summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/mupdf-CVE-2016-7505.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/mupdf-CVE-2016-7505.patch')
-rw-r--r--gnu/packages/patches/mupdf-CVE-2016-7505.patch32
1 files changed, 32 insertions, 0 deletions
diff --git a/gnu/packages/patches/mupdf-CVE-2016-7505.patch b/gnu/packages/patches/mupdf-CVE-2016-7505.patch
new file mode 100644
index 0000000000..15e4f374d6
--- /dev/null
+++ b/gnu/packages/patches/mupdf-CVE-2016-7505.patch
@@ -0,0 +1,32 @@
+Fix CVE-2016-7505:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7505
+http://bugs.ghostscript.com/show_bug.cgi?id=697140
+
+Patch copied from upstream source repository:
+http://git.ghostscript.com/?p=mujs.git;a=commitdiff;h=8c805b4eb19cf2af689c860b77e6111d2ee439d5
+
+From 8c805b4eb19cf2af689c860b77e6111d2ee439d5 Mon Sep 17 00:00:00 2001
+From: Tor Andersson <tor.andersson@artifex.com>
+Date: Wed, 21 Sep 2016 15:21:04 +0200
+Subject: [PATCH] Fix bug 697140: Overflow check in ascii division in strtod.
+
+---
+ jsdtoa.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/jsdtoa.c b/jsdtoa.c
+index 2e52368..920c1a7 100644
+--- a/thirdparty/mujs/jsdtoa.c
++++ b/thirdparty/mujs/jsdtoa.c
+@@ -735,6 +735,7 @@ xx:
+ n -= c<<b;
+ *p++ = c + '0';
+ (*na)++;
++ if (*na >= Ndig) break; /* abort if overflowing */
+ }
+ *p = 0;
+ }
+--
+2.10.2
+
generated by cgit v1.2.3 (git 2.46.2) at 2024-11-12 05:31:01 +0000