diff options
author | dillo <dillo@pkgsrc.org> | 2005-12-18 20:05:32 +0000 |
---|---|---|
committer | dillo <dillo@pkgsrc.org> | 2005-12-18 20:05:32 +0000 |
commit | a31cd3b54da2c3bacdcf60d6b0bf75f3955ba5cd (patch) | |
tree | c2bbe5bf9ab51240f331e46aeaf09da3bddc2964 /print/xpdf/patches/patch-at | |
parent | ad67745fd4f0f23cde420ea46c50ed761f4cae41 (diff) | |
download | pkgsrc-a31cd3b54da2c3bacdcf60d6b0bf75f3955ba5cd.tar.gz |
Fix vulnerability CAN-2005-3191. Patch provided by jlam.
Bump PKGREVISION to 2.
Diffstat (limited to 'print/xpdf/patches/patch-at')
-rw-r--r-- | print/xpdf/patches/patch-at | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/print/xpdf/patches/patch-at b/print/xpdf/patches/patch-at new file mode 100644 index 00000000000..1b020dc6867 --- /dev/null +++ b/print/xpdf/patches/patch-at @@ -0,0 +1,28 @@ +$NetBSD: patch-at,v 1.1 2005/12/18 20:05:32 dillo Exp $ + +--- xpdf/Stream.cc.orig 2005-12-15 22:53:25.000000000 -0500 ++++ xpdf/Stream.cc +@@ -2919,11 +2919,7 @@ GBool DCTStream::readBaselineSOF() { + width = read16(); + numComps = str->getChar(); + if (numComps <= 0 || numComps > 4) { +- error(getPos(), "Bad number of components in DCT stream", prec); +- return gFalse; +- } +- if (numComps <= 0 || numComps > 4) { +- error(getPos(), "Bad number of components in DCT stream", prec); ++ error(getPos(), "Bad number of components %d in DCT stream", numComps); + return gFalse; + } + if (prec != 8) { +@@ -2952,6 +2948,10 @@ GBool DCTStream::readProgressiveSOF() { + height = read16(); + width = read16(); + numComps = str->getChar(); ++ if (numComps <= 0 || numComps > 4) { ++ error(getPos(), "Bad number of components %d in DCT stream", numComps); ++ return gFalse; ++ } + if (prec != 8) { + error(getPos(), "Bad DCT precision %d", prec); + return gFalse; |