commit 332ef1804519f4a9f0938741d13e8b0b94adb4a5881572392d68b21f4eddb811 Author: Adrian Schröter Date: Sat May 4 01:55:15 2024 +0200 Sync from SUSE:SLFO:Main woff2 revision f4c273a3bcd2307971c065515eba0ec6 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..e4c1011 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,3 @@ +libwoff2common1_0_2 +libwoff2dec1_0_2 +libwoff2enc1_0_2 diff --git a/install-executables.patch b/install-executables.patch new file mode 100644 index 0000000..833102f --- /dev/null +++ b/install-executables.patch @@ -0,0 +1,20 @@ +diff -Nur woff2-1.0.2/CMakeLists.txt new/CMakeLists.txt +--- woff2-1.0.2/CMakeLists.txt 2017-11-13 19:31:28.000000000 +0100 ++++ new/CMakeLists.txt 2023-01-06 12:19:53.666418912 +0100 +@@ -260,12 +260,10 @@ + LIBRARIES woff2enc) + + # Installation +-if (NOT BUILD_SHARED_LIBS) +- install( +- TARGETS woff2_decompress woff2_compress woff2_info +- RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" +- ) +-endif() ++install( ++ TARGETS woff2_decompress woff2_compress woff2_info ++ RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" ++) + + install( + TARGETS woff2common woff2dec woff2enc diff --git a/woff2-1.0.2.tar.gz b/woff2-1.0.2.tar.gz new file mode 100644 index 0000000..7302bcd --- /dev/null +++ b/woff2-1.0.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:add272bb09e6384a4833ffca4896350fdb16e0ca22df68c0384773c67a175594 +size 38934 diff --git a/woff2-fix-overflow-when-decoding-glyf.patch b/woff2-fix-overflow-when-decoding-glyf.patch new file mode 100644 index 0000000..31c10a4 --- /dev/null +++ b/woff2-fix-overflow-when-decoding-glyf.patch @@ -0,0 +1,47 @@ +From 3831354113db8803fb1f5ba196cf0bbb537578dd Mon Sep 17 00:00:00 2001 +From: Garret Rieger +Date: Thu, 31 May 2018 17:54:06 -0700 +Subject: [PATCH] [subset] Check for overflow when decoding glyf. + +--- + src/woff2_dec.cc | 19 ++++++++++++++++--- + 1 file changed, 16 insertions(+), 3 deletions(-) + +diff --git a/src/woff2_dec.cc b/src/woff2_dec.cc +index 8186c8e..25e18c6 100644 +--- a/src/woff2_dec.cc ++++ b/src/woff2_dec.cc +@@ -111,6 +111,16 @@ int WithSign(int flag, int baseval) { + return (flag & 1) ? baseval : -baseval; + } + ++bool _SafeIntAddition(int a, int b, int* result) { ++ if (PREDICT_FALSE( ++ ((a > 0) && (b > std::numeric_limits::max() - a)) || ++ ((a < 0) && (b < std::numeric_limits::min() - a)))) { ++ return false; ++ } ++ *result = a + b; ++ return true; ++} ++ + bool TripletDecode(const uint8_t* flags_in, const uint8_t* in, size_t in_size, + unsigned int n_points, Point* result, size_t* in_bytes_consumed) { + int x = 0; +@@ -166,9 +176,12 @@ bool TripletDecode(const uint8_t* flags_in, const uint8_t* in, size_t in_size, + (in[triplet_index + 2] << 8) + in[triplet_index + 3]); + } + triplet_index += n_data_bytes; +- // Possible overflow but coordinate values are not security sensitive +- x += dx; +- y += dy; ++ if (!_SafeIntAddition(x, dx, &x)) { ++ return false; ++ } ++ if (!_SafeIntAddition(y, dy, &y)) { ++ return false; ++ } + *result++ = {x, y, on_curve}; + } + *in_bytes_consumed = triplet_index; + diff --git a/woff2.changes b/woff2.changes new file mode 100644 index 0000000..395c836 --- /dev/null +++ b/woff2.changes @@ -0,0 +1,22 @@ +------------------------------------------------------------------- +Fri Jan 6 11:21:56 UTC 2023 - Ferdinand Thiessen + +- Add install-executables.patch to install woff2 tools + +------------------------------------------------------------------- +Tue Jul 24 08:57:10 UTC 2018 - bjorn.lie@gmail.com + +- Add woff2-fix-overflow-when-decoding-glyf.patch: Check for + overflow when decoding glyf. +- Add libwoff2dec1_0_2 and libwoff2enc1_0_2 to baselibs.conf too. + +------------------------------------------------------------------- +Wed Jul 11 18:28:52 UTC 2018 - bjorn.lie@gmail.com + +- Add baselibs.conf, build 32bit support libs. + +------------------------------------------------------------------- +Tue May 1 17:45:14 UTC 2018 - bjorn.lie@gmail.com + +- Initial packaging. + diff --git a/woff2.spec b/woff2.spec new file mode 100644 index 0000000..95a70bc --- /dev/null +++ b/woff2.spec @@ -0,0 +1,149 @@ +# +# spec file for package