Fix yet another buffer overflow in imported xpdf sources.

References:

http://www.koffice.org/security/advisory-20050120-1.txt

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064
http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities

2 files changed, 16 insertions, 1 deletions

diff --git a/editors/koffice-kde4/Makefile b/editors/koffice-kde4/Makefile
index 3b6102eac61a..b5ec778f3223 100644
--- a/editors/koffice-kde4/Makefile
+++ b/editors/koffice-kde4/Makefile
@@ -8,7 +8,7 @@
 
 PORTNAME=	koffice
 PORTVERSION=	1.3.5
-PORTREVISION=	1
+PORTREVISION=	2
 PORTEPOCH=	1
 CATEGORIES=	editors kde
 MASTER_SITES=	${MASTER_SITE_KDE}
diff --git a/editors/koffice-kde4/files/patch-post-1.3.5-koffice.diff b/editors/koffice-kde4/files/patch-post-1.3.5-koffice.diff
new file mode 100644
index 000000000000..4635b7562fac
--- /dev/null
+++ b/editors/koffice-kde4/files/patch-post-1.3.5-koffice.diff
@@ -0,0 +1,15 @@
+--- filters/kword/pdf/xpdf/xpdf/XRef.cc	30 Oct 2004 16:35:33 -0000	1.6
++++ filters/kword/pdf/xpdf/xpdf/XRef.cc	20 Jan 2005 17:36:38 -0000	1.8
+@@ -501,6 +501,12 @@ GBool XRef::checkEncrypted(GString *owne
+ 	} else {
+ 	  keyLength = 5;
+ 	}
++	if (keyLength < 1) {
++	  keyLength = 1;
++	}
++	if (keyLength > 16) {
++	  keyLength = 16;
++	}
+ 	permFlags = permissions.getInt();
+ 	if (encVersion >= 1 && encVersion <= 2 &&
+ 	    encRevision >= 2 && encRevision <= 3) {