[security] xpdf: added a patch for CVE-2007-3387
See http://secunia.com/cve_reference/CVE-2007-3387/ for more information.
This commit is contained in:
parent
d666be09ba
commit
6a499eb7da
@ -1 +1,2 @@
|
||||
877118786dfe27d1b7aa5a6759cc6e45 xpdf-3.02.patch
|
||||
599dc4cc65a07ee868cf92a667a913d2 xpdf-3.02.tar.gz
|
||||
|
@ -6,11 +6,13 @@
|
||||
|
||||
name=xpdf
|
||||
version=3.02
|
||||
release=1
|
||||
source=(ftp://ftp.foolabs.com/pub/xpdf/$name-$version.tar.gz)
|
||||
release=2
|
||||
source=(ftp://ftp.foolabs.com/pub/xpdf/$name-$version.tar.gz
|
||||
$name-$version.patch)
|
||||
|
||||
build() {
|
||||
cd $name-$version
|
||||
patch -p1 -i $SRC/$name-$version.patch
|
||||
./configure \
|
||||
--prefix=/usr \
|
||||
--with-Xm-library=/usr/lib \
|
||||
|
33
xpdf/xpdf-3.02.patch
Normal file
33
xpdf/xpdf-3.02.patch
Normal file
@ -0,0 +1,33 @@
|
||||
*** xpdf-3.02.orig/xpdf/Stream.cc Tue Feb 27 14:05:52 2007
|
||||
--- xpdf-3.02/xpdf/Stream.cc Thu Jul 26 14:44:43 2007
|
||||
***************
|
||||
*** 410,424 ****
|
||||
ok = gFalse;
|
||||
|
||||
nVals = width * nComps;
|
||||
- if (width <= 0 || nComps <= 0 || nBits <= 0 ||
|
||||
- nComps >= INT_MAX / nBits ||
|
||||
- width >= INT_MAX / nComps / nBits ||
|
||||
- nVals * nBits + 7 < 0) {
|
||||
- return;
|
||||
- }
|
||||
pixBytes = (nComps * nBits + 7) >> 3;
|
||||
rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
|
||||
! if (rowBytes <= 0) {
|
||||
return;
|
||||
}
|
||||
predLine = (Guchar *)gmalloc(rowBytes);
|
||||
--- 410,422 ----
|
||||
ok = gFalse;
|
||||
|
||||
nVals = width * nComps;
|
||||
pixBytes = (nComps * nBits + 7) >> 3;
|
||||
rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
|
||||
! if (width <= 0 || nComps <= 0 || nBits <= 0 ||
|
||||
! nComps > gfxColorMaxComps ||
|
||||
! nBits > 16 ||
|
||||
! width >= INT_MAX / nComps || // check for overflow in nVals
|
||||
! nVals >= (INT_MAX - 7) / nBits) { // check for overflow in rowBytes
|
||||
return;
|
||||
}
|
||||
predLine = (Guchar *)gmalloc(rowBytes);
|
Loading…
Reference in New Issue
Block a user