SOURCES: cups-CAN-2005-2097.patch (NEW) - security fix for a DoS v...
adamg
adamg at pld-linux.org
Sat Sep 3 01:32:12 CEST 2005
Author: adamg Date: Fri Sep 2 23:32:12 2005 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- security fix for a DoS vulnerability (CAN-2005-2097)
- release 4
---- Files affected:
SOURCES:
cups-CAN-2005-2097.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/cups-CAN-2005-2097.patch
diff -u /dev/null SOURCES/cups-CAN-2005-2097.patch:1.1
--- /dev/null Sat Sep 3 01:32:12 2005
+++ SOURCES/cups-CAN-2005-2097.patch Sat Sep 3 01:32:07 2005
@@ -0,0 +1,21 @@
+diff -burN cups-1.1.23.orig/pdftops/FontFile.cxx cups-1.1.23/pdftops/FontFile.cxx
+--- cups-1.1.23.orig/pdftops/FontFile.cxx 2005-09-02 19:02:24.273122328 +0200
++++ cups-1.1.23/pdftops/FontFile.cxx 2005-09-02 19:02:39.174856920 +0200
+@@ -18,6 +18,7 @@
+ #include <stdarg.h>
+ #include <string.h>
+ #include <ctype.h>
++#include <error.h>
+ #include "gmem.h"
+ #include "GHash.h"
+ #include "Error.h"
+@@ -3572,6 +3573,9 @@
+ } else {
+ origLocaTable[i].pos = 2 * getUShort(pos + 2*i);
+ }
++
++ if (origLocaTable[i].pos < 0 || origLocaTable[i].pos > len)
++ error (1, 0, "bad loca table pos value");
+ }
+ qsort(origLocaTable, nGlyphs + 1, sizeof(TrueTypeLoca), &cmpTrueTypeLocaPos);
+ for (i = 0; i < nGlyphs; ++i) {
================================================================
More information about the pld-cvs-commit
mailing list