summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Stahl <michael.stahl@allotropia.de>2022-09-14 15:54:49 +0200
committerThorsten Behrens <thorsten.behrens@allotropia.de>2022-10-30 01:20:23 +0200
commit8f3f45a6b61470356b7841cacab414ae7379b6e2 (patch)
treefd823737d86347cc88cbfaefbf67b88959bdff30
parentupgrade poppler to 22.01.0 (diff)
downloadcore-8f3f45a6b61470356b7841cacab414ae7379b6e2.tar.gz
core-8f3f45a6b61470356b7841cacab414ae7379b6e2.zip
poppler: upgrade to release 22.09.0
Fixes CVE-2022-38784 Add external/poppler/disable-freetype.patch.1 to get rid of some new code that unconditionally requires freetype, to avoid building that on WNT/MACOSX. Change-Id: I854d1865286b6fb4112cdf37898cda0203c52f2e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139941 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 8fce9a0a41b1bbebd325fc9d98a79d8decd3950c) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139967 Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk> (cherry picked from commit bdbb450ed0ded86fb50d6b19a2cce0f11ca74b07) Conflicts: sdext/Executable_xpdfimport.mk
-rw-r--r--download.lst4
-rw-r--r--external/poppler/UnpackedTarball_poppler.mk2
-rw-r--r--external/poppler/disable-freetype.patch.141
-rw-r--r--external/poppler/gcc7-EntityInfo.patch.148
-rw-r--r--external/poppler/poppler-config.patch.127
-rw-r--r--sdext/Executable_xpdfimport.mk4
6 files changed, 109 insertions, 17 deletions
diff --git a/download.lst b/download.lst
index 42a1d4c3f40f..d3f92cd991fc 100644
--- a/download.lst
+++ b/download.lst
@@ -206,8 +206,8 @@ export PIXMAN_SHA256SUM := 21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3
export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz
export LIBPNG_SHA256SUM := 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
-export POPPLER_SHA256SUM := 7d3493056b5b86413e5c693c2cae02c5c06cd8e618d14c2c31e2c84b67b2313e
-export POPPLER_TARBALL := poppler-22.01.0.tar.xz
+export POPPLER_SHA256SUM := d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e
+export POPPLER_TARBALL := poppler-22.09.0.tar.xz
export POSTGRESQL_SHA256SUM := 9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
export PYTHON_SHA256SUM := c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049
diff --git a/external/poppler/UnpackedTarball_poppler.mk b/external/poppler/UnpackedTarball_poppler.mk
index 68fd06d9403b..0ac3c8aa69c4 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -13,6 +13,8 @@ $(eval $(call gb_UnpackedTarball_set_tarball,poppler,$(POPPLER_TARBALL),,poppler
$(eval $(call gb_UnpackedTarball_add_patches,poppler,\
external/poppler/poppler-config.patch.1 \
+ external/poppler/disable-freetype.patch.1 \
+ external/poppler/gcc7-EntityInfo.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/poppler/disable-freetype.patch.1 b/external/poppler/disable-freetype.patch.1
new file mode 100644
index 000000000000..d59006eba979
--- /dev/null
+++ b/external/poppler/disable-freetype.patch.1
@@ -0,0 +1,41 @@
+disable freetype dependent code
+
+--- poppler/poppler/Form.cc.orig 2022-09-14 15:46:48.588316681 +0200
++++ poppler/poppler/Form.cc 2022-09-14 15:48:01.468274551 +0200
+@@ -46,7 +46,7 @@
+ #include <cstdlib>
+ #include <cstring>
+ #include <cctype>
+-#include "goo/ft_utils.h"
++//#include "goo/ft_utils.h"
+ #include "goo/gmem.h"
+ #include "goo/gfile.h"
+ #include "goo/GooString.h"
+@@ -77,8 +77,8 @@
+ #include "fofi/FoFiTrueType.h"
