Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
poppler-qt5.31256
CVE-2017-14617.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-14617.patch of Package poppler-qt5.31256
From 939465c40902d72e0c05d4f3a27ee67e4a007ed7 Mon Sep 17 00:00:00 2001 From: Albert Astals Cid <aacid@kde.org> Date: Tue, 19 Sep 2017 21:19:03 +0200 Subject: [PATCH] Fix crash in broken files Bug #102854 --- poppler/Stream.cc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/poppler/Stream.cc b/poppler/Stream.cc index f4eda85b..0ad602c7 100644 --- a/poppler/Stream.cc +++ b/poppler/Stream.cc @@ -454,11 +454,10 @@ ImageStream::ImageStream(Stream *strA, int widthA, int nCompsA, int nBitsA) { } else { imgLineSize = nVals; } - if (width > INT_MAX / nComps) { - // force a call to gmallocn(-1,...), which will throw an exception + if (nComps <= 0 || width > INT_MAX / nComps) { imgLineSize = -1; } - imgLine = (Guchar *)gmallocn(imgLineSize, sizeof(Guchar)); + imgLine = (Guchar *)gmallocn_checkoverflow(imgLineSize, sizeof(Guchar)); } imgIdx = nVals; } -- 2.14.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
