Overview

File xpdf-3.00-CVE-2007-3387.patch of Package pdftohtml

Index: pdftohtml-0.36/xpdf/Stream.cc
===================================================================
--- pdftohtml-0.36.orig/xpdf/Stream.cc
+++ pdftohtml-0.36/xpdf/Stream.cc
@@ -415,14 +415,14 @@ StreamPredictor::StreamPredictor(Stream 
   ok = gFalse;
  
   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-      nComps >= INT_MAX/nBits ||
-      width >= INT_MAX/nComps/nBits) {
+      nComps > 4 || nBits > 16 ||
+      width >= INT_MAX / nComps) {
     return;
   }
 
   nVals = width * nComps;
 
-  if (nVals * nBits + 7 <= 0) {
+  if (nVals >= (INT_MAX - 7) / nBits) {
     return;
   }
openSUSE Build Service is sponsored by
Places