Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Update to 9.0.0
Changelog:
9.0.0: August 31, 2019
Incompatible API (source-level) Changes (minor)
The method QUtil::strcasecmp has been renamed to \
QUtil::str_compare_nocase. This incompatible change is necessary to enable qpdf \
to build on platforms that define strcasecmp as a macro.
The QPDF::copyForeignObject method had an overloaded version that \
took a boolean parameter that was not used. If you were using this version, just \
omit the extra parameter.
There was a version QPDFTokenizer::expectInlineImage that took no \
arguments. This version has been removed since it caused the tokenizer to return \
incorrect inline images. A new version was added some time ago that produces \
correct output. This is a very low level method that doesn't make sense to call \
outside of qpdf's lexical engine. There are higher level methods for tokenizing \
content streams.
Change QPDFOutlineDocumentHelper::getTopLevelOutlines and \
QPDFOutlineObjectHelper::getKids to return a std::vector instead of a std::list \
of QPDFOutlineObjectHelper objects.
Remove method QPDFTokenizer::allowPoundAnywhereInName. This function \
would allow creation of name tokens whose value would change when unparsed, \
which is never the correct behavior.
When qpdf --check or qpdf --check-linearization encounters a file \
with linearization warnings but not errors, it now properly exits with exit code \
3 instead of 2.
CLI Enhancements
The --replace-input option may be given in place of an output file \
name. This causes qpdf to overwrite the input file with the output. See the \
description of --replace-input in Section 3.3, “Basic Options” for more \
details.
The --recompress-flate instructs qpdf to recompress streams that are \
already compressed with /FlateDecode. Useful with --compression-level.
The --compression-level=level sets the zlib compression level used \
for any streams compressed by /FlateDecode. Most effective when combined with \
--recompress-flate.
Library Enhancements
A new namespace QIntC, provided by qpdf/QIntC.hh, provides safe \
conversion methods between different integer types. These conversion methods do \
range checking to ensure that the cast can be performed with no loss of \
information. Every use of static_cast in the library was inspected to see if it \
could use one of these safe converters instead. See Section 7.5, “Casting \
Policy” for additional details.
Method QPDF::anyWarnings tells whether there have been any warnings \
without clearing the list of warnings.
Method QPDF::closeInputSource closes or otherwise releases the input \
source. This enables the input file to be deleted or renamed.
New methods have been added to QUtil for converting back and forth \
between strings and unsigned integers: uint_to_string, uint_to_string_base, \
string_to_uint, and string_to_ull.
New methods have been added to QPDFObjectHandle that return the \
value of Integer objects as int or unsigned int with range checking and sensible \
fallback values, and a new method was added to return an unsigned value. This \
makes it easier to write code that is safe from unintentional data loss. \
Functions: getUIntValue, getIntVauleAsInt, getUIntValueAsUInt.
When parsing content streams with QPDFObjectHandle::ParserCallbacks, \
in place of the method handleObject(QPDFObjectHandle), the developer may \
override handleObject(QPDFObjectHandle, size_t offset, size_t length). If this \
method is defined, it will be invoked with the object along with its offset and \
length within the overall contents being parsed. Intervening spaces and comments \
are not included in offset and length. Additionally, a new method \
contentSize(size_t) may be implemented. If present, it will be called prior to \
the first call to handleObject with the total size in bytes of the combined \
contents.
New methods QPDF::userPasswordMatched and QPDF::ownerPasswordMatched \
have been added to enable a caller to determine whether the supplied password \
was the user password, the owner password, or both. This information is also \
displayed by qpdf --show-encryption and qpdf --check.
Static method Pl_Flate::setCompressionLevel can be called to set the \
zlib compression level globally used by all instances of Pl_Flate in deflate \
mode.
The method QPDFWriter::setRecompressFlate can be called to tell \
QPDFWriter to uncompress and recompress streams already compressed with \
/FlateDecode.
The underlying implementation of QPDF arrays has been enhanced to be \
much more memory efficient when dealing with arrays with lots of nulls. This \
enables qpdf to use drastically less memory for certain types of files.
When traversing the pages tree, if nodes are encountered with \
invalid types, the types are fixed, and a warning is issued.
A new helper method QUtil::read_file_into_memory was added.
All conditions previously reported by QPDF::checkLinearization() as \
errors are now presented as warnings.
Name tokens containing the # character not preceded by two \
hexadecimal digits, which is invalid in PDF 1.2 and above, are properly handled \
by the library: a warning is generated, and the name token is properly \
preserved, even if invalid, in the output. See ChangeLog for a more complete \
description of this change.
Bug Fixes
A small handful of memory issues, assertion failures, and unhandled \
exceptions that could occur on badly mangled input files have been fixed. Most \
of these problems were found by Google's OSS-Fuzz project.
When qpdf --check or qpdf --check-linearization encounters a file \
with linearization warnings but not errors, it now properly exits with exit code \
3 instead of 2.
The --completion-bash and --completion-zsh options now work properly \
when qpdf is invoked as an AppImage.
Calling QPDFWriter::set*EncryptionParameters on a QPDFWriter object \
whose output filename has not yet been set no longer produces a segmentation \
fault.
When reading encrypted files, follow the spec more closely regarding \
encryption key length. This allows qpdf to open encrypted files in most cases \
when they have invalid or missing /Length keys in the encryption dictionary.
When qpdf --check or qpdf --check-linearization encounters a file \
with linearization warnings but not errors, it now properly exits with exit code \
3 instead of 2.
Build Changes
On platforms that support it, qpdf now builds with \
-fvisibility=hidden. If you build qpdf with your own build system, this is now \
safe to use. This prevents methods that are not part of the public API from \
being exported by the shared library, and makes qpdf's ELF shared libraries \
(used on Linux, MacOS, and most other UNIX flavors) behave more like the Windows \
DLL. Since the DLL already behaves in much this way, it is unlikely that there \
are any methods that were accidentally not exported. However, with ELF shared \
libraries, typeinfo for some classes has to be explicitly exported. If there are \
problems in dynamically linked code catching exceptions or subclassing, this \
could be the reason. If you see this, please report a bug at pikepdf.
QPDF is now compiled with integer conversion and sign conversion \
warnings enabled. Numerous changes were made to the library to make this safe.
QPDF's make install target explicitly specifies the mode to use when \
installing files instead of relying the user's umask. It was previously doing \
this for some files but not others.
If pkg-config is available, use it to locate libjpeg and zlib \
dependencies, falling back on old behavior if unsuccessful.
Other Notes
QPDF has been fully integrated into Google's OSS-Fuzz project. This \
project exercises code with randomly mutated inputs and is great for discovering \
hidden security crashes and security issues. Several bugs found by oss-fuzz have \
already been fixed in qpdf.
| Revision | Action | file |
| 1.29 | modify | pkgsrc/print/qpdf/Makefile |
| 1.9 | modify | pkgsrc/print/qpdf/PLIST |
| 1.5 | modify | pkgsrc/print/qpdf/buildlink3.mk |
| 1.24 | modify | pkgsrc/print/qpdf/distinfo |