From 50b19e39852bbb1373e762c39161038b8719d978 Mon Sep 17 00:00:00 2001
From: zhouwenpei <zhouwenpei050@chinasoftinc.com>
Date: Tue, 6 Sep 2022 20:23:49 +0800
Subject: [PATCH] fix CVE-2022-38784

---
 backport-CVE-2022-38784.patch | 32 ++++++++++++++++++++++++++++++++
 poppler.spec                  |  7 ++++++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2022-38784.patch

diff --git a/backport-CVE-2022-38784.patch b/backport-CVE-2022-38784.patch
new file mode 100644
index 0000000..ca8c95a
--- /dev/null
+++ b/backport-CVE-2022-38784.patch
@@ -0,0 +1,32 @@
+From 27354e9d9696ee2bc063910a6c9a6b27c5184a52 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Thu, 25 Aug 2022 00:14:22 +0200
+Subject: [PATCH] JBIG2Stream: Fix crash on broken file
+
+https://github.com/jeffssh/CVE-2021-30860
+
+Thanks to David Warren for the heads up
+---
+ poppler/JBIG2Stream.cc | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc
+index a861da2..0bd8305 100644
+--- a/poppler/JBIG2Stream.cc
++++ b/poppler/JBIG2Stream.cc
+@@ -2099,7 +2099,11 @@ void JBIG2Stream::readTextRegionSeg(unsigned int segNum, bool imm,
+   for (i = 0; i < nRefSegs; ++i) {
+     if ((seg = findSegment(refSegs[i]))) {
+       if (seg->getType() == jbig2SegSymbolDict) {
+-	numSyms += ((JBIG2SymbolDict *)seg)->getSize();
++	const unsigned int segSize = ((JBIG2SymbolDict *)seg)->getSize();
++	if (unlikely(checkedAdd(numSyms, segSize, &numSyms))) {
++	    error(errSyntaxError, getPos(), "Too many symbols in JBIG2 text region");
++	    return;
++	}
+       } else if (seg->getType() == jbig2SegCodeTable) {
+ 	codeTables->push_back(seg);
+       }
+-- 
+1.8.3.1
+
diff --git a/poppler.spec b/poppler.spec
index ed06139..5ce2a9b 100644
--- a/poppler.spec
+++ b/poppler.spec
@@ -4,7 +4,7 @@
 Summary:        PDF rendering library
 Name:           poppler
 Version:        0.90.0
-Release:        2
+Release:        3
 License:        (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
 URL:            http://poppler.freedesktop.org/
 Source0:        http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@@ -15,6 +15,8 @@ Patch5:         poppler-0.84.0-MacroPushRequiredVars.patch
 Patch7:         poppler-0.90.0-position-independent-code.patch
 Patch8:         %{name}-gcc11.patch
 
+Patch6001:	backport-CVE-2022-38784.patch
+
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
 BuildRequires:  gettext-devel
@@ -232,6 +234,9 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
 %{_mandir}/man1/*
 
 %changelog
+* Tue Sep 06 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 0.90.0-3
+- fix CVE-2022-38784
+
 * Tue Jan 18 2022 xu_ping <xuping33@huawei.com> - 0.90.0-2
 - Add BuildRequires openjpeg2-tools to fix "/usr/bin/opj2_decompress" not found
 
-- 
Gitee