[Libreoffice-commits] core.git: Branch 'feature/cib_contract57b' - 37 commits - configure.ac download.lst external/curl external/lcms2 external/libxml2 external/libxslt external/mdnsresponder external/openssl external/poppler external/python3 include/o3tl sdext/source shell/source solenv/gcc-wrappers sw/qa xmloff/source
Luke Deller (via logerrit)
logerrit at kemper.freedesktop.org
Tue May 7 16:39:42 UTC 2019
configure.ac | 142
download.lst | 28
external/curl/CVE-2018-16890.patch | 39
external/curl/CVE-2019-3822.patch | 35
external/curl/UnpackedTarball_curl.mk | 2
external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1 | 25
external/lcms2/0017-Upgrade-Visual-studio-2017-15.8.patch.1 | 172 +
external/lcms2/ExternalPackage_lcms2.mk | 2
external/lcms2/ExternalProject_lcms2.mk | 1
external/lcms2/UnpackedTarball_lcms2.mk | 6
external/lcms2/lcms2-2.4-windows.patch | 32
external/lcms2/lcms2-config-guess.patch.0 | 1566 ----------
external/lcms2/lcms2-vc2013-project.patch | 490 ---
external/lcms2/lcms2.patch | 20
external/lcms2/ubsan.patch.0 | 22
external/libxml2/0001-Fix-buffer-size-checks-in-xmlSnprintfElementContent.patch.1 | 116
external/libxml2/0001-Fix-handling-of-parameter-entity-references.patch.1 | 287 -
external/libxml2/0001-Fix-type-confusion-in-xmlValidateOneNamespace.patch.1 | 43
external/libxml2/0001-Increase-buffer-space-for-port-in-HTTP-redirect-supp.patch.1 | 31
external/libxml2/0001-Prevent-unwanted-external-entity-reference.patch.1 | 35
external/libxml2/ExternalPackage_xml2.mk | 2
external/libxml2/ExternalProject_xml2.mk | 3
external/libxml2/UnpackedTarball_xml2.mk | 6
external/libxml2/libxml2-android.patch | 14
external/libxml2/libxml2-global-symbols.patch | 4
external/libxml2/libxml2-icu.patch.0 | 15
external/libxml2/libxml2-vc10.patch | 2
external/libxml2/ubsan.patch.0 | 84
external/libxslt/UnpackedTarball_xslt.mk | 1
external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 | 120
external/mdnsresponder/UnpackedTarball_mDNSResponder.mk | 5
external/mdnsresponder/mDNSResponder_Win32_SOCKET.patch.1 | 85
external/mdnsresponder/mDNSResponder_Win32_buildfix.patch.1 | 16
external/openssl/ExternalProject_openssl.mk | 2
external/openssl/UnpackedTarball_openssl.mk | 1
external/openssl/openssllnx.patch | 2
external/openssl/opensslmingw.patch | 123
external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1 | 27
external/poppler/StaticLibrary_poppler.mk | 6
external/poppler/UnpackedTarball_poppler.mk | 12
external/poppler/poppler-c++11.patch.1 | 31
external/poppler/poppler-config.patch.1 | 12
external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 | 59
external/python3/UnpackedTarball_python3.mk | 2
external/python3/python-3.5.7-c99.patch.1 | 62
include/o3tl/make_unique.hxx | 19
include/o3tl/runtimetooustring.hxx | 48
sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx | 38
sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx | 49
sdext/source/pdfimport/xpdfwrapper/pnghelper.cxx | 6
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx | 4
shell/source/unix/exec/shellexec.cxx | 36
shell/source/win32/SysShExec.cxx | 117
solenv/gcc-wrappers/wrapper.cxx | 20
sw/qa/extras/odfimport/data/tdf109080_loext_ns.odt |binary
sw/qa/extras/odfimport/data/tdf109080_style_ns.odt |binary
sw/qa/extras/odfimport/odfimport.cxx | 31
xmloff/source/text/txtimp.cxx | 2
58 files changed, 1011 insertions(+), 3149 deletions(-)
New commits:
commit 0907998f5b962a524bebf859e3f064e6c259234c
Author: Luke Deller <luke at deller.id.au>
AuthorDate: Wed Jul 12 23:56:50 2017 +1000
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 18:25:08 2019 +0200
tdf#109080 First page header/footer ODF (1/2)
The proposal to add <style:header-first> / <style:footer-first>
to the ODF standard has not yet been accepted, so meanwhile we
should be using an extension namespace for these elements.
This first commit (intended for backport) adds support for reading
<loext:header-first> / <loext:footer-first>
(cherry picked from commit bff8cd3d52223002263dcb8c09758c4fc753b6e3)
Reviewed-on: https://gerrit.libreoffice.org/40227
Reviewed-by: Michael Stahl <mstahl at redhat.com>
Tested-by: Jenkins <ci at libreoffice.org>
(cherry picked from commit c027764f94a1fc0a367e03b412d3c11d6c10769c)
Conflicts:
sw/qa/extras/odfimport/odfimport.cxx
Change-Id: I616b6a0acaead9d767ae7d119e539b865f3a6774
diff --git a/sw/qa/extras/odfimport/data/tdf109080_loext_ns.odt b/sw/qa/extras/odfimport/data/tdf109080_loext_ns.odt
new file mode 100644
index 000000000000..ac7b3e272acc
Binary files /dev/null and b/sw/qa/extras/odfimport/data/tdf109080_loext_ns.odt differ
diff --git a/sw/qa/extras/odfimport/data/tdf109080_style_ns.odt b/sw/qa/extras/odfimport/data/tdf109080_style_ns.odt
new file mode 100644
index 000000000000..ada290dc5fe1
Binary files /dev/null and b/sw/qa/extras/odfimport/data/tdf109080_style_ns.odt differ
diff --git a/sw/qa/extras/odfimport/odfimport.cxx b/sw/qa/extras/odfimport/odfimport.cxx
index 92069c00808c..fef7eb109e9b 100644
--- a/sw/qa/extras/odfimport/odfimport.cxx
+++ b/sw/qa/extras/odfimport/odfimport.cxx
@@ -646,5 +646,36 @@ DECLARE_ODFIMPORT_TEST(testTdf96113, "tdf96113.odt")
CPPUNIT_ASSERT_EQUAL(sal_Int32(0x00ff00), getProperty<sal_Int32>(getShape(1), "BackColor"));
}
+DECLARE_ODFIMPORT_TEST(testTdf109080_loext_ns, "tdf109080_loext_ns.odt")
+{
+ // Test we can import <loext:header-first> and <loext:footer-first>
+
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the first page header"),
+ parseDump("/root/page[1]/header/txt/text()"));
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the non-first-page header"),
+ parseDump("/root/page[2]/header/txt/text()"));
+
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the first page footer"),
+ parseDump("/root/page[1]/footer/txt/text()"));
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the non-first-page footer"),
+ parseDump("/root/page[2]/footer/txt/text()"));
+}
+
+DECLARE_ODFIMPORT_TEST(testTdf109080_style_ns, "tdf109080_style_ns.odt")
+{
+ // Test we can import <style:header-first> and <style:footer-first>
+ // (produced by LibreOffice 4.0 - 5.x)
+
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the first page header"),
+ parseDump("/root/page[1]/header/txt/text()"));
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the non-first-page header"),
+ parseDump("/root/page[2]/header/txt/text()"));
+
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the first page footer"),
+ parseDump("/root/page[1]/footer/txt/text()"));
+ CPPUNIT_ASSERT_EQUAL(OUString("This is the non-first-page footer"),
+ parseDump("/root/page[2]/footer/txt/text()"));
+}
+
CPPUNIT_PLUGIN_IMPLEMENT();
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmloff/source/text/txtimp.cxx b/xmloff/source/text/txtimp.cxx
index 08dafafdcbfe..3158e272a58a 100644
--- a/xmloff/source/text/txtimp.cxx
+++ b/xmloff/source/text/txtimp.cxx
@@ -407,6 +407,8 @@ static const SvXMLTokenMapEntry aTextMasterPageElemTokenMap[] =
{ XML_NAMESPACE_STYLE, XML_FOOTER, XML_TOK_TEXT_MP_FOOTER },
{ XML_NAMESPACE_STYLE, XML_HEADER_LEFT, XML_TOK_TEXT_MP_HEADER_LEFT },
{ XML_NAMESPACE_STYLE, XML_FOOTER_LEFT, XML_TOK_TEXT_MP_FOOTER_LEFT },
+ { XML_NAMESPACE_LO_EXT, XML_HEADER_FIRST, XML_TOK_TEXT_MP_HEADER_FIRST },
+ { XML_NAMESPACE_LO_EXT, XML_FOOTER_FIRST, XML_TOK_TEXT_MP_FOOTER_FIRST },
{ XML_NAMESPACE_STYLE, XML_HEADER_FIRST, XML_TOK_TEXT_MP_HEADER_FIRST },
{ XML_NAMESPACE_STYLE, XML_FOOTER_FIRST, XML_TOK_TEXT_MP_FOOTER_FIRST },
commit 94d7adf2431f3d3f5aef6a0c00f067d5d94aff08
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Thu May 2 10:59:01 2019 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 17:01:29 2019 +0200
libpng: upgrade to release 1.6.37
Fixes CVE-2019-7317.
