rpms/koffice/devel koffice-CAN-2005-3193.diff, NONE, 1.1 koffice.spec, 1.15, 1.16
Andreas Bierfert (awjb)
fedora-extras-commits at redhat.com
Thu Dec 8 12:24:12 UTC 2005
Author: awjb
Update of /cvs/extras/rpms/koffice/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4097
Modified Files:
koffice.spec
Added Files:
koffice-CAN-2005-3193.diff
Log Message:
- fix CAN-2005-3193
koffice-CAN-2005-3193.diff:
--- NEW FILE koffice-CAN-2005-3193.diff ---
Index: filters/kword/pdf/xpdf/xpdf/Stream.cc
===================================================================
--- filters/kword/pdf/xpdf/xpdf/Stream.cc (revision 485850)
+++ filters/kword/pdf/xpdf/xpdf/Stream.cc (revision 486431)
@@ -404,18 +404,33 @@ void ImageStream::skipLine() {
StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
int widthA, int nCompsA, int nBitsA) {
+ int totalBits;
+
str = strA;
predictor = predictorA;
width = widthA;
nComps = nCompsA;
nBits = nBitsA;
+ predLine = NULL;
+ ok = gFalse;
nVals = width * nComps;
+ totalBits = nVals * nBits;
+ if ( totalBits == 0 ||
+ (totalBits / nBits) / nComps != width ||
+ totalBits + 7 < 0) {
+ return;
+ }
pixBytes = (nComps * nBits + 7) >> 3;
- rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
+ rowBytes = ((totalBits + 7) >> 3) + pixBytes;
+ if (rowBytes < 0)
+ return;
+
predLine = (Guchar *)gmalloc(rowBytes);
memset(predLine, 0, rowBytes);
predIdx = rowBytes;
+
+ ok = gTrue;
}
StreamPredictor::~StreamPredictor() {
@@ -982,6 +997,10 @@ LZWStream::LZWStream(Stream *strA, int p
FilterStream(strA) {
if (predictor != 1) {
pred = new StreamPredictor(this, predictor, columns, colors, bits);
+ if ( !pred->isOk()) {
+ delete pred;
+ pred = NULL;
+ }
} else {
pred = NULL;
}
@@ -2861,6 +2880,10 @@ GBool DCTStream::readBaselineSOF() {
height = read16();
width = read16();
numComps = str->getChar();
+ if (numComps <= 0 || numComps > 4) {
+ error(getPos(), "Bad number of components in DCT stream");
+ return gFalse;
+ }
if (prec != 8) {
error(getPos(), "Bad DCT precision %d", prec);
return gFalse;
@@ -3179,6 +3202,10 @@ FlateStream::FlateStream(Stream *strA, i
FilterStream(strA) {
if (predictor != 1) {
pred = new StreamPredictor(this, predictor, columns, colors, bits);
+ if ( !pred->isOk()) {
+ delete pred;
+ pred = NULL;
+ }
} else {
pred = NULL;
}
Index: filters/kword/pdf/xpdf/xpdf/Stream.h
===================================================================
--- filters/kword/pdf/xpdf/xpdf/Stream.h (revision 485850)
+++ filters/kword/pdf/xpdf/xpdf/Stream.h (revision 486431)
@@ -227,6 +227,7 @@ public:
int lookChar();
int getChar();
+ GBool isOk() { return ok; }
private:
@@ -242,6 +243,7 @@ private:
int rowBytes; // bytes per line
Guchar *predLine; // line buffer
int predIdx; // current index in predLine
+ GBool ok;
};
//------------------------------------------------------------------------
Index: koffice.spec
===================================================================
RCS file: /cvs/extras/rpms/koffice/devel/koffice.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- koffice.spec 21 Nov 2005 22:42:28 -0000 1.15
+++ koffice.spec 8 Dec 2005 12:24:10 -0000 1.16
@@ -1,6 +1,6 @@
Name: koffice
Version: 1.4.2
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: A free, integrated office suite for KDE
Group: Applications/Productivity
@@ -11,7 +11,9 @@
# stuff for the build configuration
Patch0: koffice-admin-gcc4isok.patch
-Patch1: koffice-qt3.3.5.patch
+
+# fix CAN-2005-3193 see #175260
+Patch1: koffice-CAN-2005-3193.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -192,9 +194,9 @@
%prep
%setup -q
%patch0 -p1
-#%patch1
+%patch1
-# this will make sure that patch0 and patch1 are considered
+# this will make sure that patch0 is considered
make -f admin/Makefile.common
%build
@@ -746,6 +748,10 @@
%{_datadir}/servicetypes/kofilter*.desktop
%changelog
+* Thu Dec 08 2005 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
+1.4.2-3
+- fix CAN-2005-3193
+
* Thu Nov 10 2005 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
1.4.2-2
- remove xorg-x11-devel BR
More information about the scm-commits
mailing list