Blame SOURCES/poppler-0.22.5-CVE-2013-4473.patch

7677ed
From b8682d868ddf7f741e93b791588af0932893f95c Mon Sep 17 00:00:00 2001
7677ed
From: Pino Toscano <pino@kde.org>
7677ed
Date: Mon, 16 Sep 2013 17:46:55 +0000
7677ed
Subject: pdfseparate: improve the path building
7677ed
7677ed
Make use of snprintf to limit the output to the pathName buffer;
7677ed
while I'm there, expand its size to 4096 (might help longer paths),
7677ed
although a better fix would be dynamically allocate its length
7677ed
(and/or using GooString, maybe).
7677ed
---
7677ed
(limited to 'utils/pdfseparate.cc')
7677ed
7677ed
diff --git a/utils/pdfseparate.cc b/utils/pdfseparate.cc
7677ed
index 35ae020..e41e547 100644
7677ed
--- a/utils/pdfseparate.cc
7677ed
+++ b/utils/pdfseparate.cc
7677ed
@@ -44,7 +44,7 @@ static const ArgDesc argDesc[] = {
7677ed
 };
7677ed
 
7677ed
 bool extractPages (const char *srcFileName, const char *destFileName) {
7677ed
-  char pathName[1024];
7677ed
+  char pathName[4096];
7677ed
   GooString *gfileName = new GooString (srcFileName);
7677ed
   PDFDoc *doc = new PDFDoc (gfileName, NULL, NULL, NULL);
7677ed
 
7677ed
@@ -66,7 +66,7 @@ bool extractPages (const char *srcFileName, const char *destFileName) {
7677ed
     return false;
7677ed
   }
7677ed
   for (int pageNo = firstPage; pageNo <= lastPage; pageNo++) {
7677ed
-    sprintf (pathName, destFileName, pageNo);
7677ed
+    snprintf (pathName, sizeof (pathName) - 1, destFileName, pageNo);
7677ed
     GooString *gpageName = new GooString (pathName);
7677ed
     int errCode = doc->savePageAs(gpageName, pageNo);
7677ed
     if ( errCode != errNone) {
7677ed
--
7677ed
cgit v0.9.0.2-2-gbebe