From aaf1262ecc060e02ab314cfe6709bcaa3f329b2b Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro@gmail.com>
Date: Tue, 3 May 2022 16:57:43 +0200
Subject: [PATCH] Update to 0.9.8

---
 .gitignore                  |  1 +
 podofo-0.9.4-freetype.patch |  6 +++---
 podofo-gcc12.patch          |  6 +++---
 podofo.spec                 | 12 ++++++------
 podofo_CVE-2018-12983.patch | 16 ----------------
 podofo_CVE-2019-20093.patch |  6 +++---
 podofo_maxbytes.patch       | 18 +++++++++---------
 sources                     |  2 +-
 8 files changed, 26 insertions(+), 41 deletions(-)
 delete mode 100644 podofo_CVE-2018-12983.patch

diff --git a/.gitignore b/.gitignore
index 34767dd..16eb7c6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,4 @@ podofo-0.8.1.tar.gz
 /podofo-0.9.5.tar.gz
 /podofo-0.9.6.tar.gz
 /podofo-0.9.7.tar.gz
+/podofo-0.9.8.tar.gz
diff --git a/podofo-0.9.4-freetype.patch b/podofo-0.9.4-freetype.patch
index 3cf5afa..dd84155 100644
--- a/podofo-0.9.4-freetype.patch
+++ b/podofo-0.9.4-freetype.patch
@@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/CMakeLists.txt podofo-0.9.7-new/CMakeLists.txt
---- podofo-0.9.7/CMakeLists.txt	2021-01-05 17:56:54.000000000 +0100
-+++ podofo-0.9.7-new/CMakeLists.txt	2022-01-28 10:14:43.955674693 +0100
+diff -rupN --no-dereference podofo-0.9.8/CMakeLists.txt podofo-0.9.8-new/CMakeLists.txt
+--- podofo-0.9.8/CMakeLists.txt	2022-05-03 14:18:23.000000000 +0200
++++ podofo-0.9.8-new/CMakeLists.txt	2022-05-03 15:21:08.930832253 +0200
 @@ -407,8 +407,8 @@ ENDIF(NOT PODOFO_BUILD_LIB_ONLY)
  
  FIND_PACKAGE(OpenSSL)
diff --git a/podofo-gcc12.patch b/podofo-gcc12.patch
index f4e68e9..af89a1c 100644
--- a/podofo-gcc12.patch
+++ b/podofo-gcc12.patch
@@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/test/unit/StringTest.cpp podofo-0.9.7-new/test/unit/StringTest.cpp
---- podofo-0.9.7/test/unit/StringTest.cpp	2019-01-15 14:04:40.000000000 +0100
-+++ podofo-0.9.7-new/test/unit/StringTest.cpp	2022-01-28 10:14:44.069677817 +0100
+diff -rupN --no-dereference podofo-0.9.8/test/unit/StringTest.cpp podofo-0.9.8-new/test/unit/StringTest.cpp
+--- podofo-0.9.8/test/unit/StringTest.cpp	2019-01-15 14:04:40.000000000 +0100
++++ podofo-0.9.8-new/test/unit/StringTest.cpp	2022-05-03 15:21:09.037838070 +0200
 @@ -179,19 +179,19 @@ void StringTest::testUtf16beContructor()
      CPPUNIT_ASSERT_EQUAL_MESSAGE( "Comparing UTF8 and UTF16 string converted to UTF8", 
                                    strUtf8.GetStringUtf8(), strUtf16.GetStringUtf8() );
diff --git a/podofo.spec b/podofo.spec
index 7a407cc..ec866b3 100644
--- a/podofo.spec
+++ b/podofo.spec
@@ -1,6 +1,6 @@
 Name:           podofo
-Version:        0.9.7
-Release:        8%{?dist}
+Version:        0.9.8
+Release:        1%{?dist}
 Summary:        Tools and libraries to work with the PDF file format
 
 # The library is licensed under the LGPL.
@@ -15,9 +15,6 @@ Patch0:         podofo-0.9.4-freetype.patch
 # Downstream patch for CVE-2019-20093
 # https://sourceforge.net/p/podofo/tickets/75/
 Patch20:        podofo_CVE-2019-20093.patch
-# Proposed patch for CVE-2018-12983
-# https://sourceforge.net/p/podofo/tickets/23/
-Patch21:        podofo_CVE-2018-12983.patch
 # https://sourceforge.net/p/podofo/tickets/101/
 Patch22:        podofo_maxbytes.patch
 # Comment out some asserts in the testsuite which fail to build with gcc12
@@ -181,7 +178,7 @@ rm -rf %{buildroot}%{mingw64_datadir}
 %files libs
 %doc AUTHORS ChangeLog FAQ.html README.html TODO
 %license COPYING.LIB COPYING.exception
-%{_libdir}/*.so.0.9.7
+%{_libdir}/*.so.0.9.8
 
 %files devel
 %doc doc/html examples
@@ -211,6 +208,9 @@ rm -rf %{buildroot}%{mingw64_datadir}
 
