summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Sturmlechner <asturm@gentoo.org>2017-11-24 22:31:04 +0100
committerAndreas Sturmlechner <asturm@gentoo.org>2017-11-25 00:06:22 +0100
commitccd22f376de6de2c8160d808451f320dc658565b (patch)
tree854a1f521c8fde06264b5aa1001c56c0d6633311 /app-text
parentapp-text/poppler: Fix CVE-2017-145{18,19,20} (diff)
downloadgentoo-ccd22f376de6de2c8160d808451f320dc658565b.tar.gz
gentoo-ccd22f376de6de2c8160d808451f320dc658565b.tar.bz2
gentoo-ccd22f376de6de2c8160d808451f320dc658565b.zip
app-text/poppler: Fix CVE-2017-14617
Bug: https://bugs.gentoo.org/631596 Package-Manager: Portage-2.3.16, Repoman-2.3.6
Diffstat (limited to 'app-text')
-rw-r--r--app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch31
-rw-r--r--app-text/poppler/poppler-0.57.0-r1.ebuild1
2 files changed, 32 insertions, 0 deletions
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch
new file mode 100644
index 000000000000..279479536129
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14617.patch
@@ -0,0 +1,31 @@
+From 939465c40902d72e0c05d4f3a27ee67e4a007ed7 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Tue, 19 Sep 2017 21:19:03 +0200
+Subject: [PATCH] Fix crash in broken files
+
+Bug #102854
+---
+ poppler/Stream.cc | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/poppler/Stream.cc b/poppler/Stream.cc
+index f4eda85b..0ad602c7 100644
+--- a/poppler/Stream.cc
++++ b/poppler/Stream.cc
+@@ -454,11 +454,10 @@ ImageStream::ImageStream(Stream *strA, int widthA, int nCompsA, int nBitsA) {
+ } else {
+ imgLineSize = nVals;
+ }
+- if (width > INT_MAX / nComps) {
+- // force a call to gmallocn(-1,...), which will throw an exception
++ if (nComps <= 0 || width > INT_MAX / nComps) {
+ imgLineSize = -1;
+ }
+- imgLine = (Guchar *)gmallocn(imgLineSize, sizeof(Guchar));
++ imgLine = (Guchar *)gmallocn_checkoverflow(imgLineSize, sizeof(Guchar));
+ }
+ imgIdx = nVals;
+ }
+--
+2.14.1
+
diff --git a/app-text/poppler/poppler-0.57.0-r1.ebuild b/app-text/poppler/poppler-0.57.0-r1.ebuild
index a19b815e5955..b7a421f73e2c 100644
--- a/app-text/poppler/poppler-0.57.0-r1.ebuild
+++ b/app-text/poppler/poppler-0.57.0-r1.ebuild
@@ -70,6 +70,7 @@ PATCHES=(
"${FILESDIR}/${P}-CVE-2017-14518.patch"
"${FILESDIR}/${P}-CVE-2017-14519.patch"
"${FILESDIR}/${P}-CVE-2017-14520.patch"
+ "${FILESDIR}/${P}-CVE-2017-14617.patch"
"${FILESDIR}/${P}-CVE-2017-14926.patch"
"${FILESDIR}/${P}-CVE-2017-14927.patch"
"${FILESDIR}/${P}-CVE-2017-14928.patch"