Reviewed-on: https://gerrit.libreoffice.org/71663
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit e2abbc0062398ea67cb13cb5b0b7bfdce78e652c)
Change-Id: I3374f5cbd6552e2c1569d63ee680d0c1d9389621
diff --git a/download.lst b/download.lst
index 98e55295f5c5..761d5bf28abb 100644
--- a/download.lst
+++ b/download.lst
@@ -129,8 +129,8 @@ export OWNCLOUD_ANDROID_LIB_TARBALL := owncloud-android-library-0.9.4-no-binary-
export PAGEMAKER_MD5SUM := 5c4985a68be0b79d3f809da5e12b143c
export PAGEMAKER_TARBALL := libpagemaker-0.0.3.tar.bz2
export PIXMAN_TARBALL := c63f411b3ad147db2bcce1bf262a0e02-pixman-0.24.4.tar.bz2
-export PNG_MD5SUM := 897ccec1ebfb0922e83c2bfaa1be8748
-export PNG_TARBALL := libpng-1.6.28.tar.gz
+export PNG_MD5SUM := 015e8e15db1eecde5f2eb9eb5b6e59e9
+export PNG_TARBALL := libpng-1.6.37.tar.xz
export POPPLER_MD5SUM := 1ce581bde2f23fa55bee13d8c61ac0df
export POPPLER_TARBALL := poppler-0.74.0.tar.xz
export POSTGRESQL_TARBALL := c0b4799ea9850eae3ead14f0a60e9418-postgresql-9.2.1.tar.bz2
commit b4b927ad84f26210b59a3cf13d3e2c6628a4212a
Author: Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Fri Mar 29 14:01:19 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 17:01:19 2019 +0200
Filter out problematic file URLs
(cherry picked from commit 7e50e885ebbe130debcd4278a10a4e288655fdfc)
Conflicts:
shell/source/win32/SysShExec.cxx
Reviewed-on: https://gerrit.libreoffice.org/70188
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit a35068ba25ed9da37bcb20598c9791b6979cf1ef)
Change-Id: I87fd37e56326bef4888354b923407530c6f70760
diff --git a/shell/source/unix/exec/shellexec.cxx b/shell/source/unix/exec/shellexec.cxx
index 7f12a80b76ef..857e0b1ec90c 100644
--- a/shell/source/unix/exec/shellexec.cxx
+++ b/shell/source/unix/exec/shellexec.cxx
@@ -42,6 +42,9 @@
#include <errno.h>
#include <unistd.h>
+#if defined MACOSX
+#include <sys/stat.h>
+#endif
// namespace directives
@@ -129,6 +132,39 @@ void SAL_CALL ShellExec::execute( const OUString& aCommand, const OUString& aPar
}
#ifdef MACOSX
+ if (uri->getScheme().equalsIgnoreAsciiCase("file")) {
+ OUString pathname;
+ auto const e1 = osl::FileBase::getSystemPathFromFileURL(aCommand, pathname);
+ if (e1 != osl::FileBase::E_None) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, getSystemPathFromFileURL <" + aCommand
+ + "> failed with " + OUString::number(e1)),
+ {}, 0);
+ }
+ OString pathname8;
+ if (!pathname.convertToString(
+ &pathname8, RTL_TEXTENCODING_UTF8,
+ (RTL_UNICODETOTEXT_FLAGS_UNDEFINED_ERROR
+ | RTL_UNICODETOTEXT_FLAGS_INVALID_ERROR)))
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, cannot convert \"" + pathname + "\" to UTF-8", {},
+ 0);
+ }
+ struct stat st;
+ auto const e2 = stat(pathname8.getStr(), &st);
+ if (e2 != 0) {
+ auto const e3 = errno;
+ SAL_INFO("shell", "stat(" << pathname8 << ") failed with errno " << e3);
+ }
+ if (e2 != 0 || !S_ISREG(st.st_mode)
+ || (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) != 0)
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, cannot process <" + aCommand + ">", {}, 0);
+ }
+ }
+
//TODO: Using open(1) with an argument that syntactically is an absolute
// URI reference does not necessarily give expected results:
// 1 If the given URI reference matches a supported scheme (e.g.,
diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
index 55cbb90a5782..44a6e047bdc6 100644
--- a/shell/source/win32/SysShExec.cxx
+++ b/shell/source/win32/SysShExec.cxx
@@ -18,8 +18,11 @@
*/
#include <algorithm>
+#include <cassert>
#include <osl/diagnose.h>
+#include <osl/process.h>
+#include <sal/log.hxx>
#include "SysShExec.hxx"
#include <osl/file.hxx>
#include <sal/macros.h>
@@ -27,6 +30,7 @@
#include <com/sun/star/system/SystemShellExecuteFlags.hpp>
#include <com/sun/star/uri/UriReferenceFactory.hpp>
#include <cppuhelper/supportsservice.hxx>
+#include <o3tl/runtimetooustring.hxx>
#define WIN32_LEAN_AND_MEAN
#if defined _MSC_VER
@@ -34,6 +38,7 @@
#endif
#include <windows.h>
#include <shellapi.h>
+#include <Shobjidl.h>
#include <objbase.h>
#if defined _MSC_VER
#pragma warning(pop)
@@ -43,6 +48,8 @@
// namespace directives
+#include <systools/win32/comtools.hxx>
+
using com::sun::star::uno::Reference;
using com::sun::star::uno::RuntimeException;
using com::sun::star::uno::Sequence;
@@ -252,6 +259,20 @@ CSysShExec::CSysShExec( const Reference< css::uno::XComponentContext >& xContext
CoInitialize( NULL );
}
+namespace
+{
+bool checkExtension(OUString const & extension, OUString const & blacklist) {
+ assert(!extension.isEmpty());
+ for (sal_Int32 i = 0; i != -1;) {
+ OUString tok = blacklist.getToken(0, ';', i);
+ tok.startsWith(".", &tok);
+ if (extension.equalsIgnoreAsciiCase(tok)) {
+ return false;
+ }
+ }
+ return true;
+}
+}
void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aParameter, sal_Int32 nFlags )
throw (IllegalArgumentException, SystemShellExecuteException, RuntimeException)
@@ -281,6 +302,102 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
+ aCommand,
static_cast< cppu::OWeakObject * >(this), 0);
}
+ if (uri->getScheme().equalsIgnoreAsciiCase("file")) {
+ OUString pathname;
+ auto const e1 = osl::FileBase::getSystemPathFromFileURL(aCommand, pathname);
+ if (e1 != osl::FileBase::E_None) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, getSystemPathFromFileURL <" + aCommand
+ + "> failed with " + OUString::number(e1)),
+ {}, 0);
+ }
+ for (int i = 0;; ++i) {
+ SHFILEINFOW info;
+ if (SHGetFileInfoW(
+ pathname.getStr(), 0, &info, sizeof info, SHGFI_EXETYPE)
+ != 0)
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, cannot process <" + aCommand + ">", {}, 0);
+ }
+ if (SHGetFileInfoW(
+ pathname.getStr(), 0, &info, sizeof info, SHGFI_ATTRIBUTES)
+ == 0)
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, SHGetFileInfoW(" + pathname + ") failed", {},
+ 0);
+ }
+ if ((info.dwAttributes & SFGAO_LINK) == 0) {
+ break;
+ }
+ sal::systools::COMReference<IShellLinkW> link;
+ auto e2 = CoCreateInstance(
+ CLSID_ShellLink, nullptr, CLSCTX_INPROC_SERVER, IID_IShellLinkW,
+ reinterpret_cast<LPVOID *>(&link));
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, CoCreateInstance failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ sal::systools::COMReference<IPersistFile> file;
+ try {
+ file = link.QueryInterface<IPersistFile>(IID_IPersistFile);
+ } catch(sal::systools::ComError & e3) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, QueryInterface failed with: "
+ + o3tl::runtimeToOUString(e3.what())),
+ {}, 0);
+ }
+ e2 = file->Load(pathname.getStr(), STGM_READ);
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, IPersistFile.Load failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ e2 = link->Resolve(nullptr, SLR_UPDATE | SLR_NO_UI);
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, IShellLink.Resolve failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ wchar_t path[MAX_PATH];
+ WIN32_FIND_DATAW wfd;
+ e2 = link->GetPath(path, MAX_PATH, &wfd, SLGP_RAWPATH);
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, IShellLink.GetPath failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ pathname = path;
+ // Fail at some arbitrary nesting depth, to avoid an infinite loop:
+ if (i == 30) {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, link depth exceeded for <" + aCommand + ">",
+ {}, 0);
+ }
+ }
+ auto const n = pathname.lastIndexOf('.');
+ if (n > pathname.lastIndexOf('\\')) {
+ auto const ext = pathname.copy(n + 1);
+ OUString env;
+ if (osl_getEnvironment(OUString("PATHEXT").pData, &env.pData) != osl_Process_E_None)
+ {
+ SAL_INFO("shell", "osl_getEnvironment(PATHEXT) failed");
+ }
+ if (!(checkExtension(ext, env)
+ && checkExtension(
+ ext, ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY")))
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, cannot process <" + aCommand + ">", {}, 0);
+ }
+ }
+ }
}
/* #i4789#; jump mark detection on system paths
commit 357038e08b499f7cd3228d13efa3d7dc5f79d8c1
Author: Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Wed Nov 23 23:10:29 2016 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 17:01:12 2019 +0200
New o3tl::runtimeToOUString to convert from C++ runtime NTBS to OUString
Change-Id: I613bb70b6828f615fd45af38b2d873ece55ace60
(cherry picked from commit d689ad29c28ad7f077c2239a8fa4c2b6307a6aa1)
Reviewed-on: https://gerrit.libreoffice.org/71591
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
Tested-by: Michael Stahl <Michael.Stahl at cib.de>
diff --git a/include/o3tl/runtimetooustring.hxx b/include/o3tl/runtimetooustring.hxx
new file mode 100644
index 000000000000..7f2015805722
--- /dev/null
+++ b/include/o3tl/runtimetooustring.hxx
@@ -0,0 +1,48 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef INCLUDED_O3TL_RUNTIMETOOUSTRING_HXX
+#define INCLUDED_O3TL_RUNTIMETOOUSTRING_HXX
+
+#include <sal/config.h>
+
+#include <cassert>
+#include <cstring>
+
+#include <rtl/textcvt.h>
+#include <rtl/textenc.h>
+#include <rtl/ustring.h>
+#include <rtl/ustring.hxx>
+
+namespace o3tl {
+
+/** Convert an NTBS from the C++ runtime to an OUString.
+
+ This is used to convert an NTBS as provided by std::exception::what or
+ std::type_info::name into an OUString in a "lossless" way. The conversion
+ is done using RTL_TEXTENCODING_ISO_8859_1, so each char in the input maps
+ to one Unicode character in the output.
+*/
+inline OUString runtimeToOUString(char const * runtimeString) {
+ OUString s;
+ bool ok = rtl_convertStringToUString(
+ &s.pData, runtimeString, std::strlen(runtimeString),
+ RTL_TEXTENCODING_ISO_8859_1,
+ (RTL_TEXTTOUNICODE_FLAGS_UNDEFINED_ERROR
+ | RTL_TEXTTOUNICODE_FLAGS_MBUNDEFINED_ERROR
+ | RTL_TEXTTOUNICODE_FLAGS_INVALID_ERROR));
+ assert(ok); (void) ok;
+ return s;
+}
+
+}
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */
commit 7c2d0ea106db51d742625f660b85f4ef3521f2df
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Apr 17 14:50:10 2019 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 17:01:04 2019 +0200
libxslt: add patch for CVE-2019-11068
Change-Id: I3fe30de8140dce3d81cdfae7d41e0bd465b1d5f4
Reviewed-on: https://gerrit.libreoffice.org/70879
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 2d85b75b1220484aebd6e583d6d7aee71280e38e)
Reviewed-on: https://gerrit.libreoffice.org/70894
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
(cherry picked from commit 32948e7778b959ef1037d9be707a6bfc7db4160d)
diff --git a/external/libxslt/UnpackedTarball_xslt.mk b/external/libxslt/UnpackedTarball_xslt.mk
index f17a42aba179..04ef80703e86 100644
--- a/external/libxslt/UnpackedTarball_xslt.mk
+++ b/external/libxslt/UnpackedTarball_xslt.mk
@@ -17,6 +17,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,xslt,\
external/libxslt/libxslt-msvc.patch.2 \
external/libxslt/libxslt-1.1.26-memdump.patch \
external/libxslt/rpath.patch.0 \
+ external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 b/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1
new file mode 100644
index 000000000000..260f35d1a35e
--- /dev/null
+++ b/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1
@@ -0,0 +1,120 @@
+From e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer at aevum.de>
+Date: Sun, 24 Mar 2019 09:51:39 +0100
+Subject: [PATCH] Fix security framework bypass
+
+xsltCheckRead and xsltCheckWrite return -1 in case of error but callers
+don't check for this condition and allow access. With a specially
+crafted URL, xsltCheckRead could be tricked into returning an error
+because of a supposedly invalid URL that would still be loaded
+succesfully later on.
+
+Fixes #12.
+
+Thanks to Felix Wilhelm for the report.
+---
+ libxslt/documents.c | 18 ++++++++++--------
+ libxslt/imports.c | 9 +++++----
+ libxslt/transform.c | 9 +++++----
+ libxslt/xslt.c | 9 +++++----
+ 4 files changed, 25 insertions(+), 20 deletions(-)
+
+diff --git a/libxslt/documents.c b/libxslt/documents.c
+index 3f3a7312..4aad11bb 100644
+--- a/libxslt/documents.c
++++ b/libxslt/documents.c
+@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) {
+ int res;
+
+ res = xsltCheckRead(ctxt->sec, ctxt, URI);
+- if (res == 0) {
+- xsltTransformError(ctxt, NULL, NULL,
+- "xsltLoadDocument: read rights for %s denied\n",
+- URI);
++ if (res <= 0) {
++ if (res == 0)
++ xsltTransformError(ctxt, NULL, NULL,
++ "xsltLoadDocument: read rights for %s denied\n",
++ URI);
+ return(NULL);
+ }
+ }
+@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) {
+ int res;
+
+ res = xsltCheckRead(sec, NULL, URI);
+- if (res == 0) {
+- xsltTransformError(NULL, NULL, NULL,
+- "xsltLoadStyleDocument: read rights for %s denied\n",
+- URI);
++ if (res <= 0) {
++ if (res == 0)
++ xsltTransformError(NULL, NULL, NULL,
++ "xsltLoadStyleDocument: read rights for %s denied\n",
++ URI);
+ return(NULL);
+ }
+ }
+diff --git a/libxslt/imports.c b/libxslt/imports.c
+index 874870cc..3783b247 100644
+--- a/libxslt/imports.c
++++ b/libxslt/imports.c
+@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) {
+ int secres;
+
+ secres = xsltCheckRead(sec, NULL, URI);
+- if (secres == 0) {
+- xsltTransformError(NULL, NULL, NULL,
+- "xsl:import: read rights for %s denied\n",
+- URI);
++ if (secres <= 0) {
++ if (secres == 0)
++ xsltTransformError(NULL, NULL, NULL,
++ "xsl:import: read rights for %s denied\n",
++ URI);
+ goto error;
+ }
+ }
+diff --git a/libxslt/transform.c b/libxslt/transform.c
+index 13793914..0636dbd0 100644
+--- a/libxslt/transform.c
++++ b/libxslt/transform.c
+@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node,
+ */
+ if (ctxt->sec != NULL) {
+ ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
+- if (ret == 0) {
+- xsltTransformError(ctxt, NULL, inst,
+- "xsltDocumentElem: write rights for %s denied\n",
+- filename);
++ if (ret <= 0) {
++ if (ret == 0)
++ xsltTransformError(ctxt, NULL, inst,
++ "xsltDocumentElem: write rights for %s denied\n",
++ filename);
+ xmlFree(URL);
+ xmlFree(filename);
+ return;
+diff --git a/libxslt/xslt.c b/libxslt/xslt.c
+index 780a5ad7..a234eb79 100644
+--- a/libxslt/xslt.c
++++ b/libxslt/xslt.c
+@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
+ int res;
+
+ res = xsltCheckRead(sec, NULL, filename);
+- if (res == 0) {
+- xsltTransformError(NULL, NULL, NULL,
+- "xsltParseStylesheetFile: read rights for %s denied\n",
+- filename);
++ if (res <= 0) {
++ if (res == 0)
++ xsltTransformError(NULL, NULL, NULL,
++ "xsltParseStylesheetFile: read rights for %s denied\n",
++ filename);
+ return(NULL);
+ }
+ }
+--
+2.18.1
+
commit 94ae35f751d5ad62cfd43cfa28080284657c319c
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Apr 8 19:25:27 2019 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 17:00:41 2019 +0200
openssl: remove MinGW patch
This breaks the OPENSSL_IMPLEMENT_GLOBAL macro quite badly, which is
also used on MSVC builds, and MSVC warns about the breakage.
