rpms / poppler

Clone
Source Code
GIT

Blame SOURCES/CVE-2017-9775-1.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8-containeronly-stream-flatpak c8s c9 c9-beta c9-containeronly-stream-flatpak
  1.   c7
  2.   SOURCES
  3.   CVE-2017-9775-1.patch
Blob History Raw
3d5b8e 
From e465d36b8ecf46b80af4ac6b941ae56eb4883a89 Mon Sep 17 00:00:00 2001
3d5b8e 
From: Albert Astals Cid <aacid@kde.org>
3d5b8e 
Date: Mon, 19 Jun 2017 23:35:29 +0200
3d5b8e 
Subject: [PATCH] Fix crash on malformed files
3d5b8e
3d5b8e 
Bug #101502
3d5b8e 
---
3d5b8e 
 poppler/GfxState.cc | 9 +++++++++
3d5b8e 
 1 file changed, 9 insertions(+)
3d5b8e
3d5b8e 
diff --git a/poppler/GfxState.cc b/poppler/GfxState.cc
3d5b8e 
index b17925f..e6cd329 100644
3d5b8e 
--- a/poppler/GfxState.cc
3d5b8e 
+++ b/poppler/GfxState.cc
3d5b8e 
@@ -4036,6 +4036,12 @@ void GfxUnivariateShading::getColor(double t, GfxColor *color) {
3d5b8e 
   double out[gfxColorMaxComps];
3d5b8e 
   int i, nComps;
3d5b8e
3d5b8e 
+  if (unlikely(nFuncs < 1)) {
3d5b8e 
+    for (int i = 0; i < gfxColorMaxComps; i++)
3d5b8e 
+        color->c[i] = 0;
3d5b8e 
+    return;
3d5b8e 
+  }
3d5b8e 
+
3d5b8e 
   // NB: there can be one function with n outputs or n functions with
3d5b8e 
   // one output each (where n = number of color components)
3d5b8e 
   nComps = nFuncs * funcs[0]->getOutputSize();
3d5b8e 
@@ -4089,6 +4095,9 @@ void GfxUnivariateShading::setupCache(const Matrix *ctm,
3d5b8e 
   cacheBounds = NULL;
3d5b8e 
   cacheSize = 0;
3d5b8e
3d5b8e 
+  if (unlikely(nFuncs < 1))
3d5b8e 
+    return;
3d5b8e 
+
3d5b8e 
   // NB: there can be one function with n outputs or n functions with
3d5b8e 
   // one output each (where n = number of color components)
3d5b8e 
   nComps = nFuncs * funcs[0]->getOutputSize();
3d5b8e 
--
3d5b8e 
2.9.3
3d5b8e

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation