diff options
Diffstat (limited to 'print/mupdf/patches/patch-CVE-2017-14686')
| -rw-r--r-- | print/mupdf/patches/patch-CVE-2017-14686 | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/print/mupdf/patches/patch-CVE-2017-14686 b/print/mupdf/patches/patch-CVE-2017-14686 deleted file mode 100644 index b0023929b19..00000000000 --- a/print/mupdf/patches/patch-CVE-2017-14686 +++ /dev/null @@ -1,19 +0,0 @@ -$NetBSD: patch-CVE-2017-14686,v 1.1 2017/10/25 11:00:03 leot Exp $ - -Fix bug 698540: Check name, comment and meta size field signs. -(AKA CVE-2017-14686) - -From upstream commit 0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1 - ---- source/fitz/unzip.c.orig -+++ source/fitz/unzip.c -@@ -141,6 +141,9 @@ static void read_zip_dir_imp(fz_context *ctx, fz_zip_archive *zip, int start_off - (void) fz_read_int32_le(ctx, file); /* ext file atts */ - offset = fz_read_int32_le(ctx, file); - -+ if (namesize < 0 || metasize < 0 || commentsize < 0) -+ fz_throw(ctx, FZ_ERROR_GENERIC, "invalid size in zip entry"); -+ - name = fz_malloc(ctx, namesize + 1); - n = fz_read(ctx, file, (unsigned char*)name, namesize); - if (n < (size_t)namesize) |