Change-Id: I8f4c7c8097e7d737ca32d6a020a569c0a99b92d4
diff --git a/external/openssl/UnpackedTarball_openssl.mk b/external/openssl/UnpackedTarball_openssl.mk
index 9fc5f72656e3..5845e31a436a 100644
--- a/external/openssl/UnpackedTarball_openssl.mk
+++ b/external/openssl/UnpackedTarball_openssl.mk
@@ -13,7 +13,6 @@ $(eval $(call gb_UnpackedTarball_set_tarball,openssl,$(OPENSSL_TARBALL),,openssl
$(eval $(call gb_UnpackedTarball_add_patches,openssl,\
external/openssl/openssllnx.patch \
- external/openssl/opensslmingw.patch \
external/openssl/opensslwnt.patch \
external/openssl/openssl-1.0.1h-win64.patch.1 \
external/openssl/opensslsol.patch \
diff --git a/external/openssl/opensslmingw.patch b/external/openssl/opensslmingw.patch
deleted file mode 100644
index 2a8729cbc26e..000000000000
--- a/external/openssl/opensslmingw.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-diff -ru openssl.orig/Makefile.shared openssl/Makefile.shared
---- a/openssl.orig/Makefile.shared 2016-03-03 21:16:48.751822016 +0100
-+++ b/openssl/Makefile.shared 2016-03-03 21:27:12.615802449 +0100
-@@ -278,7 +278,7 @@
- link_a.cygwin:
- @ $(CALC_VERSIONS); \
- INHIBIT_SYMLINKS=yes; \
-- SHLIB=cyg$(LIBNAME); SHLIB_SOVER=-$(LIBVERSION); SHLIB_SUFFIX=.dll; \
-+ SHLIB=cyg$(LIBNAME); SHLIB_SOVER=; SHLIB_SUFFIX=.dll; \
- dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; extras=; \
- base=-Wl,--enable-auto-image-base; \
- if expr $(PLATFORM) : 'mingw' > /dev/null; then \
-@@ -289,7 +289,11 @@
- SHLIB_SOVER=32; \
- extras="$(LIBNAME).def"; \
- $(PERL) util/mkdef.pl 32 $$SHLIB > $$extras; \
-- base=; [ $(LIBNAME) = "crypto" -a -n "$(FIPSCANLIB)" ] && base=-Wl,--image-base,0x63000000; \
-+ base=; \
-+ if test $(LIBNAME) = "crypto"; then \
-+ SHLIB=libeay32; \
-+ base=-Wl,--image-base,0x63000000; \
-+ fi; \
- fi; \
- dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
- $(PERL) util/mkrc.pl $$dll_name | \
-@@ -297,7 +301,7 @@
- extras="$$extras rc.o"; \
- ALLSYMSFLAGS='-Wl,--whole-archive'; \
- NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
-+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-s,-Bsymbolic -Wl,--export-all-symbols -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
- [ -f apps/$$dll_name ] && rm apps/$$dll_name; \
- [ -f test/$$dll_name ] && rm test/$$dll_name; \
- $(LINK_SO_A) || exit 1; \
-diff -ru openssl.orig/e_os2.h openssl/e_os2.h
---- a/openssl.orig/e_os2.h 2016-03-01 14:35:53.000000000 +0100
-+++ b/openssl/e_os2.h 2016-03-03 21:27:33.179801804 +0100
-@@ -293,7 +293,7 @@
- # ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
- # define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
- type *_shadow_##name(void) \
-- { static type _hide_##name=value; return &_hide_##name; }
-+ { type _hide_##name=value; return &_hide_##name; }
- # define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
- # define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
- # else
-diff -ru openssl.orig/ms/mingw32.bat openssl/ms/mingw32.bat
---- a/openssl.orig/ms/mingw32.bat 2016-03-01 14:35:05.000000000 +0100
-+++ b/openssl/ms/mingw32.bat 2016-03-03 21:27:56.487801073 +0100
-@@ -75,15 +75,41 @@
- rem copy ms\tlhelp32.h outinc
-
- echo Building the libraries
--mingw32-make -f ms/mingw32a.mak
-+make -f ms/mingw32a.mak
- if errorlevel 1 goto end
-
- echo Generating the DLLs and input libraries
--dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lws2_32 -lgdi32
-+mv out/libcrypto.a out/libcrypto_static.a
-+mv out/libssl.a out/libssl_static.a
-+dlltool --dllname libeay32.dll --output-lib out/libcrypto.a --input-def ms/libeay32.def
- if errorlevel 1 goto end
--dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a
-+gcc --shared --enable-pseudo-reloc -Wl,-Map,out/libeay32.map ms/libeay32.def -o out/libeay32.dll out/libcrypto_static.a -lws2_32 -lgdi32
- if errorlevel 1 goto end
-+dlltool --dllname ssleay32.dll --output-lib out/libssl.a --input-def ms/ssleay32.def
-+if errorlevel 1 goto end
-+if "%MINGW_SHARED_GXXLIB%"=="TRUE" goto shared_gxxlib
-+if "%MINGW_SHARED_GCCLIB%"=="TRUE" goto shared_gcclib
-+gcc --shared --enable-pseudo-reloc -Wl,-Map,out/libeay32.map ms/libeay32.def -o out/libeay32.dll out/libcrypto_static.a -lws2_32 -lgdi32
-+if errorlevel 1 goto end
-+gcc --shared --enable-pseudo-reloc -Wl,-Map,out/ssleay32.map -Lout ms/ssleay32.def -o out/ssleay32.dll out/libssl_static.a -lcrypto
-+if errorlevel 1 goto end
-+goto finished
-+
-+:shared_gcclib
-+gcc --shared -shared-libgcc --enable-pseudo-reloc -Wl,-Map,out/libeay32.map ms/libeay32.def -o out/libeay32.dll out/libcrypto_static.a -lws2_32 -lgdi32
-+if errorlevel 1 goto end
-+gcc --shared -shared-libgcc --enable-pseudo-reloc -Wl,-Map,out/ssleay32.map -Lout ms/ssleay32.def -o out/ssleay32.dll out/libssl_static.a -lcrypto
-+if errorlevel 1 goto end
-+goto finished
-
-+:shared_gxxlib
-+gcc --shared -shared-libgcc --enable-pseudo-reloc -Wl,-Map,out/libeay32.map ms/libeay32.def -o out/libeay32.dll out/libcrypto_static.a -lws2_32 -lgdi32 %MINGW_SHARED_LIBSTDSPP%
-+if errorlevel 1 goto end
-+gcc --shared -shared-libgcc --enable-pseudo-reloc -Wl,-Map,out/ssleay32.map -Lout ms/ssleay32.def -o out/ssleay32.dll out/libssl_static.a -lcrypto %MINGW_SHARED_LIBSTDSPP%
-+if errorlevel 1 goto end
-+goto finished
-+
-+:finished
- echo Done compiling OpenSSL
-
- :end
-diff -ru openssl.orig/util/pl/Mingw32.pl openssl/util/pl/Mingw32.pl
---- a/openssl.orig/util/pl/Mingw32.pl 2016-03-01 14:33:04.000000000 +0100
-+++ b/openssl/util/pl/Mingw32.pl 2016-03-03 21:28:16.691800440 +0100
-@@ -6,11 +6,11 @@
- $o='/';
- $cp='cp';
- $rm='rm -f';
--$mkdir='gmkdir';
-+#$mkdir='gmkdir';
-
--$o='\\';
--$cp='copy';
--$rm='del';
-+#$o='\\';
-+#$cp='copy';
-+#$rm='del';
- $mkdir='mkdir';
-
- # C compiler stuff
-@@ -85,7 +85,8 @@
- ($Name=$name) =~ tr/a-z/A-Z/;
-
- $ret.="$target: \$(${Name}OBJ)\n";
-- $ret.="\tif exist $target \$(RM) $target\n";
-+ $ret.="\t\$(RM) $target\n";
-+# $ret.="\tif exist $target \$(RM) $target\n";
- $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
- $ret.="\t\$(RANLIB) $target\n\n";
- }
commit f04d32f0532a1906bbafa18fe093dc250292e3a6
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Apr 8 14:25:47 2019 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 17:00:31 2019 +0200
openssl: try to fix build with 7.1A SDK
Change-Id: Ic4a9e53227e34fe41a69afd52a9e91ef9545f8f9
diff --git a/external/openssl/ExternalProject_openssl.mk b/external/openssl/ExternalProject_openssl.mk
index 9ae7a1395cc6..7b7b960a4b18 100644
--- a/external/openssl/ExternalProject_openssl.mk
+++ b/external/openssl/ExternalProject_openssl.mk
@@ -61,7 +61,7 @@ OPENSSL_PLATFORM := \
ifeq ($(COM),MSC)
$(call gb_ExternalProject_get_state_target,openssl,build):
$(call gb_ExternalProject_run,build,\
- export CC="$(shell cygpath -w $(filter-out -%,$(CC))) $(filter -%,$(CC))" \
+ export CC="$(shell cygpath -w $(filter-out -%,$(CC))) $(filter -%,$(CC)) $(if $(findstring 140_70,$(VCVER)_$(WINDOWS_SDK_VERSION)),-D_USING_V110_SDK71_)" \
&& export PERL="$(shell cygpath -w $(PERL))" \
&& export LIB="$(ILIB)" \
&& $(PERL) Configure $(OPENSSL_PLATFORM) no-idea \
commit 08ff4607027a2362926c183f7e6c7256092c0f7c
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Apr 3 11:03:17 2019 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:59:57 2019 +0200
python3: upgrade to release 3.5.7
Fixes CVE-2019-9636 CVE-2019-5010 CVE-2018-14647
Reviewed-on: https://gerrit.libreoffice.org/70182
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 3c7354a85a9bd47a2676aadaad2f6622fe2d959c)
Reviewed-on: https://gerrit.libreoffice.org/70194
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
(cherry picked from commit a072b91c03f7e24cc5fe99e4b7462d37ef8d703b)
Change-Id: If0a115960aed1ee90b63e6716c844669f0ec91e5
diff --git a/configure.ac b/configure.ac
index 538512bc1ec3..52f9c6504db1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8403,7 +8403,7 @@ internal)
SYSTEM_PYTHON=
PYTHON_VERSION_MAJOR=3
PYTHON_VERSION_MINOR=5
- PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.6
+ PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.7
if ! grep -q -i python.*${PYTHON_VERSION} ${SRC_ROOT}/download.lst; then
AC_MSG_ERROR([PYTHON_VERSION ${PYTHON_VERSION} but no matching file in download.lst])
fi
diff --git a/download.lst b/download.lst
index 581ad04965f4..98e55295f5c5 100644
--- a/download.lst
+++ b/download.lst
@@ -134,8 +134,8 @@ export PNG_TARBALL := libpng-1.6.28.tar.gz
export POPPLER_MD5SUM := 1ce581bde2f23fa55bee13d8c61ac0df
export POPPLER_TARBALL := poppler-0.74.0.tar.xz
export POSTGRESQL_TARBALL := c0b4799ea9850eae3ead14f0a60e9418-postgresql-9.2.1.tar.bz2
-export PYTHON_MD5SUM := f5a99f765e765336a3ebbb2a24ca2be3
-export PYTHON_TARBALL := Python-3.5.6.tar.xz
+export PYTHON_MD5SUM := b1b4949786732494f4d6675c184aa765
+export PYTHON_TARBALL := Python-3.5.7.tar.xz
export RAPTOR_TARBALL := 4ceb9316488b0ea01acf011023cf7fff-raptor2-2.0.9.tar.gz
export RASQAL_TARBALL := b12c5f9cfdb6b04efce5a4a186b8416b-rasqal-0.9.30.tar.gz
export REDLAND_TARBALL := 32f8e1417a64d3c6f2c727f9053f55ea-redland-1.0.16.tar.gz
diff --git a/external/python3/UnpackedTarball_python3.mk b/external/python3/UnpackedTarball_python3.mk
index 04def4429860..5fe0212d86e3 100644
--- a/external/python3/UnpackedTarball_python3.mk
+++ b/external/python3/UnpackedTarball_python3.mk
@@ -28,6 +28,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,python3,\
