Fix latest and greatest xpdf vulnerability: makeFileKey2() buffer overflow

author: Erwin Lansing <erwin@FreeBSD.org> 2005-01-28 13:51:10 +0000
committer: Erwin Lansing <erwin@FreeBSD.org> 2005-01-28 13:51:10 +0000
commit: 7f8145481d3bde072d47903decc0e98ede2fdc6c (patch)
tree: 0684ff481988f014e73b17953599ce5b0a0e7d37 /textproc
parent: Update to 1.08, assign maintainer to perl. (diff)
2 files changed, 13 insertions, 1 deletions
diff --git a/textproc/pdftohtml/Makefile b/textproc/pdftohtml/Makefile
index d81af18b8b08..c8a0501f5c70 100644
--- a/textproc/pdftohtml/Makefile
+++ b/textproc/pdftohtml/Makefile
@@ -8,7 +8,7 @@
 
 PORTNAME=	pdftohtml
 PORTVERSION=	0.36
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	textproc
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
diff --git a/textproc/pdftohtml/files/patch-src-XRef.cc b/textproc/pdftohtml/files/patch-src-XRef.cc
new file mode 100644
index 000000000000..c352ea43448a
--- /dev/null
+++ b/textproc/pdftohtml/files/patch-src-XRef.cc
@@ -0,0 +1,12 @@
+--- xpdf/XRef.cc.orig	Wed Jun 25 00:41:27 2003
++++ xpdf/XRef.cc	Fri Jan 28 14:25:54 2005
+@@ -486,6 +486,9 @@
+ 	} else {
+ 	  keyLength = 5;
+ 	}
++	if (keyLength > 16) {
++	  keyLength = 16;
++	}
+ 	permFlags = permissions.getInt();
+ 	if (encVersion >= 1 && encVersion <= 2 &&
+ 	    encRevision >= 2 && encRevision <= 3) {
author	Erwin Lansing <erwin@FreeBSD.org>	2005-01-28 13:51:10 +0000
committer	Erwin Lansing <erwin@FreeBSD.org>	2005-01-28 13:51:10 +0000
commit	7f8145481d3bde072d47903decc0e98ede2fdc6c (patch)
tree	0684ff481988f014e73b17953599ce5b0a0e7d37 /textproc
parent	Update to 1.08, assign maintainer to perl. (diff)