main/mupdf: move from testing

needed by cups-filters

5 files changed, 212 insertions, 0 deletions

diff --git a/main/mupdf/APKBUILD b/main/mupdf/APKBUILD
new file mode 100644
index 0000000000..725d305ac9
--- /dev/null
+++ b/main/mupdf/APKBUILD
@@ -0,0 +1,89 @@
+# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
+# Maintainer: Michael Zhou <zhoumichaely@gmail.com>
+pkgname=mupdf
+pkgver=1.9a
+pkgrel=7
+pkgdesc="A lightweight PDF and XPS viewer"
+url="http://mupdf.com"
+arch="all"
+license="AGPL3+"
+depends=""
+makedepends="freetype-dev jpeg-dev jbig2dec-dev libx11-dev libxext-dev
+	openjpeg-dev harfbuzz-dev glfw-dev"
+subpackages="$pkgname-doc $pkgname-dev $pkgname-x11:_x11
+	$pkgname-gl:_gl $pkgname-tools:_tools"
+source="http://mupdf.com/downloads/archive/$pkgname-$pkgver-source.tar.gz
+	shared-lib.patch
+	openjpeg-2.1.1.patch
+	CVE-2016-6265.patch
+	CVE-2016-6525.patch
+	"
+
+builddir="$srcdir/$pkgname-$pkgver-source"
+prepare() {
+	default_prepare || return 1
+
+	cd "$builddir"
+	for file in thirdparty/*; do
+		[ "${file##*/}" != "mujs" ] && rm -rf "$file"
+	done
+
+	sed '/^JBIG2DEC_CFLAGS :=/s|$| -I./include/mupdf|' \
+		-i Makethird || return 1
+}
+
+build() {
+	make HAVE_GLFW=yes SYS_GLFW_LIBS="-lglfw -lGL" \
+		prefix=/usr -C "$builddir" || return 1
+}
+
+package() {
+	make HAVE_GLFW=yes \
+		prefix=/usr DESTDIR="$pkgdir" \
+		-C "$builddir" install || return 1
+
+	ln -s libmupdf.so.0 "$pkgdir"/usr/lib/libmupdf.so
+	ln -s libmupdfthird.so.0 "$pkgdir"/usr/lib/libmupdfthird.so
+}
+
+_x11() {
+	pkgdesc="A lightweight PDF and XPS viewer with X11 backend"
+	depends="mupdf"
+	mkdir -p "$subpkgdir"/usr/bin
+	mv "$pkgdir"/usr/bin/mupdf-x11 \
+		"$subpkgdir"/usr/bin/ || return 1
+	ln -s /usr/bin/mupdf-x11 "$subpkgdir"/usr/bin/mupdf
+}
+
+_gl() {
+	pkgdesc="A lightweight PDF and XPS viewer with OpenGL backend"
+	depends="mupdf"
+	mkdir -p "$subpkgdir"/usr/bin
+	mv "$pkgdir"/usr/bin/mupdf-gl \
+		"$subpkgdir"/usr/bin/ || return 1
+}
+
+_tools() {
+	pkgdesc="Tools for a lightweight PDF and XPS viewer"
+	depends="mupdf"
+	mkdir -p "$subpkgdir"/usr/bin
+	mv "$pkgdir"/usr/bin/mutool \
+		"$pkgdir"/usr/bin/mujstest \
+		"$subpkgdir"/usr/bin/ || return 1
+}
+
+md5sums="658b90788a57d858dcb069cf326e11c3  mupdf-1.9a-source.tar.gz
+8c4c5ec03c3df7e87a672c79302f6df5  shared-lib.patch
+ba8b6171c4ae38662632259e1c496da1  openjpeg-2.1.1.patch
+57b78ee32e4b341d93b29778c55f4ab6  CVE-2016-6265.patch
+52db3b30aa98a5d15599a87038992e80  CVE-2016-6525.patch"
+sha256sums="8015c55f4e6dd892d3c50db4f395c1e46660a10b460e2ecd180a497f55bbc4cc  mupdf-1.9a-source.tar.gz
+3ff3c9413c4c1005db7e41a085ce8e72ee1e956e8d1538a615f51f86f8bb1d14  shared-lib.patch
+46f91311ce2f2972986d6d2f4a57fec5e1a556de494e52226206781942522894  openjpeg-2.1.1.patch
+287b9e4764d680a66b04040c24e3f982f5aa5fce263749794df0fa57ef4f18a8  CVE-2016-6265.patch
+83ab00f0d6bd5e07c286a97a815fa38e9d98df7b5d9925e6cf6fc12e20f5c31c  CVE-2016-6525.patch"
+sha512sums="9f804fd65c2dc6b7a3bd73961b1f1a8bf93d52903cccf6302acd6982dfa433125a3b8e77b808984921aee097877280fa21aafb87468cd0a8e4cfa900284a262b  mupdf-1.9a-source.tar.gz
+bc38cc6935ed1c5941773e0671bea25d33897c1018c30f11ff3a1ec1e583276597f521b9e526f9bd38a6f9a1e76aa3e52782995ded72a618d07811abcd7ca734  shared-lib.patch
+6eb33da5f05c5e5d8fa2af7223261153769b454d535128056015819c164ff59d068354680ebc135c2221f2ae7a3b6ec99833247bfefa83e9a4bab09f243452f1  openjpeg-2.1.1.patch
+a69d1db475c25f3a298c3cf3ab4858ca9298087bc9839caacc65e3bc7695c0e3dd600e3c7f5c6cd042ceb536a2cf90404c4f13a90ad0e266791cbcf329873992  CVE-2016-6265.patch
+2d8300f93bfe4cf11d817b38e3879ca7eaa704e58274930ee1368f5f1e13cc9baac786421feec0d5a720dd0cbe6cd8b0d94f4a91f2dd762e6e3923fea9deb4bf  CVE-2016-6525.patch"
diff --git a/main/mupdf/CVE-2016-6265.patch b/main/mupdf/CVE-2016-6265.patch
new file mode 100644
index 0000000000..5053aa3ef1
--- /dev/null
+++ b/main/mupdf/CVE-2016-6265.patch
@@ -0,0 +1,33 @@
+From: Robin Watts <robin.watts@artifex.com>
+Date: Thu, 21 Jul 2016 14:39:11 +0000 (+0100)
+Subject: Bug 696941: Fix use after free.
+X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff_plain;h=fa1936405b6a84e5c9bb440912c23d532772f958;hp=e98091d56afdf1cf6c9a017fa0bd35dd0b8968f0
+
+Bug 696941: Fix use after free.
+
+The file is HORRIBLY corrupt, and triggers Sophos to think it's
+PDF malware (which it isn't). It does however trigger a use
+after free, worked around here.
+---
+
+diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
+index 576c315..3222599 100644
+--- a/source/pdf/pdf-xref.c
++++ b/source/pdf/pdf-xref.c
+@@ -1184,8 +1184,14 @@ pdf_load_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf)
+ 				fz_throw(ctx, FZ_ERROR_GENERIC, "object offset out of range: %d (%d 0 R)", (int)entry->ofs, i);
+ 		}
+ 		if (entry->type == 'o')
+-			if (entry->ofs <= 0 || entry->ofs >= xref_len || pdf_get_xref_entry(ctx, doc, entry->ofs)->type != 'n')
+-				fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)entry->ofs, i);
++		{
++			/* Read this into a local variable here, because pdf_get_xref_entry
++			 * may solidify the xref, hence invalidating "entry", meaning we
++			 * need a stashed value for the throw. */
++			fz_off_t ofs = entry->ofs;
++			if (ofs <= 0 || ofs >= xref_len || pdf_get_xref_entry(ctx, doc, ofs)->type != 'n')
++				fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)ofs, i);
++		}
+ 	}
+ }
+ 
diff --git a/main/mupdf/CVE-2016-6525.patch b/main/mupdf/CVE-2016-6525.patch
new file mode 100644
index 0000000000..003d86bfc4
--- /dev/null
+++ b/main/mupdf/CVE-2016-6525.patch
@@ -0,0 +1,23 @@
+From: Sebastian Rasmussen <sebras@gmail.com>
+Date: Wed, 27 Jul 2016 14:19:39 +0000 (+0800)
+Subject: Make sure that number of colors in mesh params is valid.
+X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff_plain;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e;hp=fa1936405b6a84e5c9bb440912c23d532772f958
+
+Make sure that number of colors in mesh params is valid.
+
+Fixes bug 696954.
+---
+
+diff --git a/source/pdf/pdf-shade.c b/source/pdf/pdf-shade.c
+index 7815b3c..6e25efa 100644
+--- a/source/pdf/pdf-shade.c
++++ b/source/pdf/pdf-shade.c
+@@ -206,7 +206,7 @@ pdf_load_mesh_params(fz_context *ctx, pdf_document *doc, fz_shade *shade, pdf_ob
+ 	obj = pdf_dict_get(ctx, dict, PDF_NAME_Decode);
+ 	if (pdf_array_len(ctx, obj) >= 6)
+ 	{
+-		n = (pdf_array_len(ctx, obj) - 4) / 2;
++		n = fz_mini(FZ_MAX_COLORS, (pdf_array_len(ctx, obj) - 4) / 2);
+ 		shade->u.m.x0 = pdf_to_real(ctx, pdf_array_get(ctx, obj, 0));
+ 		shade->u.m.x1 = pdf_to_real(ctx, pdf_array_get(ctx, obj, 1));
+ 		shade->u.m.y0 = pdf_to_real(ctx, pdf_array_get(ctx, obj, 2));
diff --git a/main/mupdf/openjpeg-2.1.1.patch b/main/mupdf/openjpeg-2.1.1.patch
new file mode 100644
index 0000000000..80288f5378
--- /dev/null
+++ b/main/mupdf/openjpeg-2.1.1.patch
@@ -0,0 +1,28 @@
+--- mupdf-1.9a-source/source/fitz/load-jpx.c.orig
++++ mupdf-1.9a-source/source/fitz/load-jpx.c
+@@ -1,15 +1,7 @@
+ #include "mupdf/fitz.h"
+ 
+-/* Without the definition of OPJ_STATIC, compilation fails on windows
+- * due to the use of __stdcall. We believe it is required on some
+- * linux toolchains too. */
+-#define OPJ_STATIC
+-#ifndef _MSC_VER
+-#define OPJ_HAVE_STDINT_H
+-#endif
++#include <openjpeg-2.1/openjpeg.h>
+ 
+-#include <openjpeg.h>
+-
+ static void fz_opj_error_callback(const char *msg, void *client_data)
+ {
+ 	fz_context *ctx = (fz_context *)client_data;
+@@ -117,7 +109,7 @@
+ 	opj_stream_set_read_function(stream, fz_opj_stream_read);
+ 	opj_stream_set_skip_function(stream, fz_opj_stream_skip);
+ 	opj_stream_set_seek_function(stream, fz_opj_stream_seek);
+-	opj_stream_set_user_data(stream, &sb);
++	opj_stream_set_user_data(stream, &sb, NULL);
+ 	/* Set the length to avoid an assert */
+ 	opj_stream_set_user_data_length(stream, size);
+ 
diff --git a/main/mupdf/shared-lib.patch b/main/mupdf/shared-lib.patch
new file mode 100644
index 0000000000..d0e364d247
--- /dev/null
+++ b/main/mupdf/shared-lib.patch
@@ -0,0 +1,39 @@
+--- mupdf-1.9a-source/Makefile.orig
++++ mupdf-1.9a-source/Makefile
+@@ -16,6 +16,7 @@
+ # XCFLAGS or XLIBS instead. Make ignores any lines in the makefile that
+ # set a variable that was set on the command line.
+ CFLAGS += $(XCFLAGS) -Iinclude -I$(GEN)
++CFLAGS += -fPIC
+ LIBS += $(XLIBS) -lm
+ 
+ LIBS += $(FREETYPE_LIBS)
+@@ -52,6 +53,7 @@
+ CXX_CMD = $(QUIET_CXX) $(CXX) $(CFLAGS) -o $@ -c $<
+ AR_CMD = $(QUIET_AR) $(AR) cr $@ $^
+ LINK_CMD = $(QUIET_LINK) $(CC) $(LDFLAGS) -o $@ $^ $(LIBS)
++LINK_SHARED_CMD = $(QUIET_LINK) $(CC) $(LDFLAGS) -shared -Wl,-soname,$(notdir $@) -o $@ $^ $(LIBS)
+ MKDIR_CMD = $(QUIET_MKDIR) mkdir -p $@
+ RM_CMD = $(QUIET_RM) rm -f $@
+ 
+@@ -141,8 +143,8 @@
+ 
+ # --- Library ---
+ 
+-MUPDF_LIB = $(OUT)/libmupdf.a
+-THIRD_LIB = $(OUT)/libmupdfthird.a
++MUPDF_LIB = $(OUT)/libmupdf.so.0
++THIRD_LIB = $(OUT)/libmupdfthird.so.0
+ 
+ MUPDF_OBJ := $(FITZ_OBJ) $(FONT_OBJ) $(PDF_OBJ) $(XPS_OBJ) $(CBZ_OBJ) $(HTML_OBJ) $(GPRF_OBJ)
+ THIRD_OBJ := $(FREETYPE_OBJ) $(HARFBUZZ_OBJ) $(JBIG2DEC_OBJ) $(JPEG_OBJ) $(MUJS_OBJ) $(OPENJPEG_OBJ) $(ZLIB_OBJ)
+@@ -161,6 +163,9 @@
+ 	$(RM_CMD)
+ 	$(AR_CMD)
+ 	$(RANLIB_CMD)
++
++$(OUT)/%.so.0 : $(OUT)/%.a
++	$(LINK_SHARED_CMD)
+ 
+ $(OUT)/%: $(OUT)/%.o
+ 	$(LINK_CMD)