external/python3/ubsan.patch.0 \
external/python3/python-3.5.tweak.strip.soabi.patch \
external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 \
+ external/python3/python-3.5.7-c99.patch.1 \
))
ifneq ($(filter DRAGONFLY FREEBSD LINUX NETBSD OPENBSD SOLARIS,$(OS)),)
diff --git a/external/python3/python-3.5.7-c99.patch.1 b/external/python3/python-3.5.7-c99.patch.1
new file mode 100644
index 000000000000..558166d9953f
--- /dev/null
+++ b/external/python3/python-3.5.7-c99.patch.1
@@ -0,0 +1,62 @@
+remove C99 which isn't suppored by all compilers yet
+
+--- python3/Modules/_pickle.c.orig 2019-04-03 16:34:01.380124314 +0200
++++ python3/Modules/_pickle.c 2019-04-03 16:35:18.579005171 +0200
+@@ -674,9 +674,12 @@
+ PyErr_NoMemory();
+ return NULL;
+ }
+- for (size_t i = 0; i < self->mt_allocated; i++) {
++ {
++ size_t i;
++ for (i = 0; i < self->mt_allocated; i++) {
+ Py_XINCREF(self->mt_table[i].me_key);
+ }
++ }
+ memcpy(new->mt_table, self->mt_table,
+ sizeof(PyMemoEntry) * self->mt_allocated);
+
+@@ -4204,7 +4207,9 @@
+ return NULL;
+
+ memo = self->pickler->memo;
+- for (size_t i = 0; i < memo->mt_allocated; ++i) {
++ {
++ size_t i;
++ for (i = 0; i < memo->mt_allocated; ++i) {
+ PyMemoEntry entry = memo->mt_table[i];
+ if (entry.me_key != NULL) {
+ int status;
+@@ -4225,6 +4230,7 @@
+ goto error;
+ }
+ }
++ }
+ return new_memo;
+
+ error:
+@@ -6791,10 +6797,13 @@
+ if (new_memo == NULL)
+ return -1;
+
+- for (size_t i = 0; i < new_memo_size; i++) {
++ {
++ size_t i;
++ for (i = 0; i < new_memo_size; i++) {
+ Py_XINCREF(unpickler->memo[i]);
+ new_memo[i] = unpickler->memo[i];
+ }
++ }
+ }
+ else if (PyDict_Check(obj)) {
+ Py_ssize_t i = 0;
+@@ -6839,7 +6848,8 @@
+
+ error:
+ if (new_memo_size) {
+- for (size_t i = new_memo_size - 1; i != SIZE_MAX; i--) {
++ size_t i;
++ for (i = new_memo_size - 1; i != SIZE_MAX; i--) {
+ Py_XDECREF(new_memo[i]);
+ }
+ PyMem_FREE(new_memo);
commit 46a7c4e0aeacbbd4e343255a847b6b8c1ce9375c
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Thu Jan 17 10:50:42 2019 +0000
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:58:54 2019 +0200
upgrade to python 3.5.6
Reviewed-on: https://gerrit.libreoffice.org/66519
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
Tested-by: Jenkins
(cherry picked from commit 6808e1e5e2361220988dfa81cb35d03fb6e15855)
Change-Id: I6cdfc50b2385c426e20ce0e9b216b18c763249b8
diff --git a/configure.ac b/configure.ac
index 0e4871ce4142..538512bc1ec3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8403,7 +8403,7 @@ internal)
SYSTEM_PYTHON=
PYTHON_VERSION_MAJOR=3
PYTHON_VERSION_MINOR=5
- PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.5
+ PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.6
if ! grep -q -i python.*${PYTHON_VERSION} ${SRC_ROOT}/download.lst; then
AC_MSG_ERROR([PYTHON_VERSION ${PYTHON_VERSION} but no matching file in download.lst])
fi
diff --git a/download.lst b/download.lst
index 1feed3291f40..581ad04965f4 100644
--- a/download.lst
+++ b/download.lst
@@ -134,8 +134,8 @@ export PNG_TARBALL := libpng-1.6.28.tar.gz
export POPPLER_MD5SUM := 1ce581bde2f23fa55bee13d8c61ac0df
export POPPLER_TARBALL := poppler-0.74.0.tar.xz
export POSTGRESQL_TARBALL := c0b4799ea9850eae3ead14f0a60e9418-postgresql-9.2.1.tar.bz2
-export PYTHON_MD5SUM := f3763edf9824d5d3a15f5f646083b6e0
-export PYTHON_TARBALL := Python-3.5.5.tar.xz
+export PYTHON_MD5SUM := f5a99f765e765336a3ebbb2a24ca2be3
+export PYTHON_TARBALL := Python-3.5.6.tar.xz
export RAPTOR_TARBALL := 4ceb9316488b0ea01acf011023cf7fff-raptor2-2.0.9.tar.gz
export RASQAL_TARBALL := b12c5f9cfdb6b04efce5a4a186b8416b-rasqal-0.9.30.tar.gz
export REDLAND_TARBALL := 32f8e1417a64d3c6f2c727f9053f55ea-redland-1.0.16.tar.gz
commit 5e4ab287427c55bcea4f19db0daaf8f1d4d5cdc3
Author: Michael Stahl <mstahl at redhat.com>
AuthorDate: Tue Aug 22 22:26:43 2017 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:57:42 2019 +0200
configure: try to keep PYTHON_VERSION from going stale
Since it was set to 3.5.0, the bundled python was upgraded twice, but
the directory is still named python-core-3.5.0 :(
Reviewed-on: https://gerrit.libreoffice.org/41433
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Michael Stahl <mstahl at redhat.com>
(cherry picked from commit ac3a4fe35e873de17eefb46c3f5e792aded6b0a5)
Reviewed-on: https://gerrit.libreoffice.org/56683
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Change-Id: I15eec4148c2436e1f289d9851ce5bd212d4a368a
diff --git a/configure.ac b/configure.ac
index 61173260e93a..0e4871ce4142 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8404,6 +8404,9 @@ internal)
PYTHON_VERSION_MAJOR=3
PYTHON_VERSION_MINOR=5
PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.5
+ if ! grep -q -i python.*${PYTHON_VERSION} ${SRC_ROOT}/download.lst; then
+ AC_MSG_ERROR([PYTHON_VERSION ${PYTHON_VERSION} but no matching file in download.lst])
+ fi
AC_DEFINE_UNQUOTED([PYTHON_VERSION_STRING], [L"${PYTHON_VERSION}"])
BUILD_TYPE="$BUILD_TYPE PYTHON"
# Embedded Python dies without Home set
commit 05b0d54d2d5eb6ca837fdd710da5c74ad08468b2
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Tue Mar 12 12:57:20 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:43:04 2019 +0200
poppler: upgrade to release 0.74.0
Fixes CVE-2019-7310.
Add patch to fix CVE-2019-9200 too.
CVE-2018-20662 looks irrelevant because we don't build pdfunite tool.
Reviewed-on: https://gerrit.libreoffice.org/69094
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit f9b354784faf65ecc8024cf6d7d7aaf589f6d91f)
Change-Id: I5e7ddabbb341f6bfefb376d552b50c4006f41906
diff --git a/download.lst b/download.lst
index 0ad1b34c5fe0..1feed3291f40 100644
--- a/download.lst
+++ b/download.lst
@@ -131,8 +131,8 @@ export PAGEMAKER_TARBALL := libpagemaker-0.0.3.tar.bz2
export PIXMAN_TARBALL := c63f411b3ad147db2bcce1bf262a0e02-pixman-0.24.4.tar.bz2
export PNG_MD5SUM := 897ccec1ebfb0922e83c2bfaa1be8748
export PNG_TARBALL := libpng-1.6.28.tar.gz
-export POPPLER_MD5SUM := 1fc64bd358c9f31d0c88a7f2b0d8b23d
-export POPPLER_TARBALL := poppler-0.73.0.tar.xz
+export POPPLER_MD5SUM := 1ce581bde2f23fa55bee13d8c61ac0df
+export POPPLER_TARBALL := poppler-0.74.0.tar.xz
export POSTGRESQL_TARBALL := c0b4799ea9850eae3ead14f0a60e9418-postgresql-9.2.1.tar.bz2
export PYTHON_MD5SUM := f3763edf9824d5d3a15f5f646083b6e0
export PYTHON_TARBALL := Python-3.5.5.tar.xz
diff --git a/external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1 b/external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
new file mode 100644
index 000000000000..b459a0a0bef7
--- /dev/null
+++ b/external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
@@ -0,0 +1,27 @@
+From f4136a6353162db249f63ddb0f20611622ab61b4 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid at kde.org>
+Date: Wed, 27 Feb 2019 19:43:22 +0100
+Subject: [PATCH] ImageStream::getLine: fix crash on broken files
+
+Fixes #728
+---
+ poppler/Stream.cc | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/poppler/Stream.cc b/poppler/Stream.cc
+index 33537b0e..a41435ab 100644
+--- a/poppler/Stream.cc
++++ b/poppler/Stream.cc
+@@ -496,6 +496,9 @@ unsigned char *ImageStream::getLine() {
+ }
+
+ int readChars = str->doGetChars(inputLineSize, inputLine);
++ if (unlikely(readChars == -1)) {
++ readChars = 0;
++ }
+ for ( ; readChars < inputLineSize; readChars++) inputLine[readChars] = EOF;
+ if (nBits == 1) {
+ unsigned char *p = inputLine;
+--
+2.20.1
+
diff --git a/external/poppler/UnpackedTarball_poppler.mk b/external/poppler/UnpackedTarball_poppler.mk
index ee5f6de7cec9..8a38987cab09 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -15,6 +15,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,poppler,\
$(if $(filter MSC-120,$(COM)-$(VCVER)),external/poppler/poppler-snprintf.patch.1) \
external/poppler/poppler-config.patch.1 \
external/poppler/poppler-c++11.patch.1 \
+ external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1 \
))
# std::make_unique is only available in C++14
diff --git a/external/poppler/poppler-config.patch.1 b/external/poppler/poppler-config.patch.1
index e312573f1ff3..1c68806276f7 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -195,7 +195,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 0.73.0"
++#define PACKAGE_STRING "poppler 0.74.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -204,7 +204,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "0.73.0"
++#define PACKAGE_VERSION "0.74.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -228,7 +228,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "0.73.0"
++#define VERSION "0.74.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -304,7 +304,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "0.73.0"
++#define POPPLER_VERSION "0.74.0"
+#endif
+
+/* Enable multithreading support. */
@@ -466,9 +466,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "0.73.0"
++#define POPPLER_VERSION "0.74.0"
+#define POPPLER_VERSION_MAJOR 0
-+#define POPPLER_VERSION_MINOR 73
++#define POPPLER_VERSION_MINOR 74
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
commit f8998976eeb1409fa6928f42243f31f697b9cbe9
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Feb 27 12:18:01 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:42:41 2019 +0200
openssl: upgrade to release 1.0.2r
Fixes CVE-2019-1559, plus a couple low-severity CVEs.
