Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
poppler-qt5.30206
CVE-2019-9959.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2019-9959.patch of Package poppler-qt5.30206
From 68ef84e5968a4249c2162b839ca6d7975048a557 Mon Sep 17 00:00:00 2001 From: Albert Astals Cid <aacid@kde.org> Date: Mon, 15 Jul 2019 23:24:22 +0200 Subject: [PATCH] JPXStream::init: ignore dict Length if clearly broken Fixes issue #805 --- poppler/JPEG2000Stream.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: poppler-0.43.0/poppler/JPEG2000Stream.cc =================================================================== --- poppler-0.43.0.orig/poppler/JPEG2000Stream.cc +++ poppler-0.43.0/poppler/JPEG2000Stream.cc @@ -201,7 +201,7 @@ void JPXStream::init() if (getDict()) getDict()->lookup("SMaskInData", &smaskInData); int bufSize = BUFFER_INITIAL_SIZE; - if (oLen.isInt()) bufSize = oLen.getInt(); + if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); oLen.free(); if (cspace.isArray() && cspace.arrayGetLength() > 0) { @@ -368,7 +368,7 @@ void JPXStream::init() if (getDict()) getDict()->lookup("SMaskInData", &smaskInData); int bufSize = BUFFER_INITIAL_SIZE; - if (oLen.isInt()) bufSize = oLen.getInt(); + if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt(); oLen.free(); if (cspace.isArray() && cspace.arrayGetLength() > 0) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
