aboutsummaryrefslogtreecommitdiff
path: root/office
diff options
context:
space:
mode:
Diffstat (limited to 'office')
-rw-r--r--office/antiword/10_fix_buffer_overflow_wordole_c.patch21
-rw-r--r--office/antiword/30_kantiword.patch205
-rw-r--r--office/antiword/40_desktop_files.patch50
-rw-r--r--office/antiword/50_antiword-manpage-hyphen-to-minus.patch15
-rw-r--r--office/antiword/antiword.SlackBuild13
-rw-r--r--office/antiword/docx.patch182
-rw-r--r--office/antiword/remove-cjb.net-references.patch40
-rw-r--r--office/antiword/use-snprintf.patch36
8 files changed, 561 insertions, 1 deletions
diff --git a/office/antiword/10_fix_buffer_overflow_wordole_c.patch b/office/antiword/10_fix_buffer_overflow_wordole_c.patch
new file mode 100644
index 000000000000..c2a8c692ab01
--- /dev/null
+++ b/office/antiword/10_fix_buffer_overflow_wordole_c.patch
@@ -0,0 +1,21 @@
+Description: Add check for buffer overflow with malformed input files
+ This was later re-found and became CVE-2014-8123.
+Author: <eriks@debian.org>
+Bug-Debian: https://bugs.debian.org/407015
+Bug-Debian: https://bugs.debian.org/771768
+Forwarded: https://seclists.org/oss-sec/2014/q4/870
+Last-Update: 2018-11-30
+
+--- antiword-0.37~/wordole.c 2005-08-26 21:49:57.000000000 +0200
++++ antiword-0.37/wordole.c 2009-06-03 22:31:15.948014682 +0200
+@@ -259,6 +259,10 @@
+ }
+ tNameSize = (size_t)usGetWord(0x40, aucBytes);
+ tNameSize = (tNameSize + 1) / 2;
++ if ( tNameSize > sizeof(atPPSlist[iIndex].szName)) {
++ werr(0, "Name Size of PPS %d is too large", iIndex);
++ tNameSize = sizeof(atPPSlist[iIndex].szName);
++ }
+ vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize);
+ atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes);
+ if (atPPSlist[iIndex].ucType == 5) {
diff --git a/office/antiword/30_kantiword.patch b/office/antiword/30_kantiword.patch
new file mode 100644
index 000000000000..b415251909e2
--- /dev/null
+++ b/office/antiword/30_kantiword.patch
@@ -0,0 +1,205 @@
+Description: Improve kantiword scripts and use secure temp files
+ Closes: #259999, #363428, [CVE-2005-3126]
+Author: <eriks@debian.org>
+Bug-Debian: http://bugs.debian.org/259999
+Bug-Debian: http://bugs.debian.org/363428
+Last-Update: 2009-06-07
+
+--- antiword-0.37~/Unix-only/KDE3-only/kantiword.sh 2009-06-07 00:47:17.000000000 +0200
++++ antiword-0.37/Unix-only/KDE3-only/kantiword.sh 2009-06-07 00:57:27.564012775 +0200
+@@ -3,69 +3,145 @@
+ # Script to make drag and drop in KDE possible
+ #set -x
+ #
++CONFS=$(kde-config --path config | tr ':' ' ')
++CONF_FILE=kantiwordrc
++mapping=
+
+-if [ $# -lt 2 ]
+-then
+- exit 0
++# default output format is PDF
++format="-a"
++ext=pdf
++
++for i in $CONFS; do
++ if [ -r "$i/$CONF_FILE" ]; then
++ ENCODING=$(grep ^encoding "$i/$CONF_FILE" | tr -d '[:blank:]' | cut -d '=' -f 2)
++ if [ -f "/usr/share/antiword/$ENCODING.txt" ]; then
++ mapping="-m $ENCODING.txt"
++ fi
++ FORMAT=$(grep ^output_format "$i/$CONF_FILE" | tr -d '[:blank:]' | cut -d '=' -f 2)
++ if [ "$FORMAT" = "PS" ]; then
++ # switch to output format PS, Cyrillic is better supported
++ format="-p"
++ ext=ps
++ fi
++ break
++ fi
++done
++
++DESKTOP=$(kde-config --userpath desktop)
++
++if [ $# -lt 2 ]; then
++ echo "Would you like to install an icon on your Desktop, where you"
++ echo "will be able to drop an *.doc file on to? It will be displayed"
++ echo "as a PDF document or as plain text (if no PDF viewer available)."
++ echo -n "[Y/n]: > "
++ read n
++ if [ "x$n" = "xy" ] || [ "x$n" = "xY" ] || [ "x$n" = "x" ]; then
++ if [ -r /etc/papersize ]; then
++ n=$(cat /etc/papersize)
++ fi
++ if [ "x$n" != "xa4" ] && [ "x$n" != "xletter" ]; then
++ echo
++ echo "Type"
++ echo "'a' for output papersize A4,"
++ echo "'l' for letter or"
++ echo "'n' for cancel."
++ echo -n "[a/l/N]: > "
++ read n
++ fi
++ if [ "x$n" = "xa" ] || [ "x$n" = "xa4" ]; then
++ cp -f /usr/share/antiword/kantiword.eu.desktop "$DESKTOP/kantiword.desktop"
++ elif [ "x$n" = "xl" ] || [ "x$n" = "xletter" ]; then
++ cp -f /usr/share/antiword/kantiword.us.desktop "$DESKTOP/kantiword.desktop"
++ fi
++ fi
++ exit 0
+ fi
+
+ # Determine the temp directory
+-if [ -d "$TMPDIR" ] && [ -w "$TMPDIR" ]
+-then
+- tmp_dir=$TMPDIR
+-elif [ -d "$TEMP" ] && [ -w "$TEMP" ]
+-then
+- tmp_dir=$TEMP
++if [ -d "$TMPDIR" ] && [ -w "$TMPDIR" ]; then
++ tmp_dir="$TMPDIR"
++elif [ -d "$TEMP" ] && [ -w "$TEMP" ]; then
++ tmp_dir="$TEMP"
+ else
+- tmp_dir="/tmp"
+-fi
++ tmp_dir="/tmp"
++fi
+
+ # Try to create the temp files in a secure way
+-if [ -x /bin/tempfile ]
+-then
+- out_file=`/bin/tempfile -d "$tmp_dir" -p antiword -s ".ps"` || exit 1
+- err_file=`/bin/tempfile -d "$tmp_dir" -p antiword -s ".err"`
+- if [ $? -ne 0 ]
+- then
+- rm -f "$out_file"
+- exit 1
+- fi
+-elif [ -x /bin/mktemp ]
+-then
+- out_file=`/bin/mktemp -q -p "$tmp_dir" antiword.ps.XXXXXXXXX` || exit 1
+- err_file=`/bin/mktemp -q -p "$tmp_dir" antiword.err.XXXXXXXXX`
+- if [ $? -ne 0 ]
+- then
+- rm -f "$out_file"
+- exit 1
+- fi
++if [ -x /bin/tempfile ]; then
++ out_file=$(/bin/tempfile -d "$tmp_dir" -p antiword -s ".$ext") || exit 1
++ err_file=$(/bin/tempfile -d "$tmp_dir" -p antiword -s ".err")
++ txt_file=$(/bin/tempfile -d "$tmp_dir" -p antiword -s ".txt")
++ if [ $? -ne 0 ]; then
++ rm -f "$out_file"
++ exit 1
++ fi
++elif [ -x /bin/mktemp ]; then
++ out_file=$(/bin/mktemp -q -p "$tmp_dir" antiword.$ext.XXXXXXXXX) || exit 1
++ err_file=$(/bin/mktemp -q -p "$tmp_dir" antiword.err.XXXXXXXXX)
++ txt_file=$(/bin/mktemp -q -p "$tmp_dir" antiword.txt.XXXXXXXXX)
++ if [ $? -ne 0 ]; then
++ rm -f "$out_file"
++ exit 1
++ fi
+ else
+- # Creating the temp files in an un-secure way
+- out_file=$tmp_dir"/antiword.$$.ps"
+- err_file=$tmp_dir"/antiword.$$.err"
++ # Creating the temp files in an un-secure way
++ out_file="$tmp_dir/antiword.$$.$ext"
++ err_file="$tmp_dir/antiword.$$.err"
++ txt_file="$tmp_dir/antiword.$$.txt"
+ fi
+
+-# Determine the paper size
+-paper_size=$1
+-shift
++error=0
++# filename is empty, user had clicked on icon, so print a help message
++# in err_file
++if [ -z $2 ]; then
++ cat >"$err_file" <<EOF
++ You should drag any *.doc file and drop it on this icon for
++ displaying. Kantiword can not do anything with an empty filename.