Reviewed-on: https://gerrit.libreoffice.org/68430
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit e3b6c3ec9fd795601b0749675903fb49c72718fd)
Change-Id: Icb6849ca5f33cb1169ce303505b2e32636e3b25b
diff --git a/download.lst b/download.lst
index 4ed21beecc85..0ad1b34c5fe0 100644
--- a/download.lst
+++ b/download.lst
@@ -120,8 +120,8 @@ export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
export OPENCOLLADA_MD5SUM := 4ca8a6ef0afeefc864e9ef21b9f14bd6
export OPENCOLLADA_TARBALL := OpenCOLLADA-master-6509aa13af.tar.bz2
export OPENLDAP_TARBALL := 804c6cb5698db30b75ad0ff1c25baefd-openldap-2.4.31.tgz
-export OPENSSL_MD5SUM := ac5eb30bf5798aa14b1ae6d0e7da58df
-export OPENSSL_TARBALL := openssl-1.0.2p.tar.gz
+export OPENSSL_MD5SUM := 0d2baaf04c56d542f6cc757b9c2a2aac
+export OPENSSL_TARBALL := openssl-1.0.2r.tar.gz
export ORCUS_MD5SUM := 205badaee72adf99422add8c4c49d669
export ORCUS_TARBALL := liborcus-0.11.2.tar.gz
export OWNCLOUD_ANDROID_LIB_MD5SUM := 593f0aa47bf2efc0efda2d28fae063b2
commit cc51b497574974d005f7b03d74628f5092dada62
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Mon Sep 3 09:19:29 2018 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:42:33 2019 +0200
upgrade to openssl 1.0.2p
Reviewed-on: https://gerrit.libreoffice.org/59926
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit dd371caa3aff09c80c19772fcf5968cfcf14ff8c)
Change-Id: Ifacf5dce39d830838b3cf57df760a04df97ade4b
diff --git a/download.lst b/download.lst
index f8c0e2a630bc..4ed21beecc85 100644
--- a/download.lst
+++ b/download.lst
@@ -120,8 +120,8 @@ export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
export OPENCOLLADA_MD5SUM := 4ca8a6ef0afeefc864e9ef21b9f14bd6
export OPENCOLLADA_TARBALL := OpenCOLLADA-master-6509aa13af.tar.bz2
export OPENLDAP_TARBALL := 804c6cb5698db30b75ad0ff1c25baefd-openldap-2.4.31.tgz
-export OPENSSL_MD5SUM := 44279b8557c3247cbe324e2322ecd114
-export OPENSSL_TARBALL := openssl-1.0.2o.tar.gz
+export OPENSSL_MD5SUM := ac5eb30bf5798aa14b1ae6d0e7da58df
+export OPENSSL_TARBALL := openssl-1.0.2p.tar.gz
export ORCUS_MD5SUM := 205badaee72adf99422add8c4c49d669
export ORCUS_TARBALL := liborcus-0.11.2.tar.gz
export OWNCLOUD_ANDROID_LIB_MD5SUM := 593f0aa47bf2efc0efda2d28fae063b2
commit 58b195fb574b8ad4cf3e66f552ea8d3a0f279296
Author: David Tardon <dtardon at redhat.com>
AuthorDate: Thu Mar 29 09:20:19 2018 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:42:26 2019 +0200
upload openssl 1.0.2o
Reviewed-on: https://gerrit.libreoffice.org/52051
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: David Tardon <dtardon at redhat.com>
(cherry picked from commit 9c459fd919cb8199a69fc2d630742930e533285b)
Change-Id: Ib44570ff53d754d1d568378ef0dac4d4789f2042
diff --git a/download.lst b/download.lst
index dea9159f2138..f8c0e2a630bc 100644
--- a/download.lst
+++ b/download.lst
@@ -120,8 +120,8 @@ export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
export OPENCOLLADA_MD5SUM := 4ca8a6ef0afeefc864e9ef21b9f14bd6
export OPENCOLLADA_TARBALL := OpenCOLLADA-master-6509aa13af.tar.bz2
export OPENLDAP_TARBALL := 804c6cb5698db30b75ad0ff1c25baefd-openldap-2.4.31.tgz
-export OPENSSL_MD5SUM := 10e9e37f492094b9ef296f68f24a7666
-export OPENSSL_TARBALL := openssl-1.0.2m.tar.gz
+export OPENSSL_MD5SUM := 44279b8557c3247cbe324e2322ecd114
+export OPENSSL_TARBALL := openssl-1.0.2o.tar.gz
export ORCUS_MD5SUM := 205badaee72adf99422add8c4c49d669
export ORCUS_TARBALL := liborcus-0.11.2.tar.gz
export OWNCLOUD_ANDROID_LIB_MD5SUM := 593f0aa47bf2efc0efda2d28fae063b2
commit eeecad7caadab245c06f086e537b8fd8998b1085
Author: David Tardon <dtardon at redhat.com>
AuthorDate: Tue Nov 7 19:16:57 2017 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:42:17 2019 +0200
upload openssl 1.0.2m
Reviewed-on: https://gerrit.libreoffice.org/44421
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: David Tardon <dtardon at redhat.com>
(cherry picked from commit 899d7139355b8bea4bc1e6f9c05dededdb6f2c39)
Change-Id: Iac75c0a2633a11c4ca3f2007c62bf74be2f576ca
diff --git a/download.lst b/download.lst
index 274f45710b5f..dea9159f2138 100644
--- a/download.lst
+++ b/download.lst
@@ -120,8 +120,8 @@ export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
export OPENCOLLADA_MD5SUM := 4ca8a6ef0afeefc864e9ef21b9f14bd6
export OPENCOLLADA_TARBALL := OpenCOLLADA-master-6509aa13af.tar.bz2
export OPENLDAP_TARBALL := 804c6cb5698db30b75ad0ff1c25baefd-openldap-2.4.31.tgz
-export OPENSSL_MD5SUM := f965fc0bf01bf882b31314b61391ae65
-export OPENSSL_TARBALL := openssl-1.0.2k.tar.gz
+export OPENSSL_MD5SUM := 10e9e37f492094b9ef296f68f24a7666
+export OPENSSL_TARBALL := openssl-1.0.2m.tar.gz
export ORCUS_MD5SUM := 205badaee72adf99422add8c4c49d669
export ORCUS_TARBALL := liborcus-0.11.2.tar.gz
export OWNCLOUD_ANDROID_LIB_MD5SUM := 593f0aa47bf2efc0efda2d28fae063b2
commit a94e9a0284e66f344886e8d7499602528552ee89
Author: David Tardon <dtardon at redhat.com>
AuthorDate: Wed Feb 1 12:47:04 2017 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:42:10 2019 +0200
upload openssl 1.0.2k
Reviewed-on: https://gerrit.libreoffice.org/33800
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: David Tardon <dtardon at redhat.com>
(cherry picked from commit a97371bf4d123ece75f3f9aeef8f3d4abfc6ad9c)
Change-Id: I26d49db0207b3f4f64aa9698da4cf3567d195834
diff --git a/download.lst b/download.lst
index 833bbee921cd..274f45710b5f 100644
--- a/download.lst
+++ b/download.lst
@@ -120,8 +120,8 @@ export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
export OPENCOLLADA_MD5SUM := 4ca8a6ef0afeefc864e9ef21b9f14bd6
export OPENCOLLADA_TARBALL := OpenCOLLADA-master-6509aa13af.tar.bz2
export OPENLDAP_TARBALL := 804c6cb5698db30b75ad0ff1c25baefd-openldap-2.4.31.tgz
-export OPENSSL_MD5SUM := 9392e65072ce4b614c1392eefc1f23d0
-export OPENSSL_TARBALL := openssl-1.0.2h.tar.gz
+export OPENSSL_MD5SUM := f965fc0bf01bf882b31314b61391ae65
+export OPENSSL_TARBALL := openssl-1.0.2k.tar.gz
export ORCUS_MD5SUM := 205badaee72adf99422add8c4c49d669
export ORCUS_TARBALL := liborcus-0.11.2.tar.gz
export OWNCLOUD_ANDROID_LIB_MD5SUM := 593f0aa47bf2efc0efda2d28fae063b2
diff --git a/external/openssl/openssllnx.patch b/external/openssl/openssllnx.patch
index de19807b313e..224df8f87b2e 100644
--- a/external/openssl/openssllnx.patch
+++ b/external/openssl/openssllnx.patch
@@ -19,5 +19,5 @@
- AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c -Wa,--noexecstack' \
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ RC='$(RC)' \
CROSS_COMPILE='$(CROSS_COMPILE)' \
- PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
commit 3cf5d3db85d88b7143a884a1c7cbc2dd5c41a354
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Feb 20 15:23:11 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:42:02 2019 +0200
mDNSResponder: upgrade to release 878.200.35
Apple can't afford the costly GPG licenses to sign releases apparently,
but the sha256 matches some OpenWRT and FreshPorts repos...
Fixes CVE-2015-7988.
Removing windows build patches, fixed upstream (except for the last hunk
of the SOCKET patch, but that is in code that is only used on MacOSX).
Reviewed-on: https://gerrit.libreoffice.org/68092
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 3a85c2db176db708c0ff9401c40858eb60e80f1e)
Change-Id: I9fdba5929badb75f995c66da0850d188780e7beb
diff --git a/download.lst b/download.lst
index da9ba07dd2fa..833bbee921cd 100644
--- a/download.lst
+++ b/download.lst
@@ -102,8 +102,8 @@ export LPSOLVE_TARBALL := 26b3e95ddf3d9c077c480ea45874b3b8-lp_solve_5.5.tar.gz
export MARIADB_TARBALL := a233181e03d3c307668b4c722d881661-mariadb_client-2.0.0-src.tar.gz
export MDDS_MD5SUM := 8855cf852a6088cfdc792c6f7ceb0243
export MDDS_TARBALL := mdds-1.2.2.tar.bz2
-export MDNSRESPONDER_MD5SUM := 940057ac8b513b00e8e9ca12ef796762
-export MDNSRESPONDER_TARBALL := mDNSResponder-576.30.4.tar.gz
+export MDNSRESPONDER_MD5SUM := e773f290a7d29f1072247985d6add2ff
+export MDNSRESPONDER_TARBALL := mDNSResponder-878.200.35.tar.gz
export MSPUB_MD5SUM := ff9d0f9dd8fbc523408ea1953d5bde41
export MSPUB_TARBALL := libmspub-0.1.2.tar.bz2
export MWAW_MD5SUM := 4a8a53a9d997cf0e2bd208178797dbfb
diff --git a/external/mdnsresponder/UnpackedTarball_mDNSResponder.mk b/external/mdnsresponder/UnpackedTarball_mDNSResponder.mk
index 5b0140e4c149..9b436b2f077c 100644
--- a/external/mdnsresponder/UnpackedTarball_mDNSResponder.mk
+++ b/external/mdnsresponder/UnpackedTarball_mDNSResponder.mk
@@ -11,9 +11,4 @@ $(eval $(call gb_UnpackedTarball_UnpackedTarball,mDNSResponder))
$(eval $(call gb_UnpackedTarball_set_tarball,mDNSResponder,$(MDNSRESPONDER_TARBALL)))
-$(eval $(call gb_UnpackedTarball_add_patches,mDNSResponder,\
- external/mdnsresponder/mDNSResponder_Win32_SOCKET.patch.1 \
- external/mdnsresponder/mDNSResponder_Win32_buildfix.patch.1 \
-))
-
# vim: set noet sw=4 ts=4:
diff --git a/external/mdnsresponder/mDNSResponder_Win32_SOCKET.patch.1 b/external/mdnsresponder/mDNSResponder_Win32_SOCKET.patch.1
deleted file mode 100644
index 9952f86e88ec..000000000000
--- a/external/mdnsresponder/mDNSResponder_Win32_SOCKET.patch.1
+++ /dev/null
@@ -1,85 +0,0 @@
-commit 77838efb0748689ee77007a92d9a01e03e6dbdb7
-Author: Stephan Bergmann <sbergman at redhat.com>
-AuthorDate: Fri Nov 27 22:40:23 2015 +0100
-Commit: Stephan Bergmann <sbergman at redhat.com>
-CommitDate: Sat Nov 28 14:00:07 2015 +0100
-
- Use proper return type for DNSServiceRefSockFD
-
- ...which is e.g. unsigned long long for Windows 64-bit (and declaring the
- function in dns_sd.h is not necessary, and the dnssd_sock_t typedef is not known
- there)
-
- Change-Id: Iaa0eb03a83b76200204ba905313bcc27b5007b39
-
-diff --git a/mDNSShared/dns_sd.h b/mDNSShared/dns_sd.h
-index 31daaeb..faaa741 100644
---- a/mDNSShared/dns_sd.h
-+++ b/mDNSShared/dns_sd.h
-@@ -741,35 +741,6 @@ DNSServiceErrorType DNSSD_API DNSServiceGetProperty
- *
- *********************************************************************************************/
-
--/* DNSServiceRefSockFD()
-- *
-- * Access underlying Unix domain socket for an initialized DNSServiceRef.
-- * The DNS Service Discovery implementation uses this socket to communicate between the client and
-- * the daemon. The application MUST NOT directly read from or write to this socket.
-- * Access to the socket is provided so that it can be used as a kqueue event source, a CFRunLoop
-- * event source, in a select() loop, etc. When the underlying event management subsystem (kqueue/
-- * select/CFRunLoop etc.) indicates to the client that data is available for reading on the
-- * socket, the client should call DNSServiceProcessResult(), which will extract the daemon's
-- * reply from the socket, and pass it to the appropriate application callback. By using a run
-- * loop or select(), results from the daemon can be processed asynchronously. Alternatively,
-- * a client can choose to fork a thread and have it loop calling "DNSServiceProcessResult(ref);"
-- * If DNSServiceProcessResult() is called when no data is available for reading on the socket, it
-- * will block until data does become available, and then process the data and return to the caller.
-- * The application is reponsible for checking the return value of DNSServiceProcessResult() to determine
-- * if the socket is valid and if it should continue to process data on the socket.
-- * When data arrives on the socket, the client is responsible for calling DNSServiceProcessResult(ref)
-- * in a timely fashion -- if the client allows a large backlog of data to build up the daemon
-- * may terminate the connection.
-- *
-- * sdRef: A DNSServiceRef initialized by any of the DNSService calls.
-- *
-- * return value: The DNSServiceRef's underlying socket descriptor, or -1 on
-- * error.
