diff options
| author | drochner <drochner> | 2005-03-02 18:33:02 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2005-03-02 18:33:02 +0000 |
| commit | 34c030a4812371b1a281203ba424c375d8a3984c (patch) | |
| tree | 5ddd578985ad50c312c47c69faa33b8596d837e2 /print/cups/patches/patch-av | |
| parent | 16bffd37ec359356555bf4d1908770bca9c0fad6 (diff) | |
| download | pkgsrc-34c030a4812371b1a281203ba424c375d8a3984c.tar.gz | |
Fix CAN-2005-0206:
An overflow check introduced earlier (for CAN-2004-0888) was never
triggered on 64-bit systems because 64-bit arithmetics was used there.
Sprinkle some casts to int su that the overflow can happen.
This fix is similar to the redhat one. The fix for similar code
in print/teTeX-bin looks much cleaner, but since cups already contains
the wrong redhad fix, I've chosen to stay close to the original.
bump PKGREVISION
Diffstat (limited to 'print/cups/patches/patch-av')
| -rw-r--r-- | print/cups/patches/patch-av | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/print/cups/patches/patch-av b/print/cups/patches/patch-av new file mode 100644 index 00000000000..a0f6580b1ee --- /dev/null +++ b/print/cups/patches/patch-av @@ -0,0 +1,25 @@ +$NetBSD: patch-av,v 1.3 2005/03/02 18:33:02 drochner Exp $ + +--- pdftops/Catalog.cxx.orig 2005-03-01 15:38:37.000000000 +0100 ++++ pdftops/Catalog.cxx +@@ -64,8 +64,8 @@ Catalog::Catalog(XRef *xrefA) { + } + pagesSize = numPages0 = (int)obj.getNum(); + obj.free(); +- if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize || +- pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) { ++ if (pagesSize*(int)sizeof(Page *)/sizeof(Page *) != pagesSize || ++ pagesSize*(int)sizeof(Ref)/sizeof(Ref) != pagesSize) { + error(-1, "Invalid 'pagesSize'"); + ok = gFalse; + return; +@@ -197,7 +197,8 @@ int Catalog::readPageTree(Dict *pagesDic + } + if (start >= pagesSize) { + pagesSize += 32; +- if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize) { ++ if (pagesSize*(int)sizeof(Page *)/sizeof(Page *) != pagesSize || ++ pagesSize*(int)sizeof(Ref)/sizeof(Ref) != pagesSize) { + error(-1, "Invalid 'pagesSize' parameter."); + goto err3; + } |