 
 %changelog
+* Tue May 03 2022 Sandro Mani <manisandro@gmail.com> - 0.9.8-1
+- Update to 0.9.8
+
 * Fri Mar 25 2022 Sandro Mani <manisandro@gmail.com> - 0.9.7-8
 - Rebuild with mingw-gcc-12
 
diff --git a/podofo_CVE-2018-12983.patch b/podofo_CVE-2018-12983.patch
deleted file mode 100644
index a28ea7e..0000000
--- a/podofo_CVE-2018-12983.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfEncrypt.cpp podofo-0.9.7-new/src/podofo/base/PdfEncrypt.cpp
---- podofo-0.9.7/src/podofo/base/PdfEncrypt.cpp	2019-01-15 14:04:40.000000000 +0100
-+++ podofo-0.9.7-new/src/podofo/base/PdfEncrypt.cpp	2022-01-28 10:14:44.010676200 +0100
-@@ -615,6 +615,12 @@ PdfEncrypt* PdfEncrypt::CreatePdfEncrypt
-             && PdfEncrypt::IsEncryptionEnabled( ePdfEncryptAlgorithm_RC4V2 ) ) 
-     {
-         // [Alexey] - lLength is pdf_int64. Please make changes in encryption algorithms
-+        // [mabri] - Fix CVE-2018-12983: Check key length lLength here
-+        // to prevent stack-based buffer over-read in line 867 of this file
-+        if (lLength > MD5_DIGEST_LENGTH * 8) // lLength in bits, md5 in bytes 
-+        {
-+            PODOFO_RAISE_ERROR_INFO( ePdfError_ValueOutOfRange, "Given key length too large for MD5." );
-+        }
-         pdfEncrypt = new PdfEncryptRC4(oValue, uValue, pValue, rValue, ePdfEncryptAlgorithm_RC4V2, static_cast<int>(lLength), encryptMetadata);
-     }
-     else 
diff --git a/podofo_CVE-2019-20093.patch b/podofo_CVE-2019-20093.patch
index 4a4ee25..ef38026 100644
--- a/podofo_CVE-2019-20093.patch
+++ b/podofo_CVE-2019-20093.patch
@@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/tools/podofoimgextract/ImageExtractor.cpp podofo-0.9.7-new/tools/podofoimgextract/ImageExtractor.cpp
---- podofo-0.9.7/tools/podofoimgextract/ImageExtractor.cpp	2018-02-25 12:48:38.000000000 +0100
-+++ podofo-0.9.7-new/tools/podofoimgextract/ImageExtractor.cpp	2022-01-28 10:14:43.982675433 +0100
+diff -rupN --no-dereference podofo-0.9.8/tools/podofoimgextract/ImageExtractor.cpp podofo-0.9.8-new/tools/podofoimgextract/ImageExtractor.cpp
+--- podofo-0.9.8/tools/podofoimgextract/ImageExtractor.cpp	2018-02-25 12:48:38.000000000 +0100
++++ podofo-0.9.8-new/tools/podofoimgextract/ImageExtractor.cpp	2022-05-03 15:21:08.964834103 +0200
 @@ -117,6 +117,11 @@ void ImageExtractor::ExtractImage( PdfOb
          //long lBitsPerComponent = pObject->GetDictionary().GetKey( PdfName("BitsPerComponent" ) )->GetNumber();
          // TODO: Handle colorspaces
diff --git a/podofo_maxbytes.patch b/podofo_maxbytes.patch
index 9f6574e..bc7c968 100644
--- a/podofo_maxbytes.patch
+++ b/podofo_maxbytes.patch
@@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfParser.h podofo-0.9.7-new/src/podofo/base/PdfParser.h
---- podofo-0.9.7/src/podofo/base/PdfParser.h	2020-03-27 17:53:35.000000000 +0100
-+++ podofo-0.9.7-new/src/podofo/base/PdfParser.h	2022-01-28 10:14:44.039676995 +0100
+diff -rupN --no-dereference podofo-0.9.8/src/podofo/base/PdfParser.h podofo-0.9.8-new/src/podofo/base/PdfParser.h
+--- podofo-0.9.8/src/podofo/base/PdfParser.h	2022-03-12 17:08:42.000000000 +0100
++++ podofo-0.9.8-new/src/podofo/base/PdfParser.h	2022-05-03 15:21:09.000836061 +0200
 @@ -39,7 +39,7 @@
  #include "PdfVecObjects.h"
  
@@ -10,9 +10,9 @@ diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfParser.h podofo-0.9.
  
  namespace PoDoFo {
  
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.cpp podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.cpp
---- podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.cpp	2020-10-10 19:17:47.000000000 +0200
-+++ podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.cpp	2022-01-28 10:14:44.039676995 +0100
+diff -rupN --no-dereference podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.cpp podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.cpp
+--- podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.cpp	2021-08-18 19:14:51.000000000 +0200
++++ podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.cpp	2022-05-03 15:21:09.000836061 +0200
 @@ -237,7 +237,7 @@ void PdfXRefStreamParserObject::ReadXRef
  {
      int              i;
@@ -32,9 +32,9 @@ diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObje
              ++pBuffer;
          }
      }
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.h podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.h
---- podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.h	2019-05-23 12:08:59.000000000 +0200
-+++ podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.h	2022-01-28 10:14:44.040677023 +0100
+diff -rupN --no-dereference podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.h podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.h
+--- podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.h	2021-08-18 19:14:51.000000000 +0200
++++ podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.h	2022-05-03 15:21:09.000836061 +0200
 @@ -38,7 +38,7 @@
  #include "PdfParserObject.h"
  
diff --git a/sources b/sources
index f5da55d..93d6300 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (podofo-0.9.7.tar.gz) = 0e699739c2fb7d4d02ffca371504bb19f3a8a97ddcbfc06f8d9636db9e73064b4f633f7f09bce92140bb2174610ad68c1e5f8460d474d176ab803ed28295251b
+SHA512 (podofo-0.9.8.tar.gz) = b220322114450f1656c73d325f5172bc4cec0b1913e98b4eb2455f8ed7394bcaa47438d41003c9678937ef44d411e135431ddd6784f83d3663337d471baa02b1