-- */
--
--int DNSSD_API DNSServiceRefSockFD(DNSServiceRef sdRef);
--
--
- /* DNSServiceProcessResult()
- *
- * Read a reply from the daemon, calling the appropriate application callback. This call will
-diff --git a/mDNSShared/dnssd_clientstub.c b/mDNSShared/dnssd_clientstub.c
-index c38197c..c6b50a2 100644
---- a/mDNSShared/dnssd_clientstub.c
-+++ b/mDNSShared/dnssd_clientstub.c
-@@ -799,7 +799,7 @@ cleanup:
- return err;
- }
-
--int DNSSD_API DNSServiceRefSockFD(DNSServiceRef sdRef)
-+dnssd_sock_t DNSSD_API DNSServiceRefSockFD(DNSServiceRef sdRef)
- {
- if (!sdRef) { syslog(LOG_WARNING, "dnssd_clientstub DNSServiceRefSockFD called with NULL DNSServiceRef"); return dnssd_InvalidSocket; }
-
-@@ -816,7 +816,7 @@ int DNSSD_API DNSServiceRefSockFD(DNSServiceRef sdRef)
- return dnssd_InvalidSocket;
- }
-
-- return (int) sdRef->sockfd;
-+ return sdRef->sockfd;
- }
-
- #if _DNS_SD_LIBDISPATCH
-@@ -2025,7 +2025,7 @@ DNSServiceErrorType DNSSD_API DNSServiceSetDispatchQueue
- dispatch_queue_t queue
- )
- {
-- int dnssd_fd = DNSServiceRefSockFD(service);
-+ dnssd_sock_t dnssd_fd = DNSServiceRefSockFD(service);
- if (dnssd_fd == dnssd_InvalidSocket) return kDNSServiceErr_BadParam;
- if (!queue)
- {
diff --git a/external/mdnsresponder/mDNSResponder_Win32_buildfix.patch.1 b/external/mdnsresponder/mDNSResponder_Win32_buildfix.patch.1
deleted file mode 100644
index 9f5c06260b12..000000000000
--- a/external/mdnsresponder/mDNSResponder_Win32_buildfix.patch.1
+++ /dev/null
@@ -1,16 +0,0 @@
---- mDNSResponder/mDNSShared/dnssd_clientstub.c.orig 2015-11-30 16:36:08.081554188 +0100
-+++ mDNSResponder/mDNSShared/dnssd_clientstub.c 2015-11-30 16:38:35.749542735 +0100
-@@ -579,7 +579,12 @@
- else
- {
- syslog(LOG_WARNING, "dnssd_clientstub ConnectToServer: connect() failed path:%s Socket:%d Err:%d Errno:%d %s",
-- uds_serverpath, sdr->sockfd, err, dnssd_errno, dnssd_strerror(dnssd_errno));
-+#if defined(USE_TCP_LOOPBACK)
-+ MDNS_TCP_SERVERADDR,
-+#else
-+ uds_serverpath,
-+#endif
-+ sdr->sockfd, err, dnssd_errno, dnssd_strerror(dnssd_errno));
- dnssd_close(sdr->sockfd);
- FreeDNSServiceOp(sdr);
- return kDNSServiceErr_ServiceNotRunning;
commit 0e6c952ec2744f8224cfcaba8b263080c4fdb6cb
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Feb 6 12:18:58 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:41:50 2019 +0200
curl: add patches for CVE-2018-16890 and CVE-2019-3822
The third one (CVE-2019-3823) isn't relevant because SMTP is disabled.
Change-Id: I2383c1a7b0c67c586402d4098092cee565edcdda
Reviewed-on: https://gerrit.libreoffice.org/67445
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/external/curl/CVE-2018-16890.patch b/external/curl/CVE-2018-16890.patch
new file mode 100644
index 000000000000..dabb229c2e6f
--- /dev/null
+++ b/external/curl/CVE-2018-16890.patch
@@ -0,0 +1,39 @@
+From b780b30d1377adb10bbe774835f49e9b237fb9bb Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel at haxx.se>
+Date: Wed, 2 Jan 2019 20:33:08 +0100
+Subject: [PATCH] NTLM: fix size check condition for type2 received data
+
+Bug: https://curl.haxx.se/docs/CVE-2018-16890.html
+Reported-by: Wenxiang Qian
+CVE-2018-16890
+---
+ lib/vauth/ntlm.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
+index c3d55ed251..0ad4d972e3 100644
+--- a/lib/vauth/ntlm.c
++++ b/lib/vauth/ntlm.c
+@@ -5,7 +5,7 @@
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel at haxx.se>, et al.
++ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel at haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+@@ -182,10 +182,11 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data,
+ target_info_len = Curl_read16_le(&buffer[40]);
+ target_info_offset = Curl_read32_le(&buffer[44]);
+ if(target_info_len > 0) {
+- if(((target_info_offset + target_info_len) > size) ||
++ if((target_info_offset >= size) ||
++ ((target_info_offset + target_info_len) > size) ||
+ (target_info_offset < 48)) {
+ infof(data, "NTLM handshake failure (bad type-2 message). "
+- "Target Info Offset Len is set incorrect by the peer\n");
++ "Target Info Offset Len is set incorrect by the peer\n");
+ return CURLE_BAD_CONTENT_ENCODING;
+ }
+
diff --git a/external/curl/CVE-2019-3822.patch b/external/curl/CVE-2019-3822.patch
new file mode 100644
index 000000000000..deb3edb3bccf
--- /dev/null
+++ b/external/curl/CVE-2019-3822.patch
@@ -0,0 +1,35 @@
+From 50c9484278c63b958655a717844f0721263939cc Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel at haxx.se>
+Date: Thu, 3 Jan 2019 12:59:28 +0100
+Subject: [PATCH] ntlm: fix *_type3_message size check to avoid buffer overflow
+
+Bug: https://curl.haxx.se/docs/CVE-2019-3822.html
+Reported-by: Wenxiang Qian
+CVE-2019-3822
+---
+ lib/vauth/ntlm.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
+index 0ad4d972e3..6a8fc5ab3d 100644
+--- a/lib/vauth/ntlm.c
++++ b/lib/vauth/ntlm.c
+@@ -779,11 +779,14 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
+ });
+
+ #if USE_NTRESPONSES
+- if(size < (NTLM_BUFSIZE - ntresplen)) {
+- DEBUGASSERT(size == (size_t)ntrespoff);
+- memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen);
+- size += ntresplen;
++ /* ntresplen + size should not be risking an integer overflow here */
++ if(ntresplen + size > sizeof(ntlmbuf)) {
++ failf(data, "incoming NTLM message too big");
++ return CURLE_OUT_OF_MEMORY;
+ }
++ DEBUGASSERT(size == (size_t)ntrespoff);
++ memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen);
++ size += ntresplen;
+
+ DEBUG_OUT({
+ fprintf(stderr, "\n ntresp=");
diff --git a/external/curl/UnpackedTarball_curl.mk b/external/curl/UnpackedTarball_curl.mk
index 88aecc718fb5..b87fa5ca0891 100644
--- a/external/curl/UnpackedTarball_curl.mk
+++ b/external/curl/UnpackedTarball_curl.mk
@@ -30,6 +30,8 @@ $(eval $(call gb_UnpackedTarball_add_patches,curl,\
external/curl/CVE-2018-14618.patch \
external/curl/CVE-2017-1000254.patch \
external/curl/CVE-2018-1000120.patch \
+ external/curl/CVE-2018-16890.patch \
+ external/curl/CVE-2019-3822.patch \
))
ifeq ($(SYSTEM_NSS),)
commit 6bd6e8d166a2fb3c595735171c9bbc089368d13a
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Jan 14 17:33:37 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:41:44 2019 +0200
python3: add patch bpo-17239: Disable external entities in SAX parser
Change-Id: I44e969d8d3a8fe6b6426d61a1cbe83154c8518dd
Reviewed-on: https://gerrit.libreoffice.org/66329
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit a57dd8eba9c0799dd42eb547a37622bce8fdb0b3)
Reviewed-on: https://gerrit.libreoffice.org/66370
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit 66b3860fd1772284dc12d0d2d2c76ac59b16883e)
diff --git a/external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 b/external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1
new file mode 100644
index 000000000000..489e5d0e89ee
--- /dev/null
+++ b/external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1
@@ -0,0 +1,59 @@
+From 582d188e6e3487180891f1fc457a80dec8be26a8 Mon Sep 17 00:00:00 2001
+From: Christian Heimes <christian at python.org>
+Date: Mon, 24 Sep 2018 14:38:31 +0200
+Subject: [PATCH] [3.6] bpo-17239: Disable external entities in SAX parser
+ (GH-9217) (GH-9512)
+
+The SAX parser no longer processes general external entities by default
+to increase security. Before, the parser created network connections
+to fetch remote files or loaded local files from the file system for DTD
+and entities.
+
+Signed-off-by: Christian Heimes <christian at python.org>
+
+https://bugs.python.org/issue17239.
+(cherry picked from commit 17b1d5d4e36aa57a9b25a0e694affbd1ee637e45)
+
+Co-authored-by: Christian Heimes <christian at python.org>
+
+
+
+https://bugs.python.org/issue17239
+---
+ Doc/library/xml.dom.pulldom.rst | 14 +++++
+ Doc/library/xml.rst | 6 +-
+ Doc/library/xml.sax.rst | 8 +++
+ Doc/whatsnew/3.6.rst | 18 +++++-
+ Lib/test/test_pulldom.py | 7 +++
+ Lib/test/test_sax.py | 60 ++++++++++++++++++-
+ Lib/test/test_xml_etree.py | 13 ++++
+ Lib/xml/sax/expatreader.py | 2 +-
+ .../2018-09-11-18-30-55.bpo-17239.kOpwK2.rst | 3 +
+ 9 files changed, 125 insertions(+), 6 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst
+
+diff --git a/Lib/xml/sax/expatreader.py b/Lib/xml/sax/expatreader.py
+index 421358fa5b..5066ffc2fa 100644
+--- a/Lib/xml/sax/expatreader.py
++++ b/Lib/xml/sax/expatreader.py
+@@ -95,7 +95,7 @@ class ExpatParser(xmlreader.IncrementalParser, xmlreader.Locator):
+ self._lex_handler_prop = None
+ self._parsing = 0
+ self._entity_stack = []
+- self._external_ges = 1
++ self._external_ges = 0
+ self._interning = None
+
+ # XMLReader methods
+diff --git a/Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst b/Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst
+new file mode 100644
+index 0000000000..8dd0fe8c1b
+--- /dev/null
++++ b/Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst
+@@ -0,0 +1,3 @@
++The xml.sax and xml.dom.minidom parsers no longer processes external
++entities by default. External DTD and ENTITY declarations no longer
++load files or create network connections.
