summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Savchenko <bircoph@gentoo.org>2020-03-01 23:03:46 +0300
committerAndrew Savchenko <bircoph@gentoo.org>2020-03-01 23:06:21 +0300
commit6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18 (patch)
treeb27ec0c626cfe06c9b424f6f1ac475a2a9ee0b6f /app-text/xpdf/files
parentdev-lang/erlang: bump up to 22.2.8 (diff)
downloadgentoo-6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18.tar.gz
gentoo-6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18.tar.bz2
gentoo-6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18.zip
app-text/xpdf: fix CVE-2019-17064
Fix NULL pointer dereference by initializing field before use. https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890#p42672 Bug: https://bugs.gentoo.org/711146 Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>
Diffstat (limited to 'app-text/xpdf/files')
-rw-r--r--app-text/xpdf/files/xpdf-CVE-2019-17064.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/app-text/xpdf/files/xpdf-CVE-2019-17064.patch b/app-text/xpdf/files/xpdf-CVE-2019-17064.patch
new file mode 100644
index 000000000000..c4f84a4604c0
--- /dev/null
+++ b/app-text/xpdf/files/xpdf-CVE-2019-17064.patch
@@ -0,0 +1,24 @@
+Fix CVE-2019-17064
+
+Fix NULL pointer dereference by initializing field before use.
+https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890#p42672
+
+diff '--color=auto' -Naurd xpdf-4.02.orig/xpdf/Catalog.cc xpdf-4.02/xpdf/Catalog.cc
+--- xpdf-4.02.orig/xpdf/Catalog.cc 2019-09-25 22:54:33.000000000 +0300
++++ xpdf-4.02/xpdf/Catalog.cc 2020-03-01 12:05:43.235486706 +0300
+@@ -159,6 +159,7 @@
+ baseURI = NULL;
+ form = NULL;
+ embeddedFiles = NULL;
++ pageLabels = NULL;
+ #if MULTITHREADED
+ gInitMutex(&pageMutex);
+ #endif
+@@ -241,7 +242,6 @@
+ // get the ViewerPreferences object
+ catDict.dictLookupNF("ViewerPreferences", &viewerPrefs);
+
+- pageLabels = NULL;
+ if (catDict.dictLookup("PageLabels", &obj)->isDict()) {
+ readPageLabelTree(&obj);
+ }