diff options
author | Marius Bakke <mbakke@fastmail.com> | 2017-10-22 20:12:52 +0200 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2017-10-22 20:12:52 +0200 |
commit | 119a749db9c9847e0766860c17109b0f0b6bf349 (patch) | |
tree | 4cdbfcad285124c1abf7b3c1c94666cef55767ce /gnu/packages/patches/mupdf-CVE-2017-15587.patch | |
parent | 530d9e1555e8d0125dde6893f5f70c7a1ebc2564 (diff) | |
parent | 25669275a1a570cc266128274cb27a22f6a3a318 (diff) |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/mupdf-CVE-2017-15587.patch')
-rw-r--r-- | gnu/packages/patches/mupdf-CVE-2017-15587.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/gnu/packages/patches/mupdf-CVE-2017-15587.patch b/gnu/packages/patches/mupdf-CVE-2017-15587.patch new file mode 100644 index 0000000000..5da7737ea1 --- /dev/null +++ b/gnu/packages/patches/mupdf-CVE-2017-15587.patch @@ -0,0 +1,21 @@ +Fix CVE-2017-15587. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15587 +https://nandynarwhals.org/CVE-2017-15587/ + +Copied from upstream: +<https://git.ghostscript.com/?p=mupdf.git;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8> + +diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c +index 66bd0ed..6292793 100644 +--- a/source/pdf/pdf-xref.c ++++ b/source/pdf/pdf-xref.c +@@ -924,7 +924,7 @@ pdf_read_new_xref_section(fz_context *ctx, pdf_document *doc, fz_stream *stm, fz + pdf_xref_entry *table; + int i, n; + +- if (i0 < 0 || i1 < 0) ++ if (i0 < 0 || i1 < 0 || (i0+i1) < 0) + fz_throw(ctx, FZ_ERROR_GENERIC, "negative xref stream entry index"); + //if (i0 + i1 > pdf_xref_len(ctx, doc)) + // fz_throw(ctx, FZ_ERROR_GENERIC, "xref stream has too many entries"); |