+--
+2.20.1
+
diff --git a/external/python3/UnpackedTarball_python3.mk b/external/python3/UnpackedTarball_python3.mk
index 20192af318bf..04def4429860 100644
--- a/external/python3/UnpackedTarball_python3.mk
+++ b/external/python3/UnpackedTarball_python3.mk
@@ -27,6 +27,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,python3,\
external/python3/python-3.3.5-pyexpat-symbols.patch.1 \
external/python3/ubsan.patch.0 \
external/python3/python-3.5.tweak.strip.soabi.patch \
+ external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 \
))
ifneq ($(filter DRAGONFLY FREEBSD LINUX NETBSD OPENBSD SOLARIS,$(OS)),)
commit 1ea424a59f2512dd3310a0e16ea5fa6a14e57757
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Jan 14 15:12:24 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:41:28 2019 +0200
poppler: upgrade to release 0.73.0
Change-Id: If20998f8565b5534a96b3f29ccec572273edca1d
Reviewed-on: https://gerrit.libreoffice.org/66306
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 0609ea4fc27f34367716bf41c0cdaa7785aed9da)
Reviewed-on: https://gerrit.libreoffice.org/66369
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice at googlemail.com>
(cherry picked from commit 033ff5b3eb90deaf6fd5eb8a74100233aa5fe772)
diff --git a/download.lst b/download.lst
index 4ec3fac1761a..da9ba07dd2fa 100644
--- a/download.lst
+++ b/download.lst
@@ -131,8 +131,8 @@ export PAGEMAKER_TARBALL := libpagemaker-0.0.3.tar.bz2
export PIXMAN_TARBALL := c63f411b3ad147db2bcce1bf262a0e02-pixman-0.24.4.tar.bz2
export PNG_MD5SUM := 897ccec1ebfb0922e83c2bfaa1be8748
export PNG_TARBALL := libpng-1.6.28.tar.gz
-export POPPLER_MD5SUM := 6602813e52f02f85f11ba1590e0ef749
-export POPPLER_TARBALL := poppler-0.66.0.tar.xz
+export POPPLER_MD5SUM := 1fc64bd358c9f31d0c88a7f2b0d8b23d
+export POPPLER_TARBALL := poppler-0.73.0.tar.xz
export POSTGRESQL_TARBALL := c0b4799ea9850eae3ead14f0a60e9418-postgresql-9.2.1.tar.bz2
export PYTHON_MD5SUM := f3763edf9824d5d3a15f5f646083b6e0
export PYTHON_TARBALL := Python-3.5.5.tar.xz
diff --git a/external/poppler/StaticLibrary_poppler.mk b/external/poppler/StaticLibrary_poppler.mk
index fd7f5c467973..17e921cb82d8 100644
--- a/external/poppler/StaticLibrary_poppler.mk
+++ b/external/poppler/StaticLibrary_poppler.mk
@@ -53,11 +53,8 @@ $(eval $(call gb_StaticLibrary_set_generated_cxx_suffix,poppler,cc))
$(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/goo/gfile \
- UnpackedTarball/poppler/goo/gmempp \
- UnpackedTarball/poppler/goo/GooList \
UnpackedTarball/poppler/goo/GooTimer \
UnpackedTarball/poppler/goo/GooString \
- UnpackedTarball/poppler/goo/gmem \
UnpackedTarball/poppler/goo/FixedPoint \
UnpackedTarball/poppler/goo/NetPBMWriter \
UnpackedTarball/poppler/goo/PNGWriter \
@@ -80,6 +77,7 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/BuiltinFontTables \
UnpackedTarball/poppler/poppler/CachedFile \
UnpackedTarball/poppler/poppler/Catalog \
+ UnpackedTarball/poppler/poppler/CertificateInfo \
UnpackedTarball/poppler/poppler/CharCodeToUnicode \
UnpackedTarball/poppler/poppler/CMap \
UnpackedTarball/poppler/poppler/DateInfo \
@@ -114,7 +112,6 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/PDFDoc \
UnpackedTarball/poppler/poppler/PDFDocEncoding \
UnpackedTarball/poppler/poppler/PDFDocFactory \
- UnpackedTarball/poppler/poppler/PopplerCache \
UnpackedTarball/poppler/poppler/ProfileData \
UnpackedTarball/poppler/poppler/PreScanOutputDev \
UnpackedTarball/poppler/poppler/PSTokenizer \
@@ -135,7 +132,6 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/StdinPDFDocBuilder \
UnpackedTarball/poppler/poppler/Sound \
UnpackedTarball/poppler/poppler/ViewerPreferences \
- UnpackedTarball/poppler/poppler/XpdfPluginAPI \
UnpackedTarball/poppler/poppler/Movie \
UnpackedTarball/poppler/poppler/Rendition \
UnpackedTarball/poppler/poppler/DCTStream \
diff --git a/external/poppler/UnpackedTarball_poppler.mk b/external/poppler/UnpackedTarball_poppler.mk
index f29933618b18..ee5f6de7cec9 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -14,6 +14,17 @@ $(eval $(call gb_UnpackedTarball_set_tarball,poppler,$(POPPLER_TARBALL),,poppler
$(eval $(call gb_UnpackedTarball_add_patches,poppler,\
$(if $(filter MSC-120,$(COM)-$(VCVER)),external/poppler/poppler-snprintf.patch.1) \
external/poppler/poppler-config.patch.1 \
+ external/poppler/poppler-c++11.patch.1 \
))
+# std::make_unique is only available in C++14
+# use "env -i" to avoid Cygwin "environment is too large for exec"
+# Mac OS X sed says "sed: RE error: illegal byte sequence"; Apple clang should
+# be happy with std::make_unique so just skip it
+ifneq ($(OS_FOR_BUILD),MACOSX)
+$(eval $(call gb_UnpackedTarball_set_post_action,poppler,\
+ env -i PATH="$(PATH)" $(FIND) . -name '*.cc' -exec sed -i -e 's/std::make_unique/o3tl::make_unique/' {} \\; \
+))
+endif
+
# vim: set noet sw=4 ts=4:
diff --git a/external/poppler/poppler-c++11.patch.1 b/external/poppler/poppler-c++11.patch.1
new file mode 100644
index 000000000000..5a4d1a24e2e2
--- /dev/null
+++ b/external/poppler/poppler-c++11.patch.1
@@ -0,0 +1,31 @@
+remove usage of newfangled C++ that baseline toolchains don't support
+
+--- poppler/goo/gfile.cc.orig 2019-01-16 11:02:21.112911552 +0100
++++ poppler/goo/gfile.cc 2019-01-16 11:01:33.125975178 +0100
+@@ -67,7 +67,7 @@
+
+ #ifndef _WIN32
+
+-using namespace std::string_literals;
++//using namespace std::string_literals;
+
+ namespace {
+
+@@ -366,7 +366,7 @@
+ }
+ #else
+ // First try to atomically open the file with CLOEXEC
+- const std::string modeStr = mode + "e"s;
++ const std::string modeStr = mode + std::string("e");
+ FILE *file = fopen(path, modeStr.c_str());
+ if (file != nullptr)
+ return file;
+--- poppler/goo/gmem.h.orig 2019-01-16 11:25:28.161920038 +0100
++++ poppler/goo/gmem.h 2019-01-16 11:25:53.756882295 +0100
+@@ -177,4 +177,6 @@
+ return std::strncpy(r, s, n);
+ }
+
++#include <o3tl/make_unique.hxx>
++
+ #endif // GMEM_H
diff --git a/external/poppler/poppler-config.patch.1 b/external/poppler/poppler-config.patch.1
index 5328e680e2f2..e312573f1ff3 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -195,7 +195,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 0.66.0"
++#define PACKAGE_STRING "poppler 0.73.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -204,7 +204,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "0.66.0"
++#define PACKAGE_VERSION "0.73.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -228,7 +228,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "0.66.0"
++#define VERSION "0.73.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -304,7 +304,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "0.66.0"
++#define POPPLER_VERSION "0.73.0"
+#endif
+
+/* Enable multithreading support. */
@@ -466,9 +466,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "0.66.0"
++#define POPPLER_VERSION "0.73.0"
+#define POPPLER_VERSION_MAJOR 0
-+#define POPPLER_VERSION_MINOR 66
++#define POPPLER_VERSION_MINOR 73
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
index 05570b21b9c9..332bbcac9416 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
@@ -28,7 +28,9 @@
# pragma GCC diagnostic ignored "-Wundef"
# pragma GCC diagnostic ignored "-Wunused-parameter"
#elif defined _MSC_VER
-#pragma warning(push, 1)
+#pragma warning(push)
+#pragma warning(disable : 4100) // unreferenced formal parameter
+#pragma warning(disable : 4310) // cast truncates constant value
#endif
#include "GfxState.h"
commit bdf3539ae17bcd6f1424ba33a16bf8b6a2366fe1
Author: Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Fri Jul 14 08:52:33 2017 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:41:21 2019 +0200
Fix o3tl::make_unique
...after 3f20471490c61b19fe4222f8c40df255051f6e3d "use std::unique_ptr in
FlatFndBox: and extend o3tl::make_unique to cope with arrays"
Change-Id: I17a07d0be677aa4a5427be4a5c2f05ed8b675726
(cherry picked from commit 64d06e5f168ec498b2d5dda139263f56dfe9772d)
diff --git a/include/o3tl/make_unique.hxx b/include/o3tl/make_unique.hxx
index 40658f5734d4..555e9ca538b8 100644
--- a/include/o3tl/make_unique.hxx
+++ b/include/o3tl/make_unique.hxx
@@ -23,7 +23,8 @@ namespace o3tl
* Can be replaced by std::make_unique when we allow C++14.
*/
template<typename T, typename... Args>
-typename std::unique_ptr<T> make_unique(Args&& ... args)
+typename std::enable_if<!std::is_array<T>::value, std::unique_ptr<T>>::type
+make_unique(Args&& ... args)
{
return std::unique_ptr<T>(new T(std::forward<Args>(args)...));
}
commit d48480f73212012cf5012b81b0ac10591bbbf1c3
Author: Noel Grandin <noel.grandin at collabora.co.uk>
AuthorDate: Wed Jun 14 15:58:42 2017 +0200
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:41:07 2019 +0200
use std::unique_ptr in FlatFndBox [only make_unique.hxx]
and extend o3tl::make_unique to cope with arrays
Change-Id: I84caa46ab5060f9777bfe275f229499cb0b407be
Reviewed-on: https://gerrit.libreoffice.org/38794
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin at collabora.co.uk>
(cherry picked from commit 3f20471490c61b19fe4222f8c40df255051f6e3d)
diff --git a/include/o3tl/make_unique.hxx b/include/o3tl/make_unique.hxx
index 2be03e9dc9cf..40658f5734d4 100644
--- a/include/o3tl/make_unique.hxx
+++ b/include/o3tl/make_unique.hxx
@@ -12,6 +12,7 @@
#include <memory>
#include <utility>
+#include <type_traits>
namespace o3tl
{
@@ -27,6 +28,21 @@ typename std::unique_ptr<T> make_unique(Args&& ... args)
return std::unique_ptr<T>(new T(std::forward<Args>(args)...));
}
+/**
+ * for arrays
+ */
+template <class T>
+typename std::enable_if
+<
+ std::is_array<T>::value,
+ std::unique_ptr<T>
+>::type
+make_unique(std::size_t n)
+{
+ typedef typename std::remove_extent<T>::type RT;
+ return std::unique_ptr<T>(new RT[n]);
+}
+
}
#endif
commit edecdb8d93c0a65423a18760d6e3e1528e571a3a
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Jan 14 15:08:42 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:40:46 2019 +0200
sdext: fix build with poppler 0.73
... which has removed Guchar, Gushort, Guint, Gulong...
Change-Id: Ia54ad378031f167f6779f6ffe574b85c1e72f26d
Reviewed-on: https://gerrit.libreoffice.org/66305
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 50d371ae08c66648d9f32f633b2245e1746e2bb6)
Reviewed-on: https://gerrit.libreoffice.org/66363
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit b5698ac28a8a79105edf28ffc1db19bbcbecda3a)
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index 0ef950e6869b..b718ac0f86e4 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -310,7 +310,7 @@ void writePpm_( OutputBuffer& o_rOutputBuf,
o_rOutputBuf.resize(header_size);
// initialize stream
- Guchar *p;
+ unsigned char *p;
GfxRGB rgb;
std::unique_ptr<ImageStream> imgStr(
new ImageStream(str,
@@ -420,7 +420,7 @@ void writeImage_( OutputBuffer& o_rOutputBuf,
oneColor = { byteToCol( 0xff ), byteToCol( 0xff ), byteToCol( 0xff ) };
if( colorMap->getColorSpace()->getMode() == csIndexed || colorMap->getColorSpace()->getMode() == csDeviceGray )
{
- Guchar nIndex = 0;
+ unsigned char nIndex = 0;
colorMap->getRGB( &nIndex, &zeroColor );
nIndex = 1;
colorMap->getRGB( &nIndex, &oneColor );
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
index 1ce6d174cea7..05570b21b9c9 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
@@ -288,9 +288,13 @@ extern FILE* g_binary_out;
// note: if you ever change Output_t, please keep in mind that the current code
// relies on it being of 8 bit size
-typedef Guchar Output_t;
+typedef unsigned char Output_t;
typedef std::vector< Output_t > OutputBuffer;
+#if !POPPLER_CHECK_VERSION(0, 73, 0)
+static_assert(std::is_same<Guchar, unsigned char>::value, "unexpected typedef");
+#endif
+
#endif // INCLUDED_SDEXT_SOURCE_PDFIMPORT_XPDFWRAPPER_PDFIOUTDEV_GPL_HXX
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sdext/source/pdfimport/xpdfwrapper/pnghelper.cxx b/sdext/source/pdfimport/xpdfwrapper/pnghelper.cxx
index 46185ea08f29..ec5c147797b2 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pnghelper.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pnghelper.cxx
@@ -242,7 +242,7 @@ void PngHelper::createPng( OutputBuffer& o_rOutputBuf,
appendIHDR( o_rOutputBuf, width, height, 8, 6 ); // RGBA image
// initialize stream
- Guchar *p, *pm;
+ unsigned char *p, *pm;
GfxRGB rgb;
GfxGray alpha;
ImageStream* imgStr =
@@ -328,7 +328,7 @@ void PngHelper::createPng( OutputBuffer& o_rOutputBuf,
appendIHDR( o_rOutputBuf, width, height, 8, 6 ); // RGBA image
// initialize stream
- Guchar *p;
+ unsigned char *p;
GfxRGB rgb;
ImageStream* imgStr =
new ImageStream(str,
@@ -374,7 +374,7 @@ void PngHelper::createPng( OutputBuffer& o_rOutputBuf,
{
for( int x = 0; x < maskWidth; ++x )
{
- Guchar aPixel = 0;
+ unsigned char aPixel = 0;
imgStrMask->getPixel( &aPixel );
int nIndex = (y*height/maskHeight) * (width*4+1) + // mapped line
(x*width/maskWidth)*4 + 1 + 3 // mapped column
commit 89b97bc75dedbc3924b12960ecb89931517e5f22
Author: Andreas Sturmlechner <asturm at gentoo.org>
AuthorDate: Tue Jan 8 11:24:40 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:40:38 2019 +0200
Fix build with poppler-0.72
Change-Id: I0664d1b39e97b7555c0a3cba442db52b84f37134
Reviewed-on: https://gerrit.libreoffice.org/65960
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 65a6c9ae4791188ffcecf489073cf38873ce5e17)
Reviewed-on: https://gerrit.libreoffice.org/66376
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit a5a188d5bbb99f6e305dad6f81b9e3760aa32676)
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index 1054d8ce49d3..0ef950e6869b 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -575,7 +575,11 @@ void PDFOutDev::processLink(Link* link, Catalog*)
LinkAction* pAction = link->getAction();
if (pAction && pAction->getKind() == actionURI)
{
+#if POPPLER_CHECK_VERSION(0, 72, 0)
+ const char* pURI = static_cast<LinkURI*>(pAction)->getURI()->c_str();
+#else
const char* pURI = static_cast<LinkURI*>(pAction)->getURI()->getCString();
+#endif
std::vector<char> aEsc( lcl_escapeLineFeeds(pURI) );
@@ -777,7 +781,11 @@ void PDFOutDev::updateFont(GfxState *state)
aFont = it->second;
+#if POPPLER_CHECK_VERSION(0, 72, 0)
+ std::vector<char> aEsc( lcl_escapeLineFeeds(aFont.familyName.c_str()) );
+#else
std::vector<char> aEsc( lcl_escapeLineFeeds(aFont.familyName.getCString()) );
+#endif
printf( " %d %d %d %d %f %d %s",
aFont.isEmbedded,
aFont.isBold,
commit c5bdee23a383803a025a3b1de4ff90222cca33f3
Author: Aleksei Nikiforov <darktemplar at basealt.ru>
AuthorDate: Thu Nov 22 17:54:00 2018 +0300
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:40:29 2019 +0200
Fix build with poppler 0.71
Change-Id: I470ece9dc4766e10e1ccb5e99b25a8d8cc4cbf38
Reviewed-on: https://gerrit.libreoffice.org/63860
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
(cherry picked from commit 8ff41a26caf51544699863c89598d37d93dc1b21)
Reviewed-on: https://gerrit.libreoffice.org/66375
Reviewed-by: Aleksei Nikiforov <darktemplar at basealt.ru>
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit 704ff8be10ecfb39be064bd08b2f9c11312e3428)
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index 5cf9ef52b4e3..1054d8ce49d3 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -598,7 +598,11 @@ void PDFOutDev::restoreState(GfxState*)
printf( "restoreState\n" );
}
+#if POPPLER_CHECK_VERSION(0, 71, 0)
+void PDFOutDev::setDefaultCTM(const double *pMat)
+#else
void PDFOutDev::setDefaultCTM(double *pMat)
+#endif
{
assert(pMat);
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
index aca8a35485d2..1ce6d174cea7 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
@@ -171,7 +171,11 @@ namespace pdfi
//----- initialization and control
// Set default transform matrix.
