Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15
podofo
0018-Fix-for-CVE-2017-8787-Read-out-of-buffer-s...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0018-Fix-for-CVE-2017-8787-Read-out-of-buffer-size-in-PdfXRefStreamParserObject-ReadXRefStreamEntry.patch of Package podofo
Subject: Fix for CVE-2017-8787 - Read out of buffer size in PdfXRefStreamParserObject::ReadXRefStreamEntry( Url: https://sourceforge.net/p/podofo/code/1851/ --- a/podofo/trunk/src/base/PdfXRefStreamParserObject.cpp +++ b/podofo/trunk/src/base/PdfXRefStreamParserObject.cpp @@ -123,6 +123,11 @@ char* pBuffer; pdf_long lBufferLen; const size_t entryLen = static_cast<size_t>(nW[0] + nW[1] + nW[2]); + + if( nW[0] + nW[1] + nW[2] < 0 ) + { + PODOFO_RAISE_ERROR_INFO( ePdfError_NoXRef, "Invalid entry length in XRef stream" ); + } this->GetStream()->GetFilteredCopy( &pBuffer, &lBufferLen );
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor