Overview

File r1844-Fix-CVE-2017-6840-Out-of-bounds-read.patch of Package podofo.23799

------------------------------------------------------------------------
r1844 | aja_ | 2017-05-08 15:23:49 +0200 (lun, 08 may 2017) | 2 lines

Fix CVE-2017-6840: Out of bounds read in ColorChanger::GetColorFromStack()


Index: tools/podofocolor/colorchanger.cpp
===================================================================
--- tools/podofocolor/colorchanger.cpp	(revision 1843)
+++ tools/podofocolor/colorchanger.cpp	(revision 1844)
@@ -181,6 +181,13 @@
             int nNumArgs = pInfo->nNumArguments;
             EPdfColorSpace eColorSpace;
 
+            if( args.size() != static_cast<size_t>( pInfo->nNumArguments ) )
+            {
+                std::ostringstream oss;
+                oss << "Expected " << pInfo->nNumArguments << " argument(s) for keyword '" << pszKeyword << "', but " << args.size() << " given instead.";
+                PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidContentStream, oss.str().c_str() );
+            }
+
             switch( pInfo->eKeywordType )
             {
                 case eKeyword_GraphicsStack_Push:

------------------------------------------------------------------------
openSUSE Build Service is sponsored by
Places