+#if POPPLER_CHECK_VERSION(0, 71, 0)
+ virtual void setDefaultCTM(const double *ctm) override;
+#else
virtual void setDefaultCTM(double *ctm) override;
+#endif
// Start a page.
virtual void startPage(int pageNum, GfxState *state
diff --git a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
index 7d4806cb778d..370c26ed327f 100644
--- a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
@@ -69,7 +69,7 @@ int main(int argc, char **argv)
// read config file
globalParams = new GlobalParams();
- globalParams->setErrQuiet(gTrue);
+ globalParams->setErrQuiet(true);
#if defined(_MSC_VER)
globalParams->setupBaseFonts(NULL);
#endif
@@ -143,7 +143,7 @@ int main(int argc, char **argv)
i,
PDFI_OUTDEV_RESOLUTION,
PDFI_OUTDEV_RESOLUTION,
- 0, gTrue, gTrue, gTrue);
+ 0, true, true, true);
rDoc.processLinks(&aOutDev, i);
}
commit dbb85a7f6384568b947b760ef6056f544a9eaa8f
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Tue Nov 20 08:45:38 2018 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:40:21 2019 +0200
poppler dropped GBool since 0.71
See https://lists.freedesktop.org/archives/libreoffice/2018-November/081410.html
Change-Id: I258e08894486a925bed50a3a4232b6e805af6784
Reviewed-on: https://gerrit.libreoffice.org/63625
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
(cherry picked from commit 5e8bdd9203dd642111c62a6668ee665a20d4ba19)
Reviewed-on: https://gerrit.libreoffice.org/66374
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit c85bd2c443b9a509b028a90ee9e766929e63089f)
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index afa60766d2ee..5cf9ef52b4e3 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -533,7 +533,7 @@ void PDFOutDev::printPath( GfxPath* pPath )
PDFOutDev::PDFOutDev( PDFDoc* pDoc ) :
m_pDoc( pDoc ),
m_aFontMap(),
- m_pUtf8Map( new UnicodeMap("UTF-8", gTrue, &mapUTF8) ),
+ m_pUtf8Map( new UnicodeMap("UTF-8", true, &mapUTF8) ),
m_bSkipImages(false)
{
}
@@ -952,11 +952,11 @@ void PDFOutDev::endTextObject(GfxState*)
}
void PDFOutDev::drawImageMask(GfxState* pState, Object*, Stream* str,
- int width, int height, GBool invert,
+ int width, int height, poppler_bool invert,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool /*interpolate*/,
+ poppler_bool /*interpolate*/,
#endif
- GBool /*inlineImg*/ )
+ poppler_bool /*inlineImg*/ )
{
if (m_bSkipImages)
return;
@@ -985,9 +985,9 @@ void PDFOutDev::drawImageMask(GfxState* pState, Object*, Stream* str,
void PDFOutDev::drawImage(GfxState*, Object*, Stream* str,
int width, int height, GfxImageColorMap* colorMap,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool /*interpolate*/,
+ poppler_bool /*interpolate*/,
#endif
- int* maskColors, GBool /*inlineImg*/ )
+ int* maskColors, poppler_bool /*inlineImg*/ )
{
if (m_bSkipImages)
return;
@@ -1036,13 +1036,13 @@ void PDFOutDev::drawMaskedImage(GfxState*, Object*, Stream* str,
int width, int height,
GfxImageColorMap* colorMap,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool /*interpolate*/,
+ poppler_bool /*interpolate*/,
#endif
Stream* maskStr,
int maskWidth, int maskHeight,
- GBool maskInvert
+ poppler_bool maskInvert
#if POPPLER_CHECK_VERSION(0, 12, 0)
- , GBool /*maskInterpolate*/
+ , poppler_bool /*maskInterpolate*/
#endif
)
{
@@ -1058,13 +1058,13 @@ void PDFOutDev::drawSoftMaskedImage(GfxState*, Object*, Stream* str,
int width, int height,
GfxImageColorMap* colorMap,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool /*interpolate*/,
+ poppler_bool /*interpolate*/,
#endif
Stream* maskStr,
int maskWidth, int maskHeight,
GfxImageColorMap* maskColorMap
#if POPPLER_CHECK_VERSION(0, 12, 0)
- , GBool /*maskInterpolate*/
+ , poppler_bool /*maskInterpolate*/
#endif
)
{
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
index 8304738d9599..aca8a35485d2 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
@@ -128,6 +128,13 @@ namespace pdfi
{ return const_cast<GooString &>(familyName); }
};
+ // Versions before 0.15 defined GBool as int; 0.15 redefined it as bool; 0.71 dropped GBool
+#if POPPLER_VERSION_MAJOR == 0 && POPPLER_VERSION_MINOR < 71
+ typedef GBool poppler_bool;
+#else
+ typedef bool poppler_bool;
+#endif
+
class PDFOutDev : public OutputDev
{
// not owned by this class
@@ -149,17 +156,17 @@ namespace pdfi
// Does this device use upside-down coordinates?
// (Upside-down means (0,0) is the top left corner of the page.)
- virtual GBool upsideDown() override { return gTrue; }
+ virtual poppler_bool upsideDown() override { return true; }
// Does this device use drawChar() or drawString()?
- virtual GBool useDrawChar() override { return gTrue; }
+ virtual poppler_bool useDrawChar() override { return true; }
// Does this device use beginType3Char/endType3Char? Otherwise,
// text in Type 3 fonts will be drawn with drawChar/drawString.
- virtual GBool interpretType3Chars() override { return gFalse; }
+ virtual poppler_bool interpretType3Chars() override { return false; }
// Does this device need non-text content?
- virtual GBool needNonText() override { return gTrue; }
+ virtual poppler_bool needNonText() override { return true; }
//----- initialization and control
@@ -231,40 +238,40 @@ namespace pdfi
//----- image drawing
virtual void drawImageMask(GfxState *state, Object *ref, Stream *str,
- int width, int height, GBool invert,
+ int width, int height, poppler_bool invert,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool interpolate,
+ poppler_bool interpolate,
#endif
- GBool inlineImg) override;
+ poppler_bool inlineImg) override;
virtual void drawImage(GfxState *state, Object *ref, Stream *str,
int width, int height, GfxImageColorMap *colorMap,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool interpolate,
+ poppler_bool interpolate,
#endif
- int *maskColors, GBool inlineImg) override;
+ int *maskColors, poppler_bool inlineImg) override;
virtual void drawMaskedImage(GfxState *state, Object *ref, Stream *str,
int width, int height,
GfxImageColorMap *colorMap,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool interpolate,
+ poppler_bool interpolate,
#endif
Stream *maskStr, int maskWidth, int maskHeight,
- GBool maskInvert
+ poppler_bool maskInvert
#if POPPLER_CHECK_VERSION(0, 12, 0)
- , GBool maskInterpolate
+ , poppler_bool maskInterpolate
#endif
) override;
virtual void drawSoftMaskedImage(GfxState *state, Object *ref, Stream *str,
int width, int height,
GfxImageColorMap *colorMap,
#if POPPLER_CHECK_VERSION(0, 12, 0)
- GBool interpolate,
+ poppler_bool interpolate,
#endif
Stream *maskStr,
int maskWidth, int maskHeight,
GfxImageColorMap *maskColorMap
#if POPPLER_CHECK_VERSION(0, 12, 0)
- , GBool maskInterpolate
+ , poppler_bool maskInterpolate
#endif
) override;
commit cd36b4328ef74bce127e92f522417646f93543d3
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Tue Jan 15 17:05:00 2019 +0100
Commit: Michael Stahl <Michael.Stahl at cib.de>
CommitDate: Tue May 7 16:39:52 2019 +0200
lcms2: upgrade to release 2.9
... at least, that's the plan - this is harder than it appears, as the
upstream maintainer appears to have released version 2.9 at least 3
times:
- Fedora has a file evidently downloaded before Nov. 17 with SHA512 of e30ad5a9a1ab9e7aaace9431434caa19a5ff6143db46644aba971a5ee37a265b26bf738e886d766405a7eb45a9d620d67c7ab3684ace86a107cf5a76642c04a5
- Gentoo has a file evidently downloaded before Nov. 19 with SHA256 of d4ad6f8718f7f9dc8b2a3276c9f237aa3f5eccdcf98b86dedc4262d8a1e7f009
- Debian has a file evidently downloaded before Dec. 17 with SHA256 of 48c6fdf98396fa245ed86e622028caf49b96fa22f3e5734f853f806fbc8e7d20
The lcms2-2.9.tar.gz available from sourceforge currently matches the
one Debian has, so let's use it.
* 0017-Upgrade-Visual-studio-2017-15.8.patch added (fixing CVE-2018-16435)
* 0001-Added-an-extra-check-to-MLU-bounds.patch.1 removed (fixed upstream)
Change-Id: Iab8dada8f6d77d5b2da8560993380b3332bc02f6
Reviewed-on: https://gerrit.libreoffice.org/66400
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
(cherry picked from commit 99b20e589e64fbcf374d84ae68911ef2a96e537c)
Reviewed-on: https://gerrit.libreoffice.org/66428
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit 5d6a91c4df0ea51bb32794ff6068fa19bda44307)
diff --git a/download.lst b/download.lst
index 01596e032471..4ec3fac1761a 100644
--- a/download.lst
+++ b/download.lst
@@ -83,8 +83,8 @@ export JPEG_TURBO_TARBALL := libjpeg-turbo-1.4.2.tar.gz
export LANGTAGREG_MD5SUM := 8a037dc60b16bf8c5fe871b33390a4a2
export LANGTAGREG_TARBALL := language-subtag-registry-2016-07-19.tar.bz2
export LANGUAGETOOL_TARBALL := b63e6340a02ff1cacfeadb2c42286161-JLanguageTool-1.7.0.tar.bz2
-export LCMS2_MD5SUM := 87a5913f1a52464190bb655ad230539c
-export LCMS2_TARBALL := lcms2-2.8.tar.gz
+export LCMS2_MD5SUM := 8de1b7724f578d2995c8fdfa35c3ad0e
+export LCMS2_TARBALL := lcms2-2.9.tar.gz
export LIBATOMIC_OPS_MD5SUM := c0b86562d5aa40761a87134f83e6adcf
export LIBATOMIC_OPS_TARBALL := libatomic_ops-7_2d.zip
export LIBEOT_MD5SUM := aa24f5dd2a2992f4a116aa72af817548
diff --git a/external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1 b/external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1
deleted file mode 100644
index 913f82887cb2..000000000000
--- a/external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1
+++ /dev/null
@@ -1,25 +0,0 @@
-From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001
-From: Marti <marti.maria at tktbrainpower.com>
-Date: Mon, 15 Aug 2016 23:31:39 +0200
-Subject: [PATCH] Added an extra check to MLU bounds
-
-Thanks to Ibrahim el-sayed for spotting the bug
----
- src/cmstypes.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/cmstypes.c b/src/cmstypes.c
-index cb61860..c7328b9 100644
---- a/src/cmstypes.c
-+++ b/src/cmstypes.c
-@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU
-
- // Check for overflow
- if (Offset < (SizeOfHeader + 8)) goto Error;
-+ if ((Offset + Len) > SizeOfTag + 8) goto Error;
-
- // True begin of the string
- BeginOfThisString = Offset - SizeOfHeader - 8;
---
-2.7.4
-
diff --git a/external/lcms2/0017-Upgrade-Visual-studio-2017-15.8.patch.1 b/external/lcms2/0017-Upgrade-Visual-studio-2017-15.8.patch.1
new file mode 100644
index 000000000000..f616e6d38239
--- /dev/null
... etc. - the rest is truncated
More information about the Libreoffice-commits
mailing list