From 693f74928d296fc8d91b3ba333a67ce8596fe9a2 Mon Sep 17 00:00:00 2001 From: Michael J Gruber Date: Thu, 15 Nov 2018 10:49:58 +0100 Subject: [PATCH] signature handling fix needs more patches than claimed --- ...r-appearance-streams-for-digital-sig.patch | 57 +++++++++++++++++++ mupdf.spec | 7 ++- 2 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 0001-Write-placeholder-appearance-streams-for-digital-sig.patch diff --git a/0001-Write-placeholder-appearance-streams-for-digital-sig.patch b/0001-Write-placeholder-appearance-streams-for-digital-sig.patch new file mode 100644 index 0000000..837a0d5 --- /dev/null +++ b/0001-Write-placeholder-appearance-streams-for-digital-sig.patch @@ -0,0 +1,57 @@ +From 7f5ccdee1f8a990e1cd675bd1a7ab4673e797f46 Mon Sep 17 00:00:00 2001 +Message-Id: <7f5ccdee1f8a990e1cd675bd1a7ab4673e797f46.1542275308.git.mjg@fedoraproject.org> +From: Tor Andersson +Date: Wed, 7 Nov 2018 19:46:54 +0100 +Subject: [PATCH] Write placeholder appearance streams for digital signatures. + +A proper appearance stream is written when signing with a certificate. +This is just to create a placeholder appearance when the original document +did not write one. +--- + source/pdf/pdf-appearance.c | 23 +++++++++++++++++++++++ + 1 file changed, 23 insertions(+) + +diff --git a/source/pdf/pdf-appearance.c b/source/pdf/pdf-appearance.c +index ceadfd09..c18d5860 100644 +--- a/source/pdf/pdf-appearance.c ++++ b/source/pdf/pdf-appearance.c +@@ -1066,6 +1066,25 @@ pdf_write_ch_widget_appearance(fz_context *ctx, pdf_annot *annot, fz_buffer *buf + pdf_write_tx_widget_appearance(ctx, annot, buf, rect, bbox, matrix, res, text, ff); + } + ++static void ++pdf_write_sig_widget_appearance(fz_context *ctx, pdf_annot *annot, fz_buffer *buf, ++ fz_rect *rect, fz_rect *bbox, fz_matrix *matrix, pdf_obj **res) ++{ ++ float x0 = rect->x0 + 1; ++ float y0 = rect->y0 + 1; ++ float x1 = rect->x1 - 1; ++ float y1 = rect->y1 - 1; ++ float w = x1 - x0; ++ float h = y1 - y0; ++ fz_append_printf(ctx, buf, "1 w\n0 G\n"); ++ fz_append_printf(ctx, buf, "%g %g %g %g re\n", x0, y0, w, h); ++ fz_append_printf(ctx, buf, "%g %g m %g %g l\n", x0, y0, x1, y1); ++ fz_append_printf(ctx, buf, "%g %g m %g %g l\n", x1, y0, x0, y1); ++ fz_append_printf(ctx, buf, "s\n"); ++ *bbox = *rect; ++ *matrix = fz_identity; ++} ++ + static void + pdf_write_widget_appearance(fz_context *ctx, pdf_annot *annot, fz_buffer *buf, + fz_rect *rect, fz_rect *bbox, fz_matrix *matrix, pdf_obj **res) +@@ -1115,6 +1134,10 @@ pdf_write_widget_appearance(fz_context *ctx, pdf_annot *annot, fz_buffer *buf, + fz_catch(ctx) + fz_rethrow(ctx); + } ++ else if (pdf_name_eq(ctx, ft, PDF_NAME(Sig))) ++ { ++ pdf_write_sig_widget_appearance(ctx, annot, buf, rect, bbox, matrix, res); ++ } + else + { + fz_throw(ctx, FZ_ERROR_GENERIC, "cannot create appearance stream for %s widgets", pdf_to_name(ctx, ft)); +-- +2.19.1.1238.g4b45f61cc0 + diff --git a/mupdf.spec b/mupdf.spec index 7ff374e..b11ec10 100644 --- a/mupdf.spec +++ b/mupdf.spec @@ -1,6 +1,6 @@ Name: mupdf Version: 1.14.0 -Release: 5%{?dist} +Release: 6%{?dist} Summary: A lightweight PDF viewer and toolkit Group: Applications/Publishing License: AGPLv3+ @@ -27,6 +27,7 @@ Patch1: mupdf-CVE-2018-16647.patch Patch2: mupdf-CVE-2018-16648.patch Patch3: mupdf-CVE-2018-18662.patch Patch4: 0001-Fix-699840-Use-saved-sig_widget-pointer-to-sign-sign.patch +Patch5: 0001-Write-placeholder-appearance-streams-for-digital-sig.patch %description MuPDF is a lightweight PDF viewer and toolkit written in portable C. @@ -64,6 +65,7 @@ done %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 echo > user.make "\ USE_SYSTEM_FREETYPE := yes USE_SYSTEM_HARFBUZZ := yes @@ -117,6 +119,9 @@ update-desktop-database &> /dev/null || : %{_libdir}/lib%{name}*.a %changelog +* Thu Nov 15 2018 Michael J Gruber - 1.14.0-6 +- signature handling fix needs more patches than claimed + * Thu Nov 15 2018 Michael J Gruber - 1.14.0-5 - fix signature handling