aboutsummaryrefslogtreecommitdiff
path: root/office/evince/patches/evince-2.32.0-dvi-security.patch
diff options
context:
space:
mode:
Diffstat (limited to 'office/evince/patches/evince-2.32.0-dvi-security.patch')
-rw-r--r--office/evince/patches/evince-2.32.0-dvi-security.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/office/evince/patches/evince-2.32.0-dvi-security.patch b/office/evince/patches/evince-2.32.0-dvi-security.patch
new file mode 100644
index 0000000000000..6bde382d613f9
--- /dev/null
+++ b/office/evince/patches/evince-2.32.0-dvi-security.patch
@@ -0,0 +1,24 @@
+From 9611cfcd6c2f39aafab10730c291efd736ab97e4 Mon Sep 17 00:00:00 2001
+From: Vincent Untz <vuntz@gnome.org>
+Date: Thu, 17 Feb 2011 14:23:39 +0000
+Subject: backends: Fix another security issue in the dvi-backend
+
+This is similar to one of the fixes from d4139205.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=640923
+---
+diff --git a/backend/dvi/mdvi-lib/afmparse.c b/backend/dvi/mdvi-lib/afmparse.c
+index 361e23d..e1cd115 100644
+--- a/backend/dvi/mdvi-lib/afmparse.c
++++ b/backend/dvi/mdvi-lib/afmparse.c
+@@ -190,7 +190,7 @@ static char *linetoken(FILE *stream)
+ while ((ch = fgetc(stream)) == ' ' || ch == '\t' );
+
+ idx = 0;
+- while (ch != EOF && ch != lineterm)
++ while (ch != EOF && ch != lineterm && idx < MAX_NAME)
+ {
+ ident[idx++] = ch;
+ ch = fgetc(stream);
+--
+cgit v0.9