Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
poppler
poppler-CVE-2020-23804.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File poppler-CVE-2020-23804.patch of Package poppler
Index: poppler-0.62.0/poppler/XRef.cc =================================================================== --- poppler-0.62.0.orig/poppler/XRef.cc +++ poppler-0.62.0/poppler/XRef.cc @@ -681,6 +681,12 @@ GBool XRef::readXRefTable(Parser *parser ok = gFalse; } } + // Arbitrary limit because otherwise we exhaust the stack + // calling readXRef + readXRefTable + if (followedXRefStm->size() > 4096) { + error(errSyntaxError, -1, "File has more than 4096 XRefStm, aborting"); + ok = false; + } if (ok) { followedXRefStm->push_back(pos2); readXRef(&pos2, followedXRefStm, xrefStreamObjsNum);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