+
+-# Make the PostScript file
+-antiword -p $paper_size -i 0 "$@" 2>"$err_file" >"$out_file"
+-if [ $? -ne 0 ]
+-then
+- # Something went wrong
+- if [ -r "$err_file" ] && [ -s "$err_file" ]
+- then
+- konsole --caption "Error from Antword" -e less "$err_file"
+- fi
+- # Clean up
+- rm -f "$out_file" "$err_file"
+- exit 1
++EOF
++error=1
++else
++ # Determine the paper size
++ paper_size=$1
++ shift
++
++ # Make the output file (default PDF)
++ antiword $mapping $format $paper_size -i 0 "$@" 2>"$err_file" >"$out_file"
++ if [ $? -ne 0 ]; then
++ error=1
++ fi
++fi
++if [ $error -ne 0 ]; then
++ # Something went wrong
++ if [ -r "$err_file" ] && [ -s "$err_file" ]; then
++ if [ -x /usr/bin/konsole ]; then
++ /usr/bin/konsole --hold --caption "Error from Antiword" -e more "$err_file"
++ else
++ /usr/bin/X11/xterm -T "Error from Antiword" -e less "$err_file"
++ fi
++ fi
++ # Clean up
++ rm -f "$out_file" "$err_file" "$txt_file"
++ exit 1
+ fi
+
+-# Show the PostScript file
+-gv "$out_file" -nocentre -media $paper_size
++# Show the PDF file
++if [ "$ext" = "pdf" -a -x /usr/bin/kpdf ]; then
++ /usr/bin/kpdf "$out_file"
++elif [ "$ext" = "pdf" -a -x /usr/bin/xpdf ]; then
++ /usr/bin/xpdf "$out_file" -paper=$paper_size
++elif [ -x /usr/bin/gv ]; then
++ /usr/bin/gv "$out_file" --nocenter --media=$paper_size
++else
++ # no viewer available, so display as plain text
++ antiword $mapping "$@" 2>"$err_file" >"$txt_file"
++ if [ -x /usr/bin/konsole ]; then
++ /usr/bin/konsole --hold --caption "Text output from Antiword" -e more "$txt_file"
++ else
++ /usr/bin/X11/xterm -T "Text output from Antiword" -e less "$txt_file"
++ fi
++fi
+
+ # Clean up
+-rm -f "$out_file" "$err_file"
++rm -f "$out_file" "$err_file" "$txt_file"
+ exit 0
diff --git a/office/antiword/40_desktop_files.patch b/office/antiword/40_desktop_files.patch
new file mode 100644
index 000000000000..c78bcc64cc5d
--- /dev/null
+++ b/office/antiword/40_desktop_files.patch
@@ -0,0 +1,50 @@
+Description: Extend desktop files
+Author: <eriks@debian.org>
+Last-Update: 2009-06-04
+
+diff -urNad antiword-0.37~/Unix-only/KDE3-only/Antiword.desktop.eu antiword-0.37/Unix-only/KDE3-only/Antiword.desktop.eu
+--- antiword-0.37~/Unix-only/KDE3-only/Antiword.desktop.eu 2001-07-08 20:45:44.000000000 +0200
++++ antiword-0.37/Unix-only/KDE3-only/Antiword.desktop.eu 2009-06-04 10:03:59.508015784 +0200
+@@ -1,8 +1,16 @@
+ [Desktop Entry]
++Encoding=UTF-8
