Overview

File CVE-2017-9776.patch of Package poppler.30682

From a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Wed, 21 Jun 2017 00:55:20 +0200
Subject: Fix crash in malformed documents


Index: poppler-0.24.4/poppler/JBIG2Stream.cc
===================================================================
--- poppler-0.24.4.orig/poppler/JBIG2Stream.cc	2017-07-19 12:11:00.378230136 +0000
+++ poppler-0.24.4/poppler/JBIG2Stream.cc	2017-07-19 12:13:22.900176076 +0000
@@ -891,6 +891,9 @@ void JBIG2Bitmap::combine(JBIG2Bitmap *b
 
   for (yy = y0; yy < y1; ++yy) {
 
+    if (unlikely((y + yy >= h) || (y + yy < 0)))
+       continue;
+
     // one byte per line -- need to mask both left and right side
     if (oneByte) {
       if (x >= 0) {
openSUSE Build Service is sponsored by
Places