mupdf: fix build/CVE-2016-6265

srcpkgs/mupdf/patches/0001-mupdf-openjpeg.patch

@@ -0,0 +1,37 @@
+--- source/fitz/load-jpx.c
++++ source/fitz/load-jpx.c
+@@ -3,12 +3,17 @@
+ /* Without the definition of OPJ_STATIC, compilation fails on windows
+  * due to the use of __stdcall. We believe it is required on some
+  * linux toolchains too. */
++
++#ifdef __cplusplus
++extern "C"
++{
+ #define OPJ_STATIC
+ #ifndef _MSC_VER
+ #define OPJ_HAVE_STDINT_H
+ #endif
++#endif
+ 
+-#include <openjpeg.h>
++#include <openjpeg-2.1/openjpeg.h>
+ 
+ static void fz_opj_error_callback(const char *msg, void *client_data)
+ {
+@@ -117,7 +122,7 @@ fz_load_jpx(fz_context *ctx, unsigned ch
+ 	opj_stream_set_read_function(stream, fz_opj_stream_read);
+ 	opj_stream_set_skip_function(stream, fz_opj_stream_skip);
+ 	opj_stream_set_seek_function(stream, fz_opj_stream_seek);
+-	opj_stream_set_user_data(stream, &sb);
++	opj_stream_set_user_data(stream, &sb, NULL);
+ 	/* Set the length to avoid an assert */
+ 	opj_stream_set_user_data_length(stream, size);
+ 
+@@ -247,3 +252,6 @@ fz_load_jpx(fz_context *ctx, unsigned ch
+ 
+ 	return img;
+ }
++#ifdef __cplusplus
++}
++#endif

srcpkgs/mupdf/patches/CVE-2016-6265.patch

@@ -0,0 +1,36 @@
+From fa1936405b6a84e5c9bb440912c23d532772f958 Mon Sep 17 00:00:00 2001
+From: Robin Watts <robin.watts@artifex.com>
+Date: Thu, 21 Jul 2016 15:39:11 +0100
+Subject: [PATCH] Bug 696941: Fix use after free.
+
+The file is HORRIBLY corrupt, and triggers Sophos to think it's
+PDF malware (which it isn't). It does however trigger a use
+after free, worked around here.
+---
+ source/pdf/pdf-xref.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
+index 576c315..3222599 100644
+--- source/pdf/pdf-xref.c
++++ source/pdf/pdf-xref.c
+@@ -1184,8 +1184,14 @@ pdf_load_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf)
+ 				fz_throw(ctx, FZ_ERROR_GENERIC, "object offset out of range: %d (%d 0 R)", (int)entry->ofs, i);
+ 		}
+ 		if (entry->type == 'o')
+-			if (entry->ofs <= 0 || entry->ofs >= xref_len || pdf_get_xref_entry(ctx, doc, entry->ofs)->type != 'n')
+-				fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)entry->ofs, i);
++		{
++			/* Read this into a local variable here, because pdf_get_xref_entry
++			 * may solidify the xref, hence invalidating "entry", meaning we
++			 * need a stashed value for the throw. */
++			fz_off_t ofs = entry->ofs;
++			if (ofs <= 0 || ofs >= xref_len || pdf_get_xref_entry(ctx, doc, ofs)->type != 'n')
++				fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)ofs, i);
++		}
+ 	}
+ }
+ 
+-- 
+2.9.1
+

srcpkgs/mupdf/patches/mupdf-1.5-openjpeg-2.1.patch

@@ -1,11 +0,0 @@
---- source/fitz/load-jpx.c
-+++ source/fitz/load-jpx.c
-@@ -116,7 +116,7 @@
- 	opj_stream_set_read_function(stream, fz_opj_stream_read);
- 	opj_stream_set_skip_function(stream, fz_opj_stream_skip);
- 	opj_stream_set_seek_function(stream, fz_opj_stream_seek);
--	opj_stream_set_user_data(stream, &sb);
-+	opj_stream_set_user_data(stream, &sb, NULL);
- 	/* Set the length to avoid an assert */
- 	opj_stream_set_user_data_length(stream, size);
- 

srcpkgs/mupdf/template

@@ -1,7 +1,7 @@
 # Template file for 'mupdf'
 pkgname=mupdf
 version=1.9a
-revision=2
+revision=3
 wrksrc="${pkgname}-${version}-source"
 hostmakedepends="pkg-config zlib-devel libcurl-devel freetype-devel
  libjpeg-turbo-devel jbig2dec-devel libXext-devel libXcursor-devel