+ BinaryPattern=kantiword;Kantiword
+-MimeType=application/msword
+-Name=Antiword
++Comment=*.doc Dateien per Drag&Drop auf das Icon anzeigen
++Comment[de]=*.doc Dateien per Drag&Drop auf das Icon anzeigen
++Comment[en]=displays *.doc files via drag'n'drop on this icon
+ Exec=kantiword a4 "%f"
++GenericName=Anzeige für MS-Word-Dokument
++GenericName[de]=Anzeige für MS-Word-Dokument
++GenericName[en]=MS-Word document viewer
+ Icon=antiword
++MimeType=application/msword
++Name=Kantiword
++StartupNotify=false
++Terminal=false
+ Type=Application
+-Terminal=0
+diff -urNad antiword-0.37~/Unix-only/KDE3-only/Antiword.desktop.us antiword-0.37/Unix-only/KDE3-only/Antiword.desktop.us
+--- antiword-0.37~/Unix-only/KDE3-only/Antiword.desktop.us 2001-07-08 20:45:54.000000000 +0200
++++ antiword-0.37/Unix-only/KDE3-only/Antiword.desktop.us 2009-06-04 10:03:59.508015784 +0200
+@@ -1,8 +1,16 @@
+ [Desktop Entry]
++Encoding=UTF-8
+ BinaryPattern=kantiword;Kantiword
+-MimeType=application/msword
+-Name=Antiword
++Comment=*.doc Dateien per Drag&Drop auf das Icon anzeigen
++Comment[de]=*.doc Dateien per Drag&Drop auf das Icon anzeigen
++Comment[en]=displays *.doc files via drag'n'drop on this icon
+ Exec=kantiword letter "%f"
++GenericName=Anzeige für MS-Word-Dokument
++GenericName[de]=Anzeige für MS-Word-Dokument
++GenericName[en]=MS-Word document viewer
+ Icon=antiword
++MimeType=application/msword
++Name=Kantiword
++StartupNotify=false
++Terminal=false
+ Type=Application
+-Terminal=0
diff --git a/office/antiword/50_antiword-manpage-hyphen-to-minus.patch b/office/antiword/50_antiword-manpage-hyphen-to-minus.patch
new file mode 100644
index 000000000000..cc4fd9de4b17
--- /dev/null
+++ b/office/antiword/50_antiword-manpage-hyphen-to-minus.patch
@@ -0,0 +1,15 @@
+Description: Fix hyphen in antiword.1 to be a minus
+Author: Olly Betts <olly@survex.com>
+Last-Update: 2011-11-26
+
+--- antiword-0.37.orig/Docs/antiword.1
++++ antiword-0.37/Docs/antiword.1
+@@ -108,7 +108,7 @@ file that cannot be opened for reading.
+ Antiword uses the environment variable ``ANTIWORDHOME'' as the first directory
+ to look for its files. Antiword uses the environment variable ``HOME'' to find
+ the user's home directory. When in text mode it uses the variable ``COLUMNS''
+-to set the width of the output (unless overridden by the -w option).
++to set the width of the output (unless overridden by the \-w option).
+
+ Antiword uses the environment variables ``LC_ALL'', ``LC_CTYPE'' and ``LANG''
+ (in that order) to get the current locale and uses this information to
diff --git a/office/antiword/antiword.SlackBuild b/office/antiword/antiword.SlackBuild
index d30a01d72de5..79253ffcf7e7 100644
--- a/office/antiword/antiword.SlackBuild
+++ b/office/antiword/antiword.SlackBuild
@@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PRGNAM=antiword
VERSION=${VERSION:-0.37}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
TAG=${TAG:-_SBo}
PKGTYPE=${PKGTYPE:-tgz}
@@ -73,6 +73,17 @@ cd $TMP
rm -rf $PRGNAM-$VERSION
tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
cd $PRGNAM-$VERSION
+
+# apply some patches from debian
+# see https://framagit.org/medoc92/recoll-antiword
+patch -p1 < $CWD/10_fix_buffer_overflow_wordole_c.patch
+patch -p1 < $CWD/30_kantiword.patch
+patch -p1 < $CWD/40_desktop_files.patch
+patch -p1 < $CWD/50_antiword-manpage-hyphen-to-minus.patch
+patch -p1 < $CWD/docx.patch
+patch -p1 < $CWD/remove-cjb.net-references.patch
+patch -p1 < $CWD/use-snprintf.patch
+
chown -R root:root .
find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
diff --git a/office/antiword/docx.patch b/office/antiword/docx.patch
new file mode 100644
index 000000000000..5521070d1f90
--- /dev/null
+++ b/office/antiword/docx.patch
@@ -0,0 +1,182 @@
+Description: Try to reduce confusion around docx files
+ Now also checks for XML files and HTML files
+Author: Olly Betts <olly@survex.com>
+Bug-Debian: https://bugs.debian.org/758959
+Bug-Debian: https://bugs.debian.org/791532
+Forwarded: no
+Last-Update: 2015-01-11
+
+--- a/Docs/antiword.1
++++ b/Docs/antiword.1
+@@ -14,7 +14,11 @@
+ .br
+ A wordfile named - stands for a Word document read from the standard input.
+ .br
+-Only documents made by MS Word version 2 and version 6 or later are supported.
++Only the binary format documents made by MS Word version 2, 6, 7, 97, 2000 and
++2003 are supported. Newer Word versions default to using a completely
++different format consisting of XML files in a ZIP container (usually with a
++".docx" file extension) which antiword doesn't support. It also doesn't
++support the "flat" XML format which MS Word 2003 supported.
+ .SH OPTIONS
+ .TP
+ .BI "\-a " papersize
+--- a/antiword.h
++++ b/antiword.h
+@@ -695,6 +695,9 @@
+ extern BOOL bIsWordForDosFile(FILE *, long);
+ extern BOOL bIsRtfFile(FILE *);
+ extern BOOL bIsWordPerfectFile(FILE *);
++extern BOOL bIsZipFile(FILE *);
++extern BOOL bIsXMLFile(FILE *);
++extern BOOL bIsHTMLFile(FILE *);
+ extern BOOL bIsWinWord12File(FILE *, long);
+ extern BOOL bIsMacWord45File(FILE *);
+ extern int iGuessVersionNumber(FILE *, long);
+--- a/main_u.c
++++ b/main_u.c
+@@ -187,10 +187,29 @@
+ werr(0, "%s is not a Word Document."
+ " It is probably a Rich Text Format file",
+ szFilename);
+- } if (bIsWordPerfectFile(pFile)) {
++ } else if (bIsWordPerfectFile(pFile)) {
+ werr(0, "%s is not a Word Document."
+ " It is probably a Word Perfect file",
+ szFilename);
++ } else if (bIsZipFile(pFile)) {
++ werr(0, "%s is not a Word Document."
++ " It seems to be a ZIP file, so is probably"
++ " an OpenDocument file, or a \"docx\" file"
++ " from MS Word 2007 or newer"
++ " (antiword only handles binary format"
++ " documents from MS Word 2003 and earlier)",
++ szFilename);
++ } else if (bIsXMLFile(pFile)) {
++ werr(0, "%s is not a Word Document."
++ " It seems to be an XML file, perhaps"
++ " the XML format from MS Word 2003"
++ " (antiword only handles binary format"
++ " documents from MS Word 2003 and earlier)",
++ szFilename);
++ } else if (bIsHTMLFile(pFile)) {
++ werr(0, "%s is not a Word Document."