+ #include "fofi/FoFiIdentifier.h"
+
+-#include <ft2build.h>
+-#include FT_FREETYPE_H
++//#include <ft2build.h>
++//#include FT_FREETYPE_H
+
+ // return a newly allocated char* containing an UTF16BE string of size length
+ char *pdfDocEncodingToUTF16(const std::string &orig, int *length)
+@@ -2730,6 +2730,8 @@
+
+ Form::AddFontResult Form::addFontToDefaultResources(const std::string &filepath, int faceIndex, const std::string &fontFamily, const std::string &fontStyle)
+ {
++ return {};
++#if 0
+ if (!GooString::endsWith(filepath, ".ttf") && !GooString::endsWith(filepath, ".ttc") && !GooString::endsWith(filepath, ".otf")) {
+ error(errIO, -1, "We only support embedding ttf/ttc/otf fonts for now. The font file for {0:s} {1:s} was {2:s}", fontFamily.c_str(), fontStyle.c_str(), filepath.c_str());
+ return {};
+@@ -2939,6 +2941,7 @@
+ }
+
+ return { dictFontName, fontDictRef };
++#endif
+ }
+
+ std::string Form::getFallbackFontForChar(Unicode uChar, const GfxFont &fontToEmulate) const
diff --git a/external/poppler/gcc7-EntityInfo.patch.1 b/external/poppler/gcc7-EntityInfo.patch.1
new file mode 100644
index 000000000000..b450bff93af9
--- /dev/null
+++ b/external/poppler/gcc7-EntityInfo.patch.1
@@ -0,0 +1,48 @@
+gcc 7.3.1 says:
+
+workdir/UnpackedTarball/poppler/poppler/CertificateInfo.cc:42:34: error: function ‘X509CertificateInfo::EntityInfo& X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’
+
+--- poppler/poppler/CertificateInfo.h.orig 2022-09-14 19:32:12.426351385 +0200
++++ poppler/poppler/CertificateInfo.h 2022-09-14 19:32:18.947347812 +0200
+@@ -70,7 +70,7 @@
+ ~EntityInfo();
+
+ EntityInfo(EntityInfo &&) noexcept;
+- EntityInfo &operator=(EntityInfo &&) noexcept;
++ EntityInfo &operator=(EntityInfo &&) /*noexcept*/;
+
+ EntityInfo(const EntityInfo &) = delete;
+ EntityInfo &operator=(const EntityInfo &) = delete;
+--- poppler/poppler/CertificateInfo.cc.orig 2022-09-14 19:31:10.225385467 +0200
++++ poppler/poppler/CertificateInfo.cc 2022-09-14 19:31:12.572384182 +0200
+@@ -39,7 +39,7 @@
+
+ X509CertificateInfo::EntityInfo::EntityInfo(X509CertificateInfo::EntityInfo &&other) noexcept = default;
+
+-X509CertificateInfo::EntityInfo &X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo &&other) noexcept = default;
++X509CertificateInfo::EntityInfo &X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo &&other) /*noexcept*/ = default;
+
+ X509CertificateInfo::X509CertificateInfo() : ku_extensions(KU_NONE), cert_version(-1), is_self_signed(false) { }
+
+--- poppler/poppler/GfxFont.cc.orig 2022-09-14 20:24:32.569607333 +0200
++++ poppler/poppler/GfxFont.cc 2022-09-14 20:24:52.323596186 +0200
+@@ -180,7 +180,7 @@
+
+ GfxFontLoc::GfxFontLoc(GfxFontLoc &&other) noexcept = default;
+
+-GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) noexcept = default;
++GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) /*noexcept*/ = default;
+
+ void GfxFontLoc::setPath(GooString *pathA)
+ {
+--- poppler/poppler/GfxFont.h.orig 2022-09-14 20:24:30.784608340 +0200
++++ poppler/poppler/GfxFont.h 2022-09-14 20:25:08.850586861 +0200
+@@ -124,7 +124,7 @@
+ GfxFontLoc(const GfxFontLoc &) = delete;
+ GfxFontLoc(GfxFontLoc &&) noexcept;
+ GfxFontLoc &operator=(const GfxFontLoc &) = delete;
+- GfxFontLoc &operator=(GfxFontLoc &&other) noexcept;
++ GfxFontLoc &operator=(GfxFontLoc &&other) /*noexcept*/;
+
+ // Set the 'path' string from a GooString on the heap.
