summaryrefslogtreecommitdiffstats
path: root/kde/kdegraphics/CVE-2010-2575.patch
diff options
context:
space:
mode:
authorsibel <lesibel@free.fr>2010-09-01 12:27:31 +0200
committersibel <lesibel@free.fr>2010-09-01 12:27:31 +0200
commit20c888fc937006c95f54819846e93e1708d58cc1 (patch)
treecaee8aa9319fd39b331f2e86fda89671bb8c0b0e /kde/kdegraphics/CVE-2010-2575.patch
parent59259dc18231f1ae39c88c15fa2b1d966cc28245 (diff)
downloadnutyx-extra-20c888fc937006c95f54819846e93e1708d58cc1.tar.gz
nutyx-extra-20c888fc937006c95f54819846e93e1708d58cc1.tar.bz2
nutyx-extra-20c888fc937006c95f54819846e93e1708d58cc1.tar.xz
nutyx-extra-20c888fc937006c95f54819846e93e1708d58cc1.zip
maj de kde/kdegraphics#4.5.1-1
Diffstat (limited to 'kde/kdegraphics/CVE-2010-2575.patch')
-rw-r--r--kde/kdegraphics/CVE-2010-2575.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/kde/kdegraphics/CVE-2010-2575.patch b/kde/kdegraphics/CVE-2010-2575.patch
new file mode 100644
index 000000000..5d4394b2a
--- /dev/null
+++ b/kde/kdegraphics/CVE-2010-2575.patch
@@ -0,0 +1,28 @@
+--- okular/generators/plucker/unpluck/image.cpp (revision 1162413)
++++ okular/generators/plucker/unpluck/image.cpp (working copy)
+@@ -289,8 +289,23 @@
+ for (j = 0; j < bytes_per_row;) {
+ incount = *palm_ptr++;
+ inval = *palm_ptr++;
+- memset (rowbuf + j, inval, incount);
+- j += incount;
++ if (incount + j <= bytes_per_row * width)
++ {
++ memset (rowbuf + j, inval, incount);
++ j += incount;
++ }
++ else
++ {
++ free (rowbuf);
++ free (lastrow);
++ free (jpeg_row);
++
++ jpeg_destroy_compress (&cinfo);
++
++ fclose( outfile );
++
++ return false;
++ }
+ }
+ }
+ else if ((flags & PALM_IS_COMPRESSED_FLAG)