Overview

File okular_cve-2010-2575.patch of Package kdegraphics4

Index: generators/plucker/unpluck/image.cpp
===================================================================
--- generators/plucker/unpluck/image.cpp	(revision 1162413)
+++ generators/plucker/unpluck/image.cpp	(working copy)
@@ -289,8 +289,23 @@
             for (j = 0; j < bytes_per_row;) {
                 incount = *palm_ptr++;
                 inval = *palm_ptr++;
-                memset (rowbuf + j, inval, incount);
-                j += incount;
+                if (incount + j <= bytes_per_row  * width)
+                {
+                    memset (rowbuf + j, inval, incount);
+                    j += incount;
+                }
+                else
+                {
+                    free (rowbuf);
+                    free (lastrow);
+                    free (jpeg_row);
+
+                    jpeg_destroy_compress (&cinfo);
+
+                    fclose( outfile );
+
+                    return false;
+                }
             }
         }
         else if ((flags & PALM_IS_COMPRESSED_FLAG)
openSUSE Build Service is sponsored by
Places