diff options
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/poppler')
3 files changed, 152 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch b/nixpkgs/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch new file mode 100644 index 000000000000..5c2af7a2adc2 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch @@ -0,0 +1,20 @@ +diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc +--- a/poppler/JPEG2000Stream.cc ++++ b/poppler/JPEG2000Stream.cc +@@ -201,7 +201,7 @@ void JPXStream::init() + if (getDict()) smaskInData = getDict()->lookup("SMaskInData"); + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { + +@@ -365,7 +365,7 @@ void JPXStream::init() + } + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { diff --git a/nixpkgs/pkgs/development/libraries/poppler/0.61.nix b/nixpkgs/pkgs/development/libraries/poppler/0.61.nix new file mode 100644 index 000000000000..0603f49fad41 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/poppler/0.61.nix @@ -0,0 +1,68 @@ +{ stdenv, lib, fetchurl, cmake, ninja, pkgconfig, libiconv, libintl +, zlib, curl, cairo, freetype, fontconfig, lcms, libjpeg, openjpeg, fetchpatch +, withData ? true, poppler_data +, qt5Support ? false, qtbase ? null +, introspectionSupport ? false, gobject-introspection ? null +, utils ? false +, minimal ? false, suffix ? "glib" +}: + +let + version = "0.61.1"; + mkFlag = optset: flag: "-DENABLE_${flag}=${if optset then "on" else "off"}"; +in +stdenv.mkDerivation rec { + name = "poppler-${suffix}-${version}"; + + src = fetchurl { + url = "${meta.homepage}/poppler-${version}.tar.xz"; + sha256 = "1afdrxxkaivvviazxkg5blsf2x24sjkfj92ib0d3q5pm8dihjrhj"; + }; + + outputs = [ "out" "dev" ]; + + patches = [ + (fetchpatch { + name = "CVE-2018-13988"; + url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee"; + sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2"; + }) + ./0.61-CVE-2019-9959.patch + ]; + + buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data; + + # TODO: reduce propagation to necessary libs + propagatedBuildInputs = with lib; + [ zlib freetype fontconfig libjpeg openjpeg ] + ++ optionals (!minimal) [ cairo lcms curl ] + ++ optional qt5Support qtbase + ++ optional introspectionSupport gobject-introspection; + + nativeBuildInputs = [ cmake ninja pkgconfig ]; + + # Not sure when and how to pass it. It seems an upstream bug anyway. + CXXFLAGS = stdenv.lib.optionalString stdenv.cc.isClang "-std=c++11"; + + cmakeFlags = [ + (mkFlag true "XPDF_HEADERS") + (mkFlag (!minimal) "GLIB") + (mkFlag (!minimal) "CPP") + (mkFlag (!minimal) "LIBCURL") + (mkFlag utils "UTILS") + (mkFlag qt5Support "QT5") + ]; + + meta = with lib; { + homepage = "https://poppler.freedesktop.org/"; + description = "A PDF rendering library"; + + longDescription = '' + Poppler is a PDF rendering library based on the xpdf-3.0 code base. + ''; + + license = licenses.gpl2; + platforms = platforms.all; + maintainers = with maintainers; [ ttuegel ]; + }; +} diff --git a/nixpkgs/pkgs/development/libraries/poppler/default.nix b/nixpkgs/pkgs/development/libraries/poppler/default.nix new file mode 100644 index 000000000000..93b49524dc1d --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/poppler/default.nix @@ -0,0 +1,64 @@ +{ stdenv, lib, fetchurl, fetchpatch, cmake, ninja, pkgconfig, libiconv, libintl +, zlib, curl, cairo, freetype, fontconfig, lcms, libjpeg, openjpeg +, withData ? true, poppler_data +, qt5Support ? false, qtbase ? null +, introspectionSupport ? false, gobject-introspection ? null +, utils ? false, nss ? null +, minimal ? false, suffix ? "glib" +}: + +let + mkFlag = optset: flag: "-DENABLE_${flag}=${if optset then "on" else "off"}"; +in +stdenv.mkDerivation rec { + name = "poppler-${suffix}-${version}"; + version = "0.88.0"; # beware: updates often break cups-filters build, check texlive and scribusUnstable too! + + src = fetchurl { + url = "${meta.homepage}/poppler-${version}.tar.xz"; + sha256 = "1isns9s484irq9ir4hbhpyqf6af2xzswh2pfrvk1k9d5x423hidl"; + }; + + outputs = [ "out" "dev" ]; + + buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data; + + # TODO: reduce propagation to necessary libs + propagatedBuildInputs = with lib; + [ zlib freetype fontconfig libjpeg openjpeg ] + ++ optionals (!minimal) [ cairo lcms curl ] + ++ optional qt5Support qtbase + ++ optional utils nss + ++ optional introspectionSupport gobject-introspection; + + nativeBuildInputs = [ cmake ninja pkgconfig ]; + + # Workaround #54606 + preConfigure = stdenv.lib.optionalString stdenv.isDarwin '' + sed -i -e '1i cmake_policy(SET CMP0025 NEW)' CMakeLists.txt + ''; + + cmakeFlags = [ + (mkFlag true "UNSTABLE_API_ABI_HEADERS") # previously "XPDF_HEADERS" + (mkFlag (!minimal) "GLIB") + (mkFlag (!minimal) "CPP") + (mkFlag (!minimal) "LIBCURL") + (mkFlag utils "UTILS") + (mkFlag qt5Support "QT5") + ]; + + meta = with lib; { + homepage = "https://poppler.freedesktop.org/"; + description = "A PDF rendering library"; + + longDescription = '' + Poppler is a PDF rendering library based on the xpdf-3.0 code + base. In addition it provides a number of tools that can be + installed separately. + ''; + + license = licenses.gpl2; + platforms = platforms.all; + maintainers = with maintainers; [ ttuegel ] ++ teams.freedesktop.members; + }; +} |