		HAVE_GLUT=$(usex opengl) \
+		HAVE_LIBCRYPTO=$(usex ssl) \
+		HAVE_X11=$(usex X) \
+		USE_SYSTEM_LIBS=yes \
+		USE_SYSTEM_MUJS=$(usex javascript) \
+		USE_SYSTEM_GLUT=no \
+		HAVE_OBJCOPY=no \
+		"$@"
+}
+
+src_compile() {
+	_emake XCFLAGS="-fpic"
+}
+
+src_install() {
+	if use X || use opengl ; then
+		domenu platform/debian/${PN}.desktop
+		doicon platform/debian/${PN}.xpm
+	else
+		rm docs/man/${PN}.1 || die
+	fi
+
+	_emake install
+
+	dosym libmupdf.so.${PV} /usr/$(get_libdir)/lib${PN}.so
+
+	if use opengl ; then
+		einfo "mupdf symlink points to mupdf-gl (bug 616654)"
+		dosym ${PN}-gl /usr/bin/${PN}
+	elif use X ; then
+		einfo "mupdf symlink points to mupdf-x11 (bug 616654)"
+		dosym ${PN}-x11 /usr/bin/${PN}
+	fi
+
+	# Respect libdir (bug #734898)
+	sed -i -e "s:/lib:/$(get_libdir):" platform/debian/${PN}.pc || die
+
+	insinto /usr/$(get_libdir)/pkgconfig
+	doins platform/debian/${PN}.pc
+
+	dodoc README CHANGES CONTRIBUTORS
+}