]> git.draconx.ca Git - gentoo-draconx.git/blob - app-text/xpdf/files/xpdf-cve-2022-38171.patch
projects / gentoo-draconx.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
app-text/xpdf: Backport fix for CVE-2022-38171
[gentoo-draconx.git] / app-text / xpdf / files / xpdf-cve-2022-38171.patch
1 diff --git a/xpdf/JBIG2Stream.cc b/xpdf/JBIG2Stream.cc
2 index 8588931..00c8950 100644
3 --- a/xpdf/JBIG2Stream.cc
4 +++ b/xpdf/JBIG2Stream.cc
5 @@ -1977,7 +1977,14 @@ void JBIG2Stream::readTextRegionSeg(Guint segNum, GBool imm,
6    for (i = 0; i < nRefSegs; ++i) {
7      if ((seg = findSegment(refSegs[i]))) {
8        if (seg->getType() == jbig2SegSymbolDict) {
9 -       numSyms += ((JBIG2SymbolDict *)seg)->getSize();
10 +       Guint segSize = ((JBIG2SymbolDict *)seg)->getSize();
11 +       if (segSize > INT_MAX || numSyms > INT_MAX - segSize) {
12 +         error(errSyntaxError, getPos(),
13 +               "Too many symbols in JBIG2 text region");
14 +         delete codeTables;
15 +         return;
16 +       }
17 +       numSyms += segSize;
18        } else if (seg->getType() == jbig2SegCodeTable) {
19         codeTables->append(seg);
20        }
Assorted collection of Gentoo ebuilds.