From 7f8145481d3bde072d47903decc0e98ede2fdc6c Mon Sep 17 00:00:00 2001
From: Erwin Lansing <erwin@FreeBSD.org>
Date: Fri, 28 Jan 2005 13:51:10 +0000
Subject: Fix latest and greatest xpdf vulnerability: makeFileKey2() buffer
 overflow

---
 textproc/pdftohtml/files/patch-src-XