diff options
author | Andreas Sturmlechner <asturm@gentoo.org> | 2017-11-24 22:31:04 +0100 |
---|---|---|
committer | Andreas Sturmlechner <asturm@gentoo.org> | 2017-11-25 00:06:22 +0100 |
commit | ccd22f376de6de2c8160d808451f320dc658565b (patch) | |
tree | 854a1f521c8fde06264b5aa1001c56c0d6633311 | |
parent | app-text/poppler: Fix CVE-2017-145{18,19,20} (diff) | |
download | gentoo-ccd22f376de6de2c8160d808451f320dc658565b.tar.gz gentoo-ccd22f376de6de2c8160d808451f320dc658565b.tar.bz2 gentoo-ccd22f376de6de2c8160d808451f320dc658565b.zip |
app-text/poppler: Fix CVE-2017-14617
Bug: https://bugs.gentoo.org/631596
Package-Manager: Portage-2.3.16, Repoman-2.3.6
-rw-r--r-- | app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch | 31 | ||||
-rw-r--r-- | app-text/poppler/poppler-0.57.0-r1.ebuild | 1 |
2 files changed, 32 insertions, 0 deletions
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch new file mode 100644 index 000000000000..279479536129 --- /dev/null +++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch @@ -0,0 +1,31 @@ +From 939465c40902d72e0c05d4f3a27ee67e4a007ed7 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid <aacid@kde.org> +Date: Tue, 19 Sep 2017 21:19:03 +0200 +Subject: [PATCH] Fix crash in broken files + +Bug #102854 +--- + poppler/Stream.cc | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/poppler/Stream.cc b/poppler/Stream.cc +index f4eda85b..0ad602c7 100644 +--- a/poppler/Stream.cc ++++ b/poppler/Stream.cc +@@ -454,11 +454,10 @@ ImageStream::ImageStream(Stream *strA, int widthA, int nCompsA, int nBitsA) { + } else { + imgLineSize = nVals; + } +- if (width > INT_MAX / nComps) { +- // force a call to gmallocn(-1,...), which will throw an exception ++ if (nComps <= 0 || width > INT_MAX / nComps) { + imgLineSize = -1; + } +- imgLine = (Guchar *)gmallocn(imgLineSize, sizeof(Guchar)); ++ imgLine = (Guchar *)gmallocn_checkoverflow(imgLineSize, sizeof(Guchar)); + } + imgIdx = nVals; + } +-- +2.14.1 + diff --git a/app-text/poppler/poppler-0.57.0-r1.ebuild b/app-text/poppler/poppler-0.57.0-r1.ebuild index a19b815e5955..b7a421f73e2c 100644 --- a/app-text/poppler/poppler-0.57.0-r1.ebuild +++ b/app-text/poppler/poppler-0.57.0-r1.ebuild @@ -70,6 +70,7 @@ PATCHES=( "${FILESDIR}/${P}-CVE-2017-14518.patch" "${FILESDIR}/${P}-CVE-2017-14519.patch" "${FILESDIR}/${P}-CVE-2017-14520.patch" + "${FILESDIR}/${P}-CVE-2017-14617.patch" "${FILESDIR}/${P}-CVE-2017-14926.patch" "${FILESDIR}/${P}-CVE-2017-14927.patch" "${FILESDIR}/${P}-CVE-2017-14928.patch" |