blob: d64973d8e7d7b374847c1bf1ea897d94a63c1ef5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
$NetBSD: patch-ac,v 1.1.2.2 2006/12/09 08:38:35 salo Exp $
Fix for CVE-2006-5864. From evince CVS
http://cvs.gnome.org/viewcvs/evince/ps/ps.c?r1=1.6&r2=1.6.6.1
--- ps/ps.c.orig 2006-01-07 00:03:44.000000000 +0100
+++ ps/ps.c
@@ -1231,7 +1231,8 @@ get_next_text(line, next_char)
int level = 0;
quoted = 1;
line++;
- while(*line && !(*line == ')' && level == 0)) {
+ while(*line && !(*line == ')' && level == 0)
+ && (cp - text) < PSLINELENGTH - 1) {
if(*line == '\\') {
if(*(line + 1) == 'n') {
*cp++ = '\n';
@@ -1302,7 +1303,8 @@ get_next_text(line, next_char)
}
}
else {
- while(*line && !(*line == ' ' || *line == '\t' || *line == '\n'))
+ while(*line && !(*line == ' ' || *line == '\t' || *line == '\n')
+ && (cp - text) < PSLINELENGTH - 1)
*cp++ = *line++;
}
*cp = '\0';
|