- rel 12; fixes from fc that prevent crashing

diff --git a/htmldoc-1.8.27-fortify-fail.patch b/htmldoc-1.8.27-fortify-fail.patch
new file mode 100644 (file)
index 0000000..32ec887
--- /dev/null
+++ b/htmldoc-1.8.27-fortify-fail.patch
@@ -0,0 +1,21 @@
+diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
+--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx 2009-08-13 19:32:21.846860508 -0400
++++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx  2009-08-13 19:40:29.185857503 -0400
+@@ -8619,7 +8619,7 @@
+           return (NULL);
+         }
+       // Safe because buffer is allocated...
+-        strcpy((char *)r->data.text.buffer, (char *)data);
++        memcpy((char *)r->data.text.buffer, (char *)data, strlen((char *)data));
+         get_color(_htmlTextColor, r->data.text.rgb);
+         break;
+     case RENDER_IMAGE :
+@@ -8640,7 +8640,7 @@
+           return (NULL);
+         }
+       // Safe because buffer is allocated...
+-        strcpy((char *)r->data.link, (char *)data);
++        memcpy((char *)r->data.link, (char *)data, strlen((char *)data));
+         break;
+   }
+ 

diff --git a/htmldoc-1.8.27-scanf-overflows.patch b/htmldoc-1.8.27-scanf-overflows.patch
new file mode 100644 (file)
index 0000000..f4b6591
--- /dev/null
+++ b/htmldoc-1.8.27-scanf-overflows.patch
@@ -0,0 +1,38 @@
+diff -ur htmldoc-1.8.27~/htmldoc/htmllib.cxx htmldoc-1.8.27/htmldoc/htmllib.cxx
+--- htmldoc-1.8.27~/htmldoc/htmllib.cxx        2009-08-13 19:25:30.066734472 -0400
++++ htmldoc-1.8.27/htmldoc/htmllib.cxx 2009-08-13 19:25:38.997733603 -0400
+@@ -2154,7 +2154,7 @@
+         * assigned charset...
+         */
+ 
+-          if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2)
++          if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%63s", &width, glyph) != 2)
+           continue;
+ 
+           for (ch = 0; ch < 256; ch ++)
+Only in htmldoc-1.8.27/htmldoc: htmllib.cxx.orig
+diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
+--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx 2009-08-13 19:25:30.076736152 -0400
++++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx  2009-08-13 19:25:39.010735889 -0400
+@@ -12515,7 +12515,7 @@
+         * assigned charset...
+         */
+ 
+-        if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2)
++        if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%63s", &width, glyph) != 2)
+           continue;
+ 
+         for (ch = 0; ch < 256; ch ++)
+Only in htmldoc-1.8.27/htmldoc: ps-pdf.cxx.orig
+diff -ur htmldoc-1.8.27~/htmldoc/util.cxx htmldoc-1.8.27/htmldoc/util.cxx
+--- htmldoc-1.8.27~/htmldoc/util.cxx   2005-04-24 15:20:32.000000000 -0400
++++ htmldoc-1.8.27/htmldoc/util.cxx    2009-08-13 19:25:39.014737749 -0400
+@@ -484,7 +484,7 @@
+     PageWidth  = 595;
+     PageLength = 792;
+   }
+-  else if (sscanf(size, "%fx%f%s", &width, &length, units) >= 2)
++  else if (sscanf(size, "%fx%f%254s", &width, &length, units) >= 2)
+   {
+    /*
+     * Custom size...

diff --git a/htmldoc.spec b/htmldoc.spec
index fc133b59d7562306049a2108c9f8eee33095a98f..fc6a4285f06ab772ec9b5f9e05d2ddfa477f9469 100644 (file)
--- a/htmldoc.spec
+++ b/htmldoc.spec
@@ -6,12 +6,14 @@ Summary:      HTML processing program
 Summary(pl.UTF-8):     Program przetwarzający HTML
 Name:          htmldoc
 Version:       1.8.27
-Release:       11
+Release:       12
 License:       GPL v2 with OpenSSL exception
 Group:         Applications/Publishing
 Source0:       ftp://ftp.easysw.com/pub/htmldoc/%{version}/%{name}-%{version}-source.tar.bz2
 # Source0-md5: 35589e7b8fe9c54e11be87cd5aec4dcc
 Patch0:                %{name}-libpng15.patch
+Patch1:                htmldoc-1.8.27-fortify-fail.patch
+Patch2:                htmldoc-1.8.27-scanf-overflows.patch
 URL:           http://www.htmldoc.org/
 %{?with_gui:BuildRequires:     xorg-lib-libXpm-devel}
 BuildRequires: autoconf
@@ -34,6 +36,8 @@ PDF ze spisem treści.
 %prep
 %setup -q
 %patch0 -p0
+%patch1 -p1
+%patch2 -p1
 
 %build
 %configure \