From 6448d1ff8b8c7542caa2c5a0907a7b5b94000197 Mon Sep 17 00:00:00 2001
From: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
Date: Sun, 29 Sep 2019 07:45:50 -0400
Subject: user/atril: upgrade to 1.22.2

---
 user/atril/CVE-2019-1010006.patch | 54 ---------------------------------------
 1 file changed, 54 deletions(-)
 delete mode 100644 user/atril/CVE-2019-1010006.patch

(limited to 'user/atril/CVE-2019-1010006.patch')

diff --git a/user/atril/CVE-2019-1010006.patch b/user/atril/CVE-2019-1010006.patch
deleted file mode 100644
index 913e40312..000000000
--- a/user/atril/CVE-2019-1010006.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From aa8c51c24a3d716986ace9a4104a9632436ccff5 Mon Sep 17 00:00:00 2001
-From: lukefromdc <lukefromdc@hushmail.com>
-Date: Sat, 27 Jul 2019 15:07:13 -0400
-Subject: [PATCH] Fix buffer overflow in backend/tiff-document.c
-
-    Apply https://gitlab.gnome.org/GNOME/evince/commit/e02fe9170ad0ac2fd46c75329c4f1d4502d4a362
----
- backend/tiff/tiff-document.c | 17 ++++++++++-------
- 1 file changed, 10 insertions(+), 7 deletions(-)
-
-diff --git a/backend/tiff/tiff-document.c b/backend/tiff/tiff-document.c
-index 0aa31cb6..94adc400 100644
---- a/backend/tiff/tiff-document.c
-+++ b/backend/tiff/tiff-document.c
-@@ -268,13 +268,14 @@ tiff_document_render (EvDocument      *document,
- 		return NULL;                
- 	}
- 	
--	bytes = height * rowstride;
--	if (bytes / rowstride != height) {
-+	if (height >= INT_MAX / rowstride) {
- 		g_warning("Overflow while rendering document.");
- 		/* overflow */
- 		return NULL;
- 	}
- 	
-+	bytes = height * rowstride;
-+
- 	pixels = g_try_malloc (bytes);
- 	if (!pixels) {
- 		g_warning("Failed to allocate memory for rendering.");
-@@ -356,15 +357,17 @@ tiff_document_render_pixbuf (EvDocument      *document,
- 	if (width <= 0 || height <= 0)
- 		return NULL;                
- 
--	rowstride = width * 4;
--	if (rowstride / 4 != width)
-+	if (width >= INT_MAX / 4)
- 		/* overflow */
- 		return NULL;                
-         
--	bytes = height * rowstride;
--	if (bytes / rowstride != height)
-+	rowstride = width * 4;
-+
-+	if (height >= INT_MAX / rowstride)
- 		/* overflow */
--		return NULL;                
-+		return NULL; 
-+
-+	bytes = height * rowstride;               
- 	
- 	pixels = g_try_malloc (bytes);
- 	if (!pixels)
-- 
cgit v1.2.3-70-g09d2