woff2 +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define soname 1_0_2 + +Name: woff2 +Version: 1.0.2 +Release: 0 +Summary: Web Open Font Format 2.0 library +License: MIT +Group: Development/Libraries/C and C++ +URL: https://github.com/google/woff2 +Source0: https://github.com/google/woff2/archive/v%{version}/%{name}-%{version}.tar.gz +Source99: baselibs.conf +# PATCH-FIX-UPSTREAM woff2-fix-overflow-when-decoding-glyf.patch -- Check for overflow when decoding glyf +Patch0: woff2-fix-overflow-when-decoding-glyf.patch +# PATCH-FIX-OPENSUSE install-executables.patch -- Install woff tools +Patch1: install-executables.patch +BuildRequires: cmake +BuildRequires: gcc-c++ +BuildRequires: pkgconfig +BuildRequires: pkgconfig(libbrotlidec) >= 1.0 +BuildRequires: pkgconfig(libbrotlienc) >= 1.0 + +%description +Web Open Font Format (WOFF) 2.0 is an update to the existing WOFF +1.0 with improved compression that is achieved by using the Brotli +algorithm. The primary purpose of the WOFF2 format is to +efficiently package fonts linked to Web documents by means of CSS +@font-face rules. + +%package -n libwoff2common%{soname} +Summary: Shared library for %{name} +Group: System/Libraries + +%description -n libwoff2common%{soname} +Web Open Font Format (WOFF) 2.0 is an update to the existing WOFF +1.0 with improved compression that is achieved by using the Brotli +algorithm. The primary purpose of the WOFF2 format is to +efficiently package fonts linked to Web documents by means of CSS +@font-face rules. + +This package contains the shared library for %{name}. + +%package -n libwoff2dec%{soname} +Summary: Shared library for %{name} +Group: System/Libraries + +%description -n libwoff2dec%{soname} +Web Open Font Format (WOFF) 2.0 is an update to the existing WOFF +1.0 with improved compression that is achieved by using the Brotli +algorithm. The primary purpose of the WOFF2 format is to +efficiently package fonts linked to Web documents by means of CSS +@font-face rules. + +This package contains the shared library for %{name}. + +%package -n libwoff2enc%{soname} +Summary: Shared library for %{name} +Group: System/Libraries + +%description -n libwoff2enc%{soname} +Web Open Font Format (WOFF) 2.0 is an update to the existing WOFF +1.0 with improved compression that is achieved by using the Brotli +algorithm. The primary purpose of the WOFF2 format is to +efficiently package fonts linked to Web documents by means of CSS +@font-face rules. + +This package contains the shared library for %{name}. + +%package devel +Summary: Development files for %{name} +Group: Development/Libraries/C and C++ +Requires: libwoff2common%{soname} = %{version} +Requires: libwoff2dec%{soname} = %{version} +Requires: libwoff2enc%{soname} = %{version} + +%description devel +Web Open Font Format (WOFF) 2.0 is an update to the existing WOFF +1.0 with improved compression that is achieved by using the Brotli +algorithm. The primary purpose of the WOFF2 format is to +efficiently package fonts linked to Web documents by means of CSS +@font-face rules. + +This package contains development files for %{name}. + +%prep +%autosetup -p1 + +%build +%cmake \ + -DBUILD_SHARED_LIBS=ON \ + -DBUILD_STATIC_LIBS=OFF \ + -DCMAKE_INSTALL_PREFIX="%{_prefix}" \ + -DCMAKE_INSTALL_LIBDIR="%{_libdir}" \ + %{nil} +%make_build + +%install +%cmake_install + +%post -n libwoff2common%{soname} -p /sbin/ldconfig +%postun -n libwoff2common%{soname} -p /sbin/ldconfig + +%post -n libwoff2dec%{soname} -p /sbin/ldconfig +%postun -n libwoff2dec%{soname} -p /sbin/ldconfig + +%post -n libwoff2enc%{soname} -p /sbin/ldconfig +%postun -n libwoff2enc%{soname} -p /sbin/ldconfig + +%files +%license LICENSE +%{_bindir}/woff2_* + +%files -n libwoff2common%{soname} +%license LICENSE +%{_libdir}/libwoff2common.so.* + +%files -n libwoff2dec%{soname} +%{_libdir}/libwoff2dec.so.* + +%files -n libwoff2enc%{soname} +%{_libdir}/libwoff2enc.so.* + +%files devel +%{_includedir}/woff2 +%{_libdir}/libwoff2common.so +%{_libdir}/libwoff2dec.so +%{_libdir}/libwoff2enc.so +%{_libdir}/pkgconfig/libwoff2common.pc +%{_libdir}/pkgconfig/libwoff2dec.pc +%{_libdir}/pkgconfig/libwoff2enc.pc + +%changelog