Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
poppler-qt.31743
CVE-2017-1000456.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-1000456.patch of Package poppler-qt.31743
From 7ee9dadef37b20bca707a6b1e858e17d191e368b Mon Sep 17 00:00:00 2001 From: Jason Crain <jason@inspiresomeone.us> Date: Thu, 5 Oct 2017 15:32:13 -0500 Subject: TextOutputDev: Fix crash in fuzzed file This file crashes pdftotext because it positions texts past INT_MIN, leading to overflow in subsequent calculations. Bug #103116 --- poppler/TextOutputDev.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) Index: poppler-0.24.4/poppler/TextOutputDev.cc =================================================================== --- poppler-0.24.4.orig/poppler/TextOutputDev.cc 2018-06-06 09:25:22.572900612 +0000 +++ poppler-0.24.4/poppler/TextOutputDev.cc 2018-06-06 09:26:45.991374271 +0000 @@ -623,6 +623,11 @@ void TextPool::addWord(TextWord *word) { // expand the array if needed wordBaseIdx = (int)(word->base / textPoolStep); + if (unlikely(wordBaseIdx <= INT_MIN + 128 || wordBaseIdx >= INT_MAX - 128)) { + error(errSyntaxWarning, -1, "wordBaseIdx out of range"); + delete word; + return; + } if (minBaseIdx > maxBaseIdx) { minBaseIdx = wordBaseIdx - 128; maxBaseIdx = wordBaseIdx + 128;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor