diff options
Diffstat (limited to 'backport-CVE-2022-27337.patch')
| -rw-r--r-- | backport-CVE-2022-27337.patch | 68 |
1 files changed, 0 insertions, 68 deletions
diff --git a/backport-CVE-2022-27337.patch b/backport-CVE-2022-27337.patch deleted file mode 100644 index bb22089..0000000 --- a/backport-CVE-2022-27337.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 81044c64b9ed9a10ae82a28bac753060bdfdac74 Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Tue, 15 Mar 2022 15:14:32 +0100 -Subject: [PATCH] Hints::readTables: bail out if we run out of file when - reading - -Fixes #1230 - -Reference:https://gitlab.freedesktop.org/poppler/poppler/-/commit/81044c64b9ed9a10ae82a28bac753060bdfdac74 -Conflict:NA - ---- - poppler/Hints.cc | 28 +++++++++++++++++++++------- - 1 file changed, 21 insertions(+), 7 deletions(-) - -diff --git a/poppler/Hints.cc b/poppler/Hints.cc -index 03e0f7e..90b8dee 100644 ---- a/poppler/Hints.cc -+++ b/poppler/Hints.cc -@@ -5,7 +5,7 @@ - // This file is licensed under the GPLv2 or later - // - // Copyright 2010, 2012 Hib Eris <hib@hiberis.nl> --// Copyright 2010, 2011, 2013, 2014, 2016-2019 Albert Astals Cid <aacid@kde.org> -+// Copyright 2010, 2011, 2013, 2014, 2016-2019, 2021, 2022 Albert Astals Cid <aacid@kde.org> - // Copyright 2010, 2013 Pino Toscano <pino@kde.org> - // Copyright 2013 Adrian Johnson <ajohnson@redneon.com> - // Copyright 2014 Fabio D'Urso <fabiodurso@hotmail.it> -@@ -195,17 +195,31 @@ void Hints::readTables(BaseStream *str, Linearization *linearization, XRef *xref - char *p = &buf[0]; - - if (hintsOffset && hintsLength) { -- Stream *s = str->makeSubStream(hintsOffset, false, hintsLength, Object(objNull)); -+ std::unique_ptr<Stream> s(str->makeSubStream(hintsOffset, false, hintsLength, Object(objNull))); - s->reset(); -- for (unsigned int i=0; i < hintsLength; i++) { *p++ = s->getChar(); } -- delete s; -+ for (unsigned int i=0; i < hintsLength; i++) { -+ const int c = s->getChar(); -+ if (unlikely(c == EOF)) { -+ error(errSyntaxWarning, -1, "Found EOF while reading hints"); -+ ok = false; -+ return; -+ } -+ *p++ = c; -+ } - } - - if (hintsOffset2 && hintsLength2) { -- Stream *s = str->makeSubStream(hintsOffset2, false, hintsLength2, Object(objNull)); -+ std::unique_ptr<Stream> s(str->makeSubStream(hintsOffset2, false, hintsLength2, Object(objNull))); - s->reset(); -- for (unsigned int i=0; i < hintsLength2; i++) { *p++ = s->getChar(); } -- delete s; -+ for (unsigned int i=0; i < hintsLength2; i++) { -+ const int c = s->getChar(); -+ if (unlikely(c == EOF)) { -+ error(errSyntaxWarning, -1, "Found EOF while reading hints2"); -+ ok = false; -+ return; -+ } -+ *p++ = c; -+ } - } - - MemStream *memStream = new MemStream (&buf[0], 0, bufLength, Object(objNull)); --- -2.27.0 |