Overview

File poppler-pdftoabw-overflow.patch of Package poppler

Index: poppler-0.12.0/poppler/ABWOutputDev.cc
===================================================================
--- poppler-0.12.0.orig/poppler/ABWOutputDev.cc
+++ poppler-0.12.0/poppler/ABWOutputDev.cc
@@ -20,6 +20,7 @@
 #include <stdarg.h>
 #include <stddef.h>
 #include <ctype.h>
+#include <float.h>
 #include <math.h>
 #include "goo/GooString.h"
 #include "goo/GooList.h"
@@ -36,6 +37,23 @@
 #include <libxml/xpath.h>
 #include <libxml/xpathInternals.h>
 
+#define MAX(a, b)  (((a) > (b)) ? (a) : (b))
+
+// 1: potential -
+// DBL_MAX_10_EXP: 10^x
+// 1: last digit before '.'
+// 1: '.'
+// 6: digits after '.'
+// 1: '\0' at the end
+#define BUFLEN_FOR_DOUBLE (1 + DBL_MAX_10_EXP + 1 + 1 + 6 + 1)
+
+// potential -, INT_MAX is 2147483647, and the trailing '\0'
+#define BUFLEN_FOR_INT (1 + 10 + 1)
+
+//I wouldn't know what size this should safely be. I guess 64 bytes should be
+//enough for any unicode character
+#define BUFLEN_FOR_UNICODE_CHAR 64
+
 
 // Inter-character space width which will cause addChar to start a new
 // word.
@@ -157,7 +175,7 @@ void ABWOutputDev::splitNodes(float spli
   xmlNodePtr N_move, N_cur, N_newH, N_newL;
   char * propName;
   const char *nodeName;
-  char buf[20];
+  char buf[BUFLEN_FOR_DOUBLE];
   if (direction == HORIZONTAL) {
     propName = "Y1"; 
     nodeName = "horizontal";
@@ -261,7 +279,7 @@ float ABWOutputDev::getBiggestSeperator(
 }
 
 void ABWOutputDev::updateFont(GfxState *state) {
-  char buf[160];
+  char buf[BUFLEN_FOR_INT];
   xmlNodePtr N_cur;
   GfxFont *font;
   bool found = false;
@@ -341,9 +359,7 @@ void ABWOutputDev::drawChar(GfxState *st
 			double originX, double originY,
 			CharCode code, int nBytes, Unicode *u, int uLen)
 {
-  //I wouldn't know what size this should safely be. I guess 64 bytes should be
-  //enough for any unicode character
-  char buf[64];
+  char buf[BUFLEN_FOR_UNICODE_CHAR];
   int charLen;
   x = dx;
   y = dy;
@@ -401,7 +417,7 @@ void ABWOutputDev::endString(GfxState *s
 }
 
 void ABWOutputDev::beginWord(GfxState *state, double x, double y){
-  char buf[20];
+  char buf[MAX(BUFLEN_FOR_INT, BUFLEN_FOR_DOUBLE)];
 //  printf("***BREAK!***\n");
   endWord();
   X1 = x;
@@ -421,7 +437,7 @@ void ABWOutputDev::beginWord(GfxState *s
 }
 
 void ABWOutputDev::endWord(){
-  char buf[20];
+  char buf[BUFLEN_FOR_DOUBLE];
   if (N_word) {
     sprintf(buf, "%f", X2);    xmlNewProp(N_word, BAD_CAST "X2", BAD_CAST buf);
     sprintf(buf, "%f", Y2);    xmlNewProp(N_word, BAD_CAST "Y2", BAD_CAST buf);
@@ -618,7 +634,7 @@ void ABWOutputDev::cleanUpNode(xmlNodePt
   double tX1=-1, tX2=-1, tY1=-1, tY2=-1;
   xmlNodePtr N_cur, N_next;
   N_cur = N_parent->children;
-  char buf[20];
+  char buf[MAX(BUFLEN_FOR_INT, BUFLEN_FOR_DOUBLE)];
   int prevStyle = -1;
   xmlChar *val;
   int styleLength = xmlLsCountNode(N_styleset)+1;
@@ -995,16 +1011,22 @@ void ABWOutputDev::createABW() {
   //change styles to abiword format
   xmlNodePtr N_cur, N_next;
   xmlAttrPtr N_prop;
-  char buf[500];
   for (N_cur = N_styleset->children; N_cur; N_cur = N_cur->next){
+    char *font = (char *)xmlGetProp(N_cur,BAD_CAST "font");
+    char *bold = (char *)xmlGetProp(N_cur,BAD_CAST "bold");
+    char *italic = (char *)xmlGetProp(N_cur,BAD_CAST "italic");
+    char buf[278 + BUFLEN_FOR_INT + 12 + strlen(font) + 1 + 12 + strlen(bold) + 1 + 12 + strlen(italic) + 1];
+
     sprintf(buf,"margin-top:0pt; color:000000; margin-left:0pt; text-position:normal; widows:2; text-indent:0in; font-variant:normal; margin-right:0pt; lang:nl-NL; line-height:1.0; font-size:%dpt; text-decoration:none; margin-bottom:0pt; bgcolor:transparent; text-align:left; font-stretch:normal;",int(xmlXPathCastStringToNumber(xmlGetProp(N_cur,BAD_CAST "size"))));
     strncat(buf,"font-family:",12);
-    strncat(buf,(char *)xmlGetProp(N_cur,BAD_CAST "font"),strlen((char *)xmlGetProp(N_cur,BAD_CAST "font")));
+    strncat(buf,font,strlen(font));
     strncat(buf,";",1);
     strncat(buf,"font-weight:",12);
-    strncat(buf,(char *)xmlGetProp(N_cur,BAD_CAST "bold"),strlen((char *)xmlGetProp(N_cur,BAD_CAST "bold")));
+    strncat(buf,bold,strlen(bold));
+    strncat(buf,";",1);
     strncat(buf,"font-style:",12);
-    strncat(buf,(char *)xmlGetProp(N_cur,BAD_CAST "italic"),strlen((char *)xmlGetProp(N_cur,BAD_CAST "italic")));
+    strncat(buf,italic,strlen(italic));
+    strncat(buf,";",1);
     xmlSetProp(N_cur, BAD_CAST "props", BAD_CAST buf);
     N_prop = xmlHasProp(N_cur, BAD_CAST "id");
     if (N_prop != NULL) xmlRemoveProp(N_prop);
@@ -1036,7 +1058,6 @@ void ABWOutputDev::createABW() {
 }
 
 void ABWOutputDev::transformPage(xmlNodePtr N_parent){
-  char buf[60];
   xmlNodePtr N_cur, N_curLine, N_curText, N_curWord, text, space;
   //translate the nodes into abiword nodes
   if (xmlStrcasecmp(N_parent->name,BAD_CAST "page") == 0){
@@ -1085,6 +1106,7 @@ void ABWOutputDev::transformPage(xmlNode
     xmlNewChild(N_text, NULL, BAD_CAST "cbr", NULL);
   }
   if (xmlStrcasecmp(N_parent->name,BAD_CAST "colset") == 0){
+    char buf[strlen("columns:") + BUFLEN_FOR_INT];
     //fprintf(stderr,"Found a colset\n");
     //create new section columns: count childNodes of N_cur
     //recurse through chunks and create textNodes
openSUSE Build Service is sponsored by
Places