Overview

File r1843-Fix-CVE-2017-5855-NULL-pointer-dereference.patch of Package podofo.7908

------------------------------------------------------------------------
r1843 | aja_ | 2017-05-08 15:05:38 +0200 (lun, 08 may 2017) | 5 lines

Fix CVE-2017-5855: NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection

Throw PoDoFo's Out of memory exception when resize of std::vector fails
when reading XRef content.


Index: src/base/PdfParser.cpp
===================================================================
--- src/base/PdfParser.cpp	(revision 1842)
+++ src/base/PdfParser.cpp	(revision 1843)
@@ -779,6 +779,7 @@
             PODOFO_RAISE_ERROR_INFO( ePdfError_ValueOutOfRange,
                 "xref subsection's given entry numbers together too large" );
# 
     
+        try {
 #ifdef _WIN32
 		m_nNumObjects = static_cast<long>(nFirstObject + nNumObjects);
 		m_offsets.resize(static_cast<long>(nFirstObject+nNumObjects));
@@ -786,7 +787,9 @@
 		m_nNumObjects = nFirstObject + nNumObjects;
 		m_offsets.resize(nFirstObject+nNumObjects);
 #endif // _WIN32
-
+        } catch (std::bad_alloc &ex) {
+            PODOFO_RAISE_ERROR( ePdfError_OutOfMemory );
+        }
     }
     else
     {

------------------------------------------------------------------------
openSUSE Build Service is sponsored by
Places