[packages/htmldoc] - rel 12; fixes from fc that prevent crashing

arekm arekm at pld-linux.org
Thu Nov 7 22:42:58 CET 2013 

commit 2db4bc04030b731b70223414cf4885cef9065e5a
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Thu Nov 7 22:42:56 2013 +0100

    - rel 12; fixes from fc that prevent crashing

 htmldoc-1.8.27-fortify-fail.patch    | 21 ++++++++++++++++++++
 htmldoc-1.8.27-scanf-overflows.patch | 38 ++++++++++++++++++++++++++++++++++++
 htmldoc.spec                         |  6 +++++-
 3 files changed, 64 insertions(+), 1 deletion(-)
---
diff --git a/htmldoc.spec b/htmldoc.spec
index fc133b5..fc6a428 100644
--- a/htmldoc.spec
+++ b/htmldoc.spec
@@ -6,12 +6,14 @@ Summary:	HTML processing program
 Summary(pl.UTF-8):	Program przetwarzający HTML
 Name:		htmldoc
 Version:	1.8.27
-Release:	11
+Release:	12
 License:	GPL v2 with OpenSSL exception
 Group:		Applications/Publishing
 Source0:	ftp://ftp.easysw.com/pub/htmldoc/%{version}/%{name}-%{version}-source.tar.bz2
 # Source0-md5:	35589e7b8fe9c54e11be87cd5aec4dcc
 Patch0:		%{name}-libpng15.patch
+Patch1:		htmldoc-1.8.27-fortify-fail.patch
+Patch2:		htmldoc-1.8.27-scanf-overflows.patch
 URL:		http://www.htmldoc.org/
 %{?with_gui:BuildRequires:	xorg-lib-libXpm-devel}
 BuildRequires:	autoconf
@@ -34,6 +36,8 @@ PDF ze spisem treści.
 %prep
 %setup -q
 %patch0 -p0
+%patch1 -p1
+%patch2 -p1
 
 %build
 %configure \
diff --git a/htmldoc-1.8.27-fortify-fail.patch b/htmldoc-1.8.27-fortify-fail.patch
new file mode 100644
index 0000000..32ec887
--- /dev/null
+++ b/htmldoc-1.8.27-fortify-fail.patch
@@ -0,0 +1,21 @@
+diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
+--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx	2009-08-13 19:32:21.846860508 -0400
++++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx	2009-08-13 19:40:29.185857503 -0400
+@@ -8619,7 +8619,7 @@
+           return (NULL);
+         }
+ 	// Safe because buffer is allocated...
+-        strcpy((char *)r->data.text.buffer, (char *)data);
++        memcpy((char *)r->data.text.buffer, (char *)data, strlen((char *)data));
+         get_color(_htmlTextColor, r->data.text.rgb);
+         break;
+     case RENDER_IMAGE :
+@@ -8640,7 +8640,7 @@
+           return (NULL);
+         }
+ 	// Safe because buffer is allocated...
+-        strcpy((char *)r->data.link, (char *)data);
++        memcpy((char *)r->data.link, (char *)data, strlen((char *)data));
+         break;
+   }
+ 
diff --git a/htmldoc-1.8.27-scanf-overflows.patch b/htmldoc-1.8.27-scanf-overflows.patch
new file mode 100644
index 0000000..f4b6591
--- /dev/null
+++ b/htmldoc-1.8.27-scanf-overflows.patch
@@ -0,0 +1,38 @@
+diff -ur htmldoc-1.8.27~/htmldoc/htmllib.cxx htmldoc-1.8.27/htmldoc/htmllib.cxx
+--- htmldoc-1.8.27~/htmldoc/htmllib.cxx	2009-08-13 19:25:30.066734472 -0400
++++ htmldoc-1.8.27/htmldoc/htmllib.cxx	2009-08-13 19:25:38.997733603 -0400
+@@ -2154,7 +2154,7 @@
+ 	  * assigned charset...
+ 	  */
+ 
+-          if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2)
++          if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%63s", &width, glyph) != 2)
+ 	    continue;
+ 
+           for (ch = 0; ch < 256; ch ++)
+Only in htmldoc-1.8.27/htmldoc: htmllib.cxx.orig
+diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
+--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx	2009-08-13 19:25:30.076736152 -0400
++++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx	2009-08-13 19:25:39.010735889 -0400
+@@ -12515,7 +12515,7 @@
+ 	  * assigned charset...
+ 	  */
+ 
+-	  if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2)
++	  if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%63s", &width, glyph) != 2)
+ 	    continue;
+ 
+ 	  for (ch = 0; ch < 256; ch ++)
+Only in htmldoc-1.8.27/htmldoc: ps-pdf.cxx.orig
+diff -ur htmldoc-1.8.27~/htmldoc/util.cxx htmldoc-1.8.27/htmldoc/util.cxx
+--- htmldoc-1.8.27~/htmldoc/util.cxx	2005-04-24 15:20:32.000000000 -0400
++++ htmldoc-1.8.27/htmldoc/util.cxx	2009-08-13 19:25:39.014737749 -0400
+@@ -484,7 +484,7 @@
+     PageWidth  = 595;
+     PageLength = 792;
+   }
+-  else if (sscanf(size, "%fx%f%s", &width, &length, units) >= 2)
++  else if (sscanf(size, "%fx%f%254s", &width, &length, units) >= 2)
+   {
+    /*
+     * Custom size...
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/htmldoc.git/commitdiff/2db4bc04030b731b70223414cf4885cef9065e5a

More information about the pld-cvs-commit mailing list