Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
podofo.34526
r1847-Fix-CVE-2017-7378-Out-of-bounds-read.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File r1847-Fix-CVE-2017-7378-Out-of-bounds-read.patch of Package podofo.34526
------------------------------------------------------------------------ r1847 | aja_ | 2017-05-08 16:15:41 +0200 (lun, 08 may 2017) | 2 lines Fix CVE-2017-7378: Out of bounds read in PdfPainter::ExpandTabs() Index: src/doc/PdfPainter.cpp =================================================================== --- src/doc/PdfPainter.cpp (revision 1846) +++ src/doc/PdfPainter.cpp (revision 1847) @@ -1938,16 +1938,27 @@ const pdf_utf16be cTab = 0x0900; const pdf_utf16be cSpace = 0x2000; + if( lStringLen == -1 ) + lStringLen = rsString.GetCharacterLength(); + + if (lStringLen > rsString.GetCharacterLength()) + { + PdfError::DebugMessage( "Requested to expand tabs in string of %" PDF_FORMAT_INT64 " chars, while it has only %" PDF_FORMAT_INT64 "; correcting the value\n", + static_cast<pdf_int64>( lStringLen ), static_cast<pdf_int64>( rsString.GetCharacterLength() ) ); + + lStringLen = rsString.GetCharacterLength(); + } + // count the number of tabs in the string if( bUnicode ) { - for( i=0;i<=lStringLen;i++ ) + for( i=0;i<lStringLen;i++ ) if( rsString.GetUnicode()[i] == cTab ) ++nTabCnt; } else { - for( i=0;i<=lStringLen;i++ ) + for( i=0;i<lStringLen;i++ ) if( rsString.GetString()[i] == '\t' ) ++nTabCnt; } ------------------------------------------------------------------------
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor