From a9edfb9df47019496f93cb7c6761ab0bff5c57b8 Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro@gmail.com>
Date: Sep 13 2022 12:26:51 +0000
Subject: Backport fix for CVE-2021-30860


---

diff --git a/1261.patch b/1261.patch
new file mode 100644
index 0000000..e4d2d8f
--- /dev/null
+++ b/1261.patch
@@ -0,0 +1,16 @@
+diff -rupN --no-dereference poppler-21.08.0/poppler/JBIG2Stream.cc poppler-21.08.0-new/poppler/JBIG2Stream.cc
+--- poppler-21.08.0/poppler/JBIG2Stream.cc	2021-08-01 17:19:17.000000000 +0200
++++ poppler-21.08.0-new/poppler/JBIG2Stream.cc	2022-09-13 14:26:47.375613172 +0200
+@@ -1962,7 +1962,11 @@ void JBIG2Stream::readTextRegionSeg(unsi
+     for (i = 0; i < nRefSegs; ++i) {
+         if ((seg = findSegment(refSegs[i]))) {
+             if (seg->getType() == jbig2SegSymbolDict) {
+-                numSyms += ((JBIG2SymbolDict *)seg)->getSize();
++                const unsigned int segSize = ((JBIG2SymbolDict *)seg)->getSize();
++                if (unlikely(checkedAdd(numSyms, segSize, &numSyms))) {
++                    error(errSyntaxError, getPos(), "Too many symbols in JBIG2 text region");
++                    return;
++                }
+             } else if (seg->getType() == jbig2SegCodeTable) {
+                 codeTables.push_back(seg);
+             }
diff --git a/mingw-poppler.spec b/mingw-poppler.spec
index f67c417..7610c50 100644
--- a/mingw-poppler.spec
+++ b/mingw-poppler.spec
@@ -4,7 +4,7 @@
 
 Name:          mingw-%{pkgname}
 Version:       21.08.0
-Release:       1%{?dist}
+Release:       2%{?dist}
 Summary:       MinGW Windows Poppler library
 
 License:       (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
@@ -14,6 +14,8 @@ Source0:       http://poppler.freedesktop.org/%{pkgname}-%{version}.tar.xz
 
 # Downstream fix for CVE-2017-9083 (#1453200)
 Patch1:        poppler_CVE-2017-9083.patch
+# Backport fix for CVE-2021-30860
+Patch2:        https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1261.patch
 
 BuildRequires: make
 BuildRequires: cmake
@@ -213,6 +215,9 @@ rm -f %{buildroot}%{mingw64_bindir}/*.exe
 
 
 %changelog
+* Tue Sep 13 2022 Sandro Mani <manisandro@gmail.com> - 21.08.0-2
+- Backport fix for CVE-2021-30860
+
 * Mon Aug 02 2021 Sandro Mani <manisandro@gmail.com> - 21.08.0-1
 - Update to 21.08.0
 
diff --git a/poppler_CVE-2017-9083.patch b/poppler_CVE-2017-9083.patch
index bbc96fc..ec90df5 100644
--- a/poppler_CVE-2017-9083.patch
+++ b/poppler_CVE-2017-9083.patch
@@ -1,6 +1,6 @@
 diff -rupN --no-dereference poppler-21.08.0/poppler/JPXStream.cc poppler-21.08.0-new/poppler/JPXStream.cc
 --- poppler-21.08.0/poppler/JPXStream.cc	2021-08-01 17:19:17.000000000 +0200
-+++ poppler-21.08.0-new/poppler/JPXStream.cc	2021-08-02 14:39:53.253517600 +0200
++++ poppler-21.08.0-new/poppler/JPXStream.cc	2022-09-13 14:26:47.308613177 +0200
 @@ -912,6 +912,10 @@ bool JPXStream::readCodestream(unsigned
                  error(errSyntaxError, getPos(), "Different number of components in JPX SIZ marker segment");
                  return false;