Alejandro Mery
15 years ago
2 changed files with 41 additions and 5 deletions
@ -0,0 +1,38 @@
|
||||
# --- SDE-COPYRIGHT-NOTE-BEGIN ---
|
||||
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
|
||||
#
|
||||
# Filename: package/.../koffice/koffice-xpdf-CVE-2007-3387.patch
|
||||
# Copyright (C) 2009 The OpenSDE Project
|
||||
#
|
||||
# More information can be found in the files COPYING and README.
|
||||
#
|
||||
# This patch file is dual-licensed. It is available under the license the
|
||||
# patched project is licensed under, as long as it is an OpenSource license
|
||||
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
|
||||
# of the GNU General Public License as published by the Free Software
|
||||
# Foundation; either version 2 of the License, or (at your option) any later
|
||||
# version.
|
||||
# --- SDE-COPYRIGHT-NOTE-END ---
|
||||
|
||||
http://mirrors.ibiblio.org/pub/mirrors/kde/security_patches/koffice-xpdf-CVE-2007-3387.diff
|
||||
|
||||
--- ./filters/kword/pdf/xpdf/xpdf/Stream.cc
|
||||
+++ ./filters/kword/pdf/xpdf/xpdf/Stream.cc
|
||||
@@ -413,13 +413,11 @@ StreamPredictor::StreamPredictor(Stream
|
||||
predLine = NULL;
|
||||
ok = gFalse;
|
||||
|
||||
- if (width <= 0 || nComps <= 0 || nBits <= 0 ||
|
||||
- nComps >= INT_MAX / nBits ||
|
||||
- width >= INT_MAX / nComps / nBits)
|
||||
- return;
|
||||
-
|
||||
nVals = width * nComps;
|
||||
- if (nVals * nBits + 7 <= 0)
|
||||
+ if (width <= 0 || nComps <= 0 || nBits <= 0 ||
|
||||
+ nComps >= 4 || nBits > 16 ||
|
||||
+ width >= INT_MAX / nComps ||
|
||||
+ nVals >= (INT_MAX - 7) / nBits)
|
||||
return;
|
||||
|
||||
pixBytes = (nComps * nBits + 7) >> 3;
|
||||
Loading…
Reference in new issue