diff options
author | Andrew Savchenko <bircoph@gentoo.org> | 2020-03-01 23:03:46 +0300 |
---|---|---|
committer | Andrew Savchenko <bircoph@gentoo.org> | 2020-03-01 23:06:21 +0300 |
commit | 6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18 (patch) | |
tree | b27ec0c626cfe06c9b424f6f1ac475a2a9ee0b6f /app-text/xpdf/files | |
parent | dev-lang/erlang: bump up to 22.2.8 (diff) | |
download | gentoo-6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18.tar.gz gentoo-6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18.tar.bz2 gentoo-6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18.zip |
app-text/xpdf: fix CVE-2019-17064
Fix NULL pointer dereference by initializing field before use.
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890#p42672
Bug: https://bugs.gentoo.org/711146
Package-Manager: Portage-2.3.82, Repoman-2.3.20
Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>
Diffstat (limited to 'app-text/xpdf/files')
-rw-r--r-- | app-text/xpdf/files/xpdf-CVE-2019-17064.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/app-text/xpdf/files/xpdf-CVE-2019-17064.patch b/app-text/xpdf/files/xpdf-CVE-2019-17064.patch new file mode 100644 index 000000000000..c4f84a4604c0 --- /dev/null +++ b/app-text/xpdf/files/xpdf-CVE-2019-17064.patch @@ -0,0 +1,24 @@ +Fix CVE-2019-17064 + +Fix NULL pointer dereference by initializing field before use. +https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890#p42672 + +diff '--color=auto' -Naurd xpdf-4.02.orig/xpdf/Catalog.cc xpdf-4.02/xpdf/Catalog.cc +--- xpdf-4.02.orig/xpdf/Catalog.cc 2019-09-25 22:54:33.000000000 +0300 ++++ xpdf-4.02/xpdf/Catalog.cc 2020-03-01 12:05:43.235486706 +0300 +@@ -159,6 +159,7 @@ + baseURI = NULL; + form = NULL; + embeddedFiles = NULL; ++ pageLabels = NULL; + #if MULTITHREADED + gInitMutex(&pageMutex); + #endif +@@ -241,7 +242,6 @@ + // get the ViewerPreferences object + catDict.dictLookupNF("ViewerPreferences", &viewerPrefs); + +- pageLabels = NULL; + if (catDict.dictLookup("PageLabels", &obj)->isDict()) { + readPageLabelTree(&obj); + } |