diff options
author | Antti Nykanen <aon@iki.fi> | 2007-08-11 00:09:55 +0300 |
---|---|---|
committer | Antti Nykanen <aon@iki.fi> | 2007-08-11 00:09:55 +0300 |
commit | 6a499eb7da2e05a5529e191f7836d55c8604f60e (patch) | |
tree | 41059a7d2cb5e6735f430a242da2dc0eedac0eeb /xpdf | |
parent | d666be09ba8521a0a0b25d29100c8b935f00c884 (diff) | |
download | opt-6a499eb7da2e05a5529e191f7836d55c8604f60e.tar.gz opt-6a499eb7da2e05a5529e191f7836d55c8604f60e.tar.xz |
[security] xpdf: added a patch for CVE-2007-3387
See http://secunia.com/cve_reference/CVE-2007-3387/ for more information.
Diffstat (limited to 'xpdf')
-rw-r--r-- | xpdf/.md5sum | 1 | ||||
-rw-r--r-- | xpdf/Pkgfile | 6 | ||||
-rw-r--r-- | xpdf/xpdf-3.02.patch | 33 |
3 files changed, 38 insertions, 2 deletions
diff --git a/xpdf/.md5sum b/xpdf/.md5sum index eee0931ce..6c9cfacd5 100644 --- a/xpdf/.md5sum +++ b/xpdf/.md5sum @@ -1 +1,2 @@ +877118786dfe27d1b7aa5a6759cc6e45 xpdf-3.02.patch 599dc4cc65a07ee868cf92a667a913d2 xpdf-3.02.tar.gz diff --git a/xpdf/Pkgfile b/xpdf/Pkgfile index 75a8dfe5f..a599a4d1f 100644 --- a/xpdf/Pkgfile +++ b/xpdf/Pkgfile @@ -6,11 +6,13 @@ name=xpdf version=3.02 -release=1 -source=(ftp://ftp.foolabs.com/pub/xpdf/$name-$version.tar.gz) +release=2 +source=(ftp://ftp.foolabs.com/pub/xpdf/$name-$version.tar.gz + $name-$version.patch) build() { cd $name-$version + patch -p1 -i $SRC/$name-$version.patch ./configure \ --prefix=/usr \ --with-Xm-library=/usr/lib \ diff --git a/xpdf/xpdf-3.02.patch b/xpdf/xpdf-3.02.patch new file mode 100644 index 000000000..cd42fb962 --- /dev/null +++ b/xpdf/xpdf-3.02.patch @@ -0,0 +1,33 @@ +*** xpdf-3.02.orig/xpdf/Stream.cc Tue Feb 27 14:05:52 2007 +--- xpdf-3.02/xpdf/Stream.cc Thu Jul 26 14:44:43 2007 +*************** +*** 410,424 **** + ok = gFalse; + + nVals = width * nComps; +- if (width <= 0 || nComps <= 0 || nBits <= 0 || +- nComps >= INT_MAX / nBits || +- width >= INT_MAX / nComps / nBits || +- nVals * nBits + 7 < 0) { +- return; +- } + pixBytes = (nComps * nBits + 7) >> 3; + rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes; +! if (rowBytes <= 0) { + return; + } + predLine = (Guchar *)gmalloc(rowBytes); +--- 410,422 ---- + ok = gFalse; + + nVals = width * nComps; + pixBytes = (nComps * nBits + 7) >> 3; + rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes; +! if (width <= 0 || nComps <= 0 || nBits <= 0 || +! nComps > gfxColorMaxComps || +! nBits > 16 || +! width >= INT_MAX / nComps || // check for overflow in nVals +! nVals >= (INT_MAX - 7) / nBits) { // check for overflow in rowBytes + return; + } + predLine = (Guchar *)gmalloc(rowBytes); |