Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
evince
evince-dvi-vulnerability-again.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File evince-dvi-vulnerability-again.patch of Package evince
#following patch contains original commit + fix for bgo#643882 commit 439c5070022eab6cef7266aab47f978058012c72 Author: Vincent Untz <vuntz@gnome.org> Date: Thu Feb 17 15:23:39 2011 +0100 backends: Fix another security issue in the dvi-backend This is similar to one of the fixes from d4139205. https://bugzilla.gnome.org/show_bug.cgi?id=640923 --- backend/dvi/mdvi-lib/afmparse.c.old 2011-04-01 19:30:51.664185199 +0200 +++ backend/dvi/mdvi-lib/afmparse.c 2011-04-01 19:31:53.448018997 +0200 @@ -160,7 +160,7 @@ idx = 0; while (ch != EOF && ch != ' ' && ch != lineterm - && ch != '\t' && ch != ':' && ch != ';' && idx < MAX_NAME) + && ch != '\t' && ch != ':' && ch != ';' && idx < (MAX_NAME - 1)) { ident[idx++] = ch; ch = fgetc(stream); @@ -190,7 +190,7 @@ while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); idx = 0; - while (ch != EOF && ch != lineterm) + while (ch != EOF && ch != lineterm && idx < (MAX_NAME - 1)) { ident[idx++] = ch; ch = fgetc(stream);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor