File CVE-2017-9775.patch of Package poppler.openSUSE_Leap_42.2_Update
From 8f4ff8243a3d599ff2a6c08b1da389e606ba4fc9 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Wed, 21 Jun 2017 00:56:38 +0200
Subject: Fix crash in malformed documents
Index: poppler-0.24.4/poppler/GfxState.cc
===================================================================
--- poppler-0.24.4.orig/poppler/GfxState.cc 2017-07-19 12:19:27.140459672 +0000
+++ poppler-0.24.4/poppler/GfxState.cc 2017-07-19 12:19:34.252543697 +0000
@@ -3381,11 +3381,17 @@ GfxUnivariateShading::~GfxUnivariateShad
void GfxUnivariateShading::getColor(double t, GfxColor *color) {
double out[gfxColorMaxComps];
- int i, nComps;
+ int i;
// NB: there can be one function with n outputs or n functions with
// one output each (where n = number of color components)
- nComps = nFuncs * funcs[0]->getOutputSize();
+ const int nComps = nFuncs * funcs[0]->getOutputSize();
+
+ if (unlikely(nFuncs < 1 || nComps > gfxColorMaxComps)) {
+ for (int i = 0; i < gfxColorMaxComps; i++)
+ color->c[i] = 0;
+ return;
+ }
if (cacheSize > 0) {
double x, ix, *l, *u, *upper;