Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Staging:N
texlive
source-bsc1109673.dif
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File source-bsc1109673.dif of Package texlive
Extracted from svn source tree of TeXLive for CVE-2018-17407 (bsc#1109673) ------------------------------------------------------------------------ r48697 | preining | 2018-09-19 06:02:06 +0200 (Wed, 19 Sep 2018) | 1 line writet1 protection against buffer overflow ------------------------------------------------------------------------ | Index: Build/source/texk/dvipsk/ChangeLog | =================================================================== | --- Build/source/texk/dvipsk/ChangeLog (revision 48696) | +++ Build/source/texk/dvipsk/ChangeLog (revision 48697) | @@ -1,3 +1,8 @@ | +2018-09-18 Nick Roessler <nicholas.e.roessler@gmail.com> | + | + * writet1.c (t1_check_unusual_charstring): protect against buffer | + overflow. | + | 2018-04-14 Karl Berry <karl@tug.org> | | * Version 5.998 for TeX Live 2018 release. Index: Build/source/texk/dvipsk/writet1.c =================================================================== --- Build/source/texk/dvipsk/writet1.c (revision 48696) +++ Build/source/texk/dvipsk/writet1.c (revision 48697) @@ -1449,7 +1449,9 @@ *(strend(t1_buf_array) - 1) = ' '; t1_getline(); + alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE); strcat(t1_buf_array, t1_line_array); + alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE); strcpy(t1_line_array, t1_buf_array); t1_line_ptr = eol(t1_line_array); } | Index: Build/source/texk/web2c/luatexdir/ChangeLog | =================================================================== | --- Build/source/texk/web2c/luatexdir/ChangeLog (revision 48696) | +++ Build/source/texk/web2c/luatexdir/ChangeLog (revision 48697) | @@ -1,3 +1,7 @@ | +2018-09-18 Nick Roessler <nicholas.e.roessler@gmail.com> | + * fonts/writet1.w (t1_check_unusual_charstring): protect against | + buffer overflow. | + | 2018-08-27 Luigi Scarso <luigi.scarso@gmail.com> | * dropped dependency from gmp and mpfr | Index: Build/source/texk/web2c/luatexdir/font/writet1.c =================================================================== --- Build/source/texk/web2c/luatexdir/font/writet1.w (revision 48696) +++ Build/source/texk/web2c/luatexdir/font/writet1.w (revision 48697) @@ -1581,7 +1581,9 @@ if (sscanf(p, "%i", &i) != 1) { strcpy(t1_buf_array, t1_line_array); t1_getline(); + alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE); strcat(t1_buf_array, t1_line_array); + alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE); strcpy(t1_line_array, t1_buf_array); t1_line_ptr = eol(t1_line_array); } | Index: Build/source/texk/web2c/pdftexdir/ChangeLog | =================================================================== | --- Build/source/texk/web2c/pdftexdir/ChangeLog (revision 48696) | +++ Build/source/texk/web2c/pdftexdir/ChangeLog (revision 48697) | @@ -1,3 +1,8 @@ | +2018-09-18 Nick Roessler <nicholas.e.roessler@gmail.com> | + | + * writet1.c (t1_check_unusual_charstring): protect against buffer | + overflow. | + | 2018-09-09 Karl Berry <karl@tug.org> | | * expanded.test, Index: Build/source/texk/web2c/pdftexdir/writet1.c =================================================================== --- Build/source/texk/web2c/pdftexdir/writet1.c (revision 48696) +++ Build/source/texk/web2c/pdftexdir/writet1.c (revision 48697) @@ -1598,7 +1598,9 @@ *(strend(t1_buf_array) - 1) = ' '; t1_getline(); + alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE); strcat(t1_buf_array, t1_line_array); + alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE); strcpy(t1_line_array, t1_buf_array); t1_line_ptr = eol(t1_line_array); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor