commit e77499c7d6762c3cecf5f97fdef416f64d5c885f · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

fig2dev: apply patches for CVE-2025-31162 and CVE-2025-31163

https://sourceforge.net/p/mcj/tickets/185/
https://sourceforge.net/p/mcj/tickets/186/

Thomas Gerbet 10 months ago e77499c7 55bfb51d

+123

3 changed files

expand all

unified split

pkgs

by-name

fig2dev

CVE-2025-31162.patch

CVE-2025-31163.patch

package.nix

+27

pkgs/by-name/fi/fig2dev/CVE-2025-31162.patch

··· 1 + commit da8992f44b84a337b4edaa67fc8b36b55eaef696 2 + Date: Wed Jan 22 23:18:54 2025 +0100 3 + 4 + Reject huge pattern lengths, ticket #185 5 + 6 + Reject patterned lines, e.g., dashed lines, where the 7 + pattern length exceeds 80 inches. 8 + 9 + diff --git a/fig2dev/object.h b/fig2dev/object.h 10 + index 29f5a62..7f83939 100644 11 + --- a/fig2dev/object.h 12 + +++ b/fig2dev/object.h 13 + @@ -57,12 +57,13 @@ typedef struct f_comment { 14 + struct f_comment *next; 15 + } F_comment; 16 + 17 + +#define STYLE_VAL_MAX 6400.0 /* dash length 80 inches, that is enough */ 18 + #define COMMON_PROPERTIES(o) \ 19 + o->style < SOLID_LINE || o->style > DASH_3_DOTS_LINE || \ 20 + o->thickness < 0 || o->depth < 0 || o->depth > 999 || \ 21 + o->fill_style < UNFILLED || \ 22 + o->fill_style >= NUMSHADES + NUMTINTS + NUMPATTERNS || \ 23 + - o->style_val < 0.0 24 + + o->style_val < 0.0 || o->style_val > STYLE_VAL_MAX 25 + 26 + typedef struct f_ellipse { 27 + int type;

+91

pkgs/by-name/fi/fig2dev/CVE-2025-31163.patch

··· 1 + commit c8a87d22036e62bac0c6f7836078d8103caa6457 2 + Author: Thomas Loimer <thomas.loimer@tuwien.ac.at> 3 + Date: Wed Jan 22 23:27:43 2025 +0100 4 + 5 + Reject arcs with co-incident points, ticket #186 6 + 7 + diff --git a/fig2dev/object.h b/fig2dev/object.h 8 + index 7f83939..50afbf0 100644 9 + --- a/fig2dev/object.h 10 + +++ b/fig2dev/object.h 11 + @@ -3,7 +3,7 @@ 12 + * Copyright (c) 1991 by Micah Beck 13 + * Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul 14 + * Parts Copyright (c) 1989-2015 by Brian V. Smith 15 + - * Parts Copyright (c) 2015-2023 by Thomas Loimer 16 + + * Parts Copyright (c) 2015-2025 by Thomas Loimer 17 + * 18 + * Any party obtaining a copy of these files is granted, free of charge, a 19 + * full and unrestricted irrevocable, world-wide, paid up, royalty-free, 20 + @@ -92,10 +92,10 @@ typedef struct f_ellipse { 21 + struct f_ellipse *next; 22 + } F_ellipse; 23 + 24 + -#define INVALID_ELLIPSE(e) \ 25 + +#define INVALID_ELLIPSE(e) \ 26 + e->type < T_ELLIPSE_BY_RAD || e->type > T_CIRCLE_BY_DIA || \ 27 + - COMMON_PROPERTIES(e) || (e->direction != 1 && e->direction != 0) || \ 28 + - e->radiuses.x == 0 || e->radiuses.y == 0 || \ 29 + + COMMON_PROPERTIES(e) || (e->direction != 1 && e->direction != 0) || \ 30 + + e->radiuses.x == 0 || e->radiuses.y == 0 || \ 31 + e->angle < -7. || e->angle > 7. 32 + 33 + typedef struct f_arc { 34 + @@ -126,12 +126,16 @@ typedef struct f_arc { 35 + #define CIRCARC 9 36 + #define CIRCULARARC > 8 37 + 38 + -#define INVALID_ARC(a) \ 39 + +#define COINCIDENT(a, b) (a.x == b.x && a.y == b.y) 40 + +#define INVALID_ARC(a) \ 41 + a->type < T_OPEN_ARC || a->type > T_PIE_WEDGE_ARC || \ 42 + COMMON_PROPERTIES(a) || a->cap_style < 0 || a->cap_style > 2 || \ 43 + a->center.x < COORD_MIN || a->center.x > COORD_MAX || \ 44 + a->center.y < COORD_MIN || a->center.y > COORD_MAX || \ 45 + - (a->direction != 0 && a->direction != 1) 46 + + (a->direction != 0 && a->direction != 1) || \ 47 + + COINCIDENT(a->point[0], a->point[1]) || \ 48 + + COINCIDENT(a->point[0], a->point[2]) || \ 49 + + COINCIDENT(a->point[1], a->point[2]) 50 + 51 + typedef struct f_line { 52 + int type; 53 + diff --git a/fig2dev/tests/read.at b/fig2dev/tests/read.at 54 + index 1b4baea..da9ea3e 100644 55 + --- a/fig2dev/tests/read.at 56 + +++ b/fig2dev/tests/read.at 57 + @@ -2,7 +2,7 @@ dnl Fig2dev: Translate Fig code to various Devices 58 + dnl Copyright (c) 1991 by Micah Beck 59 + dnl Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul 60 + dnl Parts Copyright (c) 1989-2015 by Brian V. Smith 61 + -dnl Parts Copyright (c) 2015-2024 by Thomas Loimer 62 + +dnl Parts Copyright (c) 2015-2025 by Thomas Loimer 63 + dnl 64 + dnl Any party obtaining a copy of these files is granted, free of charge, a 65 + dnl full and unrestricted irrevocable, world-wide, paid up, royalty-free, 66 + @@ -14,7 +14,7 @@ dnl party to do so, with the only requirement being that the above copyright 67 + dnl and this permission notice remain intact. 68 + 69 + dnl read.at 70 + -dnl Author: Thomas Loimer, 2017-2024 71 + +dnl Author: Thomas Loimer, 2017-2025 72 + 73 + 74 + AT_BANNER([Sanitize and harden input.]) 75 + @@ -248,6 +248,16 @@ EOF 76 + ]) 77 + AT_CLEANUP 78 + 79 + +AT_SETUP([reject arcs with coincident points, ticket #186]) 80 + +AT_KEYWORDS(read.c arc) 81 + +AT_CHECK([fig2dev -L pict2e <<EOF 82 + +FIG_FILE_TOP 83 + +5 1 0 15 0 7 50 0 -1 0.0 1 0 0 0 0.0 0.0 1 1 1 1 2 0 84 + +EOF 85 + +], 1, ignore, [Invalid arc object at line 10. 86 + +]) 87 + +AT_CLEANUP 88 + + 89 + AT_SETUP([survive debian bugs #881143, #881144]) 90 + AT_KEYWORDS([font pic tikz]) 91 + AT_CHECK([fig2dev -L pic <<EOF

pkgs/by-name/fi/fig2dev/package.nix

··· 21 21 hash = "sha256-YeGFOTF2hS8DuQGzsFsZ+8Wtglj/FC89pucLG4NRMyY="; 22 22 }; 23 23 24 + patches = [ 25 + ./CVE-2025-31162.patch 26 + ./CVE-2025-31163.patch 27 + ]; 28 + 24 29 nativeBuildInputs = [ makeWrapper ]; 25 30 buildInputs = [ libpng ]; 26 31