Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
poppler-qt5
poppler-CVE-2020-23804.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File poppler-CVE-2020-23804.patch of Package poppler-qt5
Index: poppler-0.79.0/poppler/XRef.cc =================================================================== --- poppler-0.79.0.orig/poppler/XRef.cc +++ poppler-0.79.0/poppler/XRef.cc @@ -634,6 +634,12 @@ bool XRef::readXRefTable(Parser *parser, ok = false; } } + // Arbitrary limit because otherwise we exhaust the stack + // calling readXRef + readXRefTable + if (followedXRefStm->size() > 4096) { + error(errSyntaxError, -1, "File has more than 4096 XRefStm, aborting"); + ok = false; + } if (ok) { followedXRefStm->push_back(pos2); readXRef(&pos2, followedXRefStm, xrefStreamObjsNum);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