++ " It is probably an HTML file",
++ szFilename);
+ } else {
+ #if defined(__dos)
+ werr(0, "%s is not a Word Document or the filename"
+--- a/wordlib.c
++++ b/wordlib.c
+@@ -41,7 +41,7 @@
+ BOOL
+ bIsWordForDosFile(FILE *pFile, long lFilesize)
+ {
+- static UCHAR aucBytes[] =
++ static const UCHAR aucBytes[] =
+ { 0x31, 0xbe, 0x00, 0x00, 0x00, 0xab }; /* Word for DOS */
+
+ DBG_MSG("bIsWordForDosFile");
+@@ -64,7 +64,7 @@
+ static BOOL
+ bIsWordFileWithOLE(FILE *pFile, long lFilesize)
+ {
+- static UCHAR aucBytes[] =
++ static const UCHAR aucBytes[] =
+ { 0xd0, 0xcf, 0x11, 0xe0, 0xa1, 0xb1, 0x1a, 0xe1 };
+ int iTailLen;
+
+@@ -108,7 +108,7 @@
+ BOOL
+ bIsRtfFile(FILE *pFile)
+ {
+- static UCHAR aucBytes[] =
++ static const UCHAR aucBytes[] =
+ { '{', '\\', 'r', 't', 'f', '1' };
+
+ DBG_MSG("bIsRtfFile");
+@@ -122,7 +122,7 @@
+ BOOL
+ bIsWordPerfectFile(FILE *pFile)
+ {
+- static UCHAR aucBytes[] =
++ static const UCHAR aucBytes[] =
+ { 0xff, 'W', 'P', 'C' };
+
+ DBG_MSG("bIsWordPerfectFile");
+@@ -131,13 +131,65 @@
+ } /* end of bIsWordPerfectFile */
+
+ /*
++ * This function checks whether the given file is or is not a ZIP file
++ */
++BOOL
++bIsZipFile(FILE *pFile)
++{
++ static const UCHAR aucBytes[] =
++ { 'P', 'K', 0x03, 0x04 };
++
++ DBG_MSG("bIsZipFile");
++
++ return bCheckBytes(pFile, aucBytes, elementsof(aucBytes));
++} /* end of bIsZipFile */
++
++/*
++ * This function checks whether the given file is or is not a XML file
++ */
++BOOL
++bIsXMLFile(FILE *pFile)
++{
++ static const UCHAR aucBytes[] =
++ { '<', '?', 'x', 'm', 'l' };
++
++ DBG_MSG("bIsXMLFile");
++
++ return bCheckBytes(pFile, aucBytes, elementsof(aucBytes));
++} /* end of bIsXMLFile */
++
++/*
++ * This function checks whether the given file is or is not a HTML file
++ */
++BOOL
++bIsHTMLFile(FILE *pFile)
++{
++ static const UCHAR aucBytes[2][5] = {
++ { '<', 'h', 't', 'm', 'l' },
++ { '<', 'H', 'T', 'M', 'L' },
++ };
++ int iIndex;
++
++ DBG_MSG("bIsHTMLFile");
++
++ for (iIndex = 0; iIndex < (int)elementsof(aucBytes); iIndex++) {
++ if (bCheckBytes(pFile,
++ aucBytes[iIndex],
++ elementsof(aucBytes[iIndex]))) {
++ return TRUE;
++ }
++ }
++ return FALSE;
++} /* end of bIsHTMLFile */
++
++/*
+ * This function checks whether the given file is or is not a "Win Word 1 or 2"
+ * document
+ */
+ BOOL
+ bIsWinWord12File(FILE *pFile, long lFilesize)
+ {
+- static UCHAR aucBytes[2][4] = {
++ static const UCHAR aucBytes[2][4] = {
+ { 0x9b, 0xa5, 0x21, 0x00 }, /* Win Word 1.x */
+ { 0xdb, 0xa5, 0x2d, 0x00 }, /* Win Word 2.0 */
+ };
+@@ -171,7 +223,7 @@
+ BOOL
+ bIsMacWord45File(FILE *pFile)
+ {
+- static UCHAR aucBytes[2][6] = {
++ static const UCHAR aucBytes[2][6] = {
+ { 0xfe, 0x37, 0x00, 0x1c, 0x00, 0x00 }, /* Mac Word 4 */
+ { 0xfe, 0x37, 0x00, 0x23, 0x00, 0x00 }, /* Mac Word 5 */
+ };
diff --git a/office/antiword/remove-cjb.net-references.patch b/office/antiword/remove-cjb.net-references.patch
new file mode 100644
index 000000000000..5c6b4e74c4d1
--- /dev/null
+++ b/office/antiword/remove-cjb.net-references.patch
@@ -0,0 +1,40 @@
+Description: Remove cjb.net references
+ The domain has been let lapse and is now a holding page.
+Author: Olly Betts <olly@survex.com>
+Forwarded: no
+Last-Update: 2016-01-11
+
+--- antiword-0.37.orig/Docs/ReadMe
++++ antiword-0.37/Docs/ReadMe
+@@ -101,7 +101,6 @@ Most recent version
+
+ Most recent version of Antiword can be found on the author's website:
+ ==>> http://www.winfield.demon.nl/index.html <<==
+-==>> http://antiword.cjb.net/ <<==
+
+
+ Author
+@@ -109,6 +108,5 @@ Author
+
+ The author can be reached by e-mail:
+ antiword@winfield.demon.nl
+-comments@antiword.cjb.net
+
+ But PLEASE read the FAQ before you write!!
+--- antiword-0.37.orig/Docs/antiword.1
++++ antiword-0.37/Docs/antiword.1
+@@ -125,14 +125,8 @@ PostScript output is only available in I
+ The most recent released version of Antiword is always available from:
+ .br
+ http://www.winfield.demon.nl/index.html
+-.br
+-or try
+-.br
+-http://antiword.cjb.net/
+ .SH AUTHOR
+ Adri van Os <antiword@winfield.demon.nl>
+-.br
+-or try <comments@antiword.cjb.net>
+ .sp
+ R.F. Smith <rsmith@xs4all.nl> and
+ .br
diff --git a/office/antiword/use-snprintf.patch b/office/antiword/use-snprintf.patch
new file mode 100644
index 000000000000..b0787fb27a01
--- /dev/null
+++ b/office/antiword/use-snprintf.patch
@@ -0,0 +1,36 @@
+Description: Use snprintf
+ Use snprintf() when converting dates to strings to make completely sure we
+ can't overrun the buffer.
+Author: Olly Betts <olly@survex.com>
+Forwarded: no
+Last-Update: 2018-11-29
+
+--- antiword-0.37.orig/summary.c
++++ antiword-0.37/summary.c
+@@ -729,7 +729,7 @@ szGetLastSaveDtm(void)
+ if (pTime == NULL) {
+ return NULL;
+ }
+- sprintf(szTime, "%04d-%02d-%02d",
++ snprintf(szTime, sizeof(szTime), "%04d-%02d-%02d",
+ pTime->tm_year + 1900, pTime->tm_mon + 1, pTime->tm_mday);
+ return szTime;
+ } /* end of szGetLastSaveDtm */
+@@ -750,7 +750,7 @@ szGetModDate(void)
+ if (pTime == NULL) {
+ return NULL;
+ }
+- sprintf(szTime, "D:%04d%02d%02d%02d%02d",
++ snprintf(szTime, sizeof(szTime), "D:%04d%02d%02d%02d%02d",
+ pTime->tm_year + 1900, pTime->tm_mon + 1, pTime->tm_mday,
+ pTime->tm_hour, pTime->tm_min);
+ return szTime;
+@@ -772,7 +772,7 @@ szGetCreationDate(void)
+ if (pTime == NULL) {
+ return NULL;
+ }
+- sprintf(szTime, "D:%04d%02d%02d%02d%02d",
++ snprintf(szTime, sizeof(szTime), "D:%04d%02d%02d%02d%02d",
+ pTime->tm_year + 1900, pTime->tm_mon + 1, pTime->tm_mday,
+ pTime->tm_hour, pTime->tm_min);
+ return szTime;