This commit was manufactured by cvs2svn to create tag 'RELEASE_7_2_0'.release/7.2.0

author: cvs2svn <cvs2svn@FreeBSD.org> 2009-04-28 21:27:54 +0000
committer: cvs2svn <cvs2svn@FreeBSD.org> 2009-04-28 21:27:54 +0000
commit: b6bb8c3d3a17625aa826094130b3d84530b6dae4 (patch)
tree: f2de4a4d4b2f5c3fcbd1ee2ea6cce6d571bfb5f7 /textproc/pdftohtml/files/patch-cve-2007-3387
parent: - Fix PLIST (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/textproc/pdftohtml/files/patch-cve-2007-3387 b/textproc/pdftohtml/files/patch-cve-2007-3387
new file mode 100644
index 000000000000..573487ee06df
--- /dev/null
+++ b/textproc/pdftohtml/files/patch-cve-2007-3387
@@ -0,0 +1,22 @@
+--- xpdf/Stream.cc.orig	2009-04-29 01:11:24.000000000 +0400
++++ xpdf/Stream.cc	2009-04-29 01:15:47.000000000 +0400
+@@ -33,6 +33,7 @@
+ #include "JBIG2Stream.h"
+ #include "JPXStream.h"
+ #include "Stream-CCITT.h"
++#include "Function.h"
+ 
+ #ifdef __DJGPP__
+ static GBool setDJSYSFLAGS = gFalse;
+@@ -417,8 +418,9 @@
+   ok = gFalse;
+ 
+   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+-      nComps >= INT_MAX/nBits ||
+-      width >= INT_MAX/nComps/nBits) {
++      nComps > funcMaxOutputs || nBits > 16 ||
++      width >= INT_MAX / nComps ||
++      nVals >= (INT_MAX - 7) / nBits) {
+     return;
+   }
+   nVals = width * nComps;
author	cvs2svn <cvs2svn@FreeBSD.org>	2009-04-28 21:27:54 +0000
committer	cvs2svn <cvs2svn@FreeBSD.org>	2009-04-28 21:27:54 +0000
commit	b6bb8c3d3a17625aa826094130b3d84530b6dae4 (patch)
tree	f2de4a4d4b2f5c3fcbd1ee2ea6cce6d571bfb5f7 /textproc/pdftohtml/files/patch-cve-2007-3387
parent	- Fix PLIST (diff)