diff options
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/poppler')
3 files changed, 229 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch b/nixpkgs/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch new file mode 100644 index 000000000000..5c2af7a2adc2 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch @@ -0,0 +1,20 @@ +diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc +--- a/poppler/JPEG2000Stream.cc ++++ b/poppler/JPEG2000Stream.cc +@@ -201,7 +201,7 @@ void JPXStream::init() + if (getDict()) smaskInData = getDict()->lookup("SMaskInData"); + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { + +@@ -365,7 +365,7 @@ void JPXStream::init() + } + + int bufSize = BUFFER_INITIAL_SIZE; +- if (oLen.isInt()) bufSize = oLen.getInt(); ++ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); + + if (cspace.isArray() && cspace.arrayGetLength() > 0) { diff --git a/nixpkgs/pkgs/development/libraries/poppler/0.61.nix b/nixpkgs/pkgs/development/libraries/poppler/0.61.nix new file mode 100644 index 000000000000..e46da53f68dc --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/poppler/0.61.nix @@ -0,0 +1,94 @@ +{ stdenv +, lib +, fetchurl +, fetchpatch +, cairo +, cmake +, curl +, fontconfig +, freetype +, lcms +, libiconv +, libintl +, libjpeg +, ninja +, openjpeg +, pkg-config +, zlib +, withData ? true, poppler_data +, qt5Support ? false, qtbase ? null +, introspectionSupport ? false, gobject-introspection ? null +, utils ? false +, minimal ? false, suffix ? "glib" +}: + +let + version = "0.61.1"; + mkFlag = optset: flag: "-DENABLE_${flag}=${if optset then "on" else "off"}"; +in +stdenv.mkDerivation rec { + pname = "poppler-${suffix}"; + inherit version; + + src = fetchurl { + url = "https://poppler.freedesktop.org/poppler-${version}.tar.xz"; + sha256 = "1afdrxxkaivvviazxkg5blsf2x24sjkfj92ib0d3q5pm8dihjrhj"; + }; + + outputs = [ "out" "dev" ]; + + patches = [ + # Fix internal crash: a negative number that should not be + (fetchpatch { + name = "CVE-2018-13988"; + url = "https://cgit.freedesktop.org/poppler/poppler/patch/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee"; + sha256 = "1l8713s57xc6g81bldw934rsfm140fqc7ggd50ha5mxdl1b3app2"; + }) + # Fix internal crash: a negative number that should not be (not the above!) + ./0.61-CVE-2019-9959.patch + ]; + + nativeBuildInputs = [ + cmake + ninja + pkg-config + ]; + + buildInputs = [ + libiconv + libintl + ] + ++ lib.optional withData poppler_data; + + # TODO: reduce propagation to necessary libs + propagatedBuildInputs = with lib; + [ zlib freetype fontconfig libjpeg openjpeg ] + ++ optionals (!minimal) [ cairo lcms curl ] + ++ optional qt5Support qtbase + ++ optional introspectionSupport gobject-introspection; + + # Not sure when and how to pass it. It seems an upstream bug anyway. + CXXFLAGS = lib.optionalString stdenv.cc.isClang "-std=c++11"; + + cmakeFlags = [ + (mkFlag true "XPDF_HEADERS") + (mkFlag (!minimal) "GLIB") + (mkFlag (!minimal) "CPP") + (mkFlag (!minimal) "LIBCURL") + (mkFlag utils "UTILS") + (mkFlag qt5Support "QT5") + ]; + + dontWrapQtApps = true; + + meta = with lib; { + homepage = "https://poppler.freedesktop.org/"; + description = "A PDF rendering library"; + longDescription = '' + Poppler is a PDF rendering library based on the xpdf-3.0 code base. + ''; + license = licenses.gpl2Plus; + platforms = platforms.all; + maintainers = with maintainers; [ ttuegel ]; + }; +} diff --git a/nixpkgs/pkgs/development/libraries/poppler/default.nix b/nixpkgs/pkgs/development/libraries/poppler/default.nix new file mode 100644 index 000000000000..5547e492a65b --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/poppler/default.nix @@ -0,0 +1,115 @@ +{ lib +, stdenv +, fetchurl +, fetchpatch +, cairo +, cmake +, pcre +, boost +, cups-filters +, curl +, fontconfig +, freetype +, inkscape +, lcms +, libiconv +, libintl +, libjpeg +, ninja +, openjpeg +, pkg-config +, python3 +, scribusUnstable +, texlive +, zlib +, withData ? true, poppler_data +, qt5Support ? false, qtbase ? null +, introspectionSupport ? false, gobject-introspection ? null +, utils ? false, nss ? null +, minimal ? false +, suffix ? "glib" +}: + +let + mkFlag = optset: flag: "-DENABLE_${flag}=${if optset then "on" else "off"}"; +in +stdenv.mkDerivation rec { + pname = "poppler-${suffix}"; + version = "22.03.0"; # beware: updates often break cups-filters build, check texlive and scribusUnstable too! + + outputs = [ "out" "dev" ]; + + src = fetchurl { + url = "https://poppler.freedesktop.org/poppler-${version}.tar.xz"; + sha256 = "sha256-cox4upTXWlX2tjVdT72qb0mTTZYWvljl5nmpz9CYDh4="; + }; + + nativeBuildInputs = [ + cmake + ninja + pkg-config + python3 + ]; + + buildInputs = [ + boost + pcre + libiconv + libintl + ] ++ lib.optional withData [ + poppler_data + ]; + + # TODO: reduce propagation to necessary libs + propagatedBuildInputs = [ + zlib + freetype + fontconfig + libjpeg + openjpeg + ] ++ lib.optionals (!minimal) [ + cairo + lcms + curl + nss + ] ++ lib.optionals qt5Support [ + qtbase + ] ++ lib.optionals introspectionSupport [ + gobject-introspection + ]; + + cmakeFlags = [ + (mkFlag true "UNSTABLE_API_ABI_HEADERS") # previously "XPDF_HEADERS" + (mkFlag (!minimal) "GLIB") + (mkFlag (!minimal) "CPP") + (mkFlag (!minimal) "LIBCURL") + (mkFlag utils "UTILS") + (mkFlag qt5Support "QT5") + ]; + + dontWrapQtApps = true; + + # Workaround #54606 + preConfigure = lib.optionalString stdenv.isDarwin '' + sed -i -e '1i cmake_policy(SET CMP0025 NEW)' CMakeLists.txt + ''; + + passthru = { + tests = { + # These depend on internal poppler code that frequently changes. + inherit inkscape cups-filters texlive scribusUnstable; + }; + }; + + meta = with lib; { + homepage = "https://poppler.freedesktop.org/"; + description = "A PDF rendering library"; + longDescription = '' + Poppler is a PDF rendering library based on the xpdf-3.0 code base. In + addition it provides a number of tools that can be installed separately. + ''; + license = licenses.gpl2Plus; + platforms = platforms.all; + maintainers = with maintainers; [ ttuegel ] ++ teams.freedesktop.members; + }; +} |