+ // Ownership of the object is taken.
diff --git a/external/poppler/poppler-config.patch.1 b/external/poppler/poppler-config.patch.1
index 2a24d4510197..455a88e2afc4 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -16,7 +16,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/config.h
-@@ -0,0 +1,223 @@
+@@ -0,0 +1,220 @@
+/* config.h. Generated from config.h.cmake by cmake. */
+
+/* Build against libcurl. */
@@ -105,9 +105,6 @@ index 0fbd336a..451213f8 100644
+#define HAVE_TIMEGM 1
+#endif
+
-+/* Define if you have the iconv() function and it works. */
-+/* #undef HAVE_ICONV */
-+
+/* Define to 1 if you have the `z' library (-lz). */
+/* #undef HAVE_LIBZ */
+
@@ -176,7 +173,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 21.11.0"
++#define PACKAGE_STRING "poppler 22.09.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -185,7 +182,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "21.11.0"
++#define PACKAGE_VERSION "22.09.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -203,7 +200,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "21.11.0"
++#define VERSION "22.09.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -229,7 +226,7 @@ index 0fbd336a..451213f8 100644
+#define popen _popen
+#define pclose _pclose
+#define strncasecmp _strnicmp
-+// error C4005: "strcasecmp": macro redefinition #define strcasecmp _stricmp
++#define strcasecmp _stricmp
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
@@ -250,7 +247,7 @@ index 0fbd336a..451213f8 100644
+//
+// poppler-config.h
+//
-+// Copyright 1996-2011 Glyph & Cog, LLC
++// Copyright 1996-2011, 2022 Glyph & Cog, LLC
+//
+//========================================================================
+
@@ -284,7 +281,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "21.11.0"
++#define POPPLER_VERSION "22.09.0"
+#endif
+
+/* Use single precision arithmetic in the Splash backend */
@@ -376,8 +373,8 @@ index 0fbd336a..451213f8 100644
+//------------------------------------------------------------------------
+
+// copyright notice
-+#define popplerCopyright "Copyright 2005-2021 The Poppler Developers - http://poppler.freedesktop.org"
-+#define xpdfCopyright "Copyright 1996-2011 Glyph & Cog, LLC"
++#define popplerCopyright "Copyright 2005-2022 The Poppler Developers - http://poppler.freedesktop.org"
++#define xpdfCopyright "Copyright 1996-2011, 2022 Glyph & Cog, LLC"
+
+//------------------------------------------------------------------------
+// Win32 stuff
@@ -436,9 +433,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "21.11.0"
-+#define POPPLER_VERSION_MAJOR 21
-+#define POPPLER_VERSION_MINOR 11
++#define POPPLER_VERSION "22.09.0"
++#define POPPLER_VERSION_MAJOR 22
++#define POPPLER_VERSION_MINOR 9
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
diff --git a/sdext/Executable_xpdfimport.mk b/sdext/Executable_xpdfimport.mk
index dde84963a1fb..fd07f7b43956 100644
--- a/sdext/Executable_xpdfimport.mk
+++ b/sdext/Executable_xpdfimport.mk
@@ -22,4 +22,8 @@ $(eval $(call gb_Executable_add_exception_objects,xpdfimport,\
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl \
))
+$(eval $(call gb_Executable_use_system_win32_libs,xpdfimport,\
+ shell32 \
+))
+
# vim:set noet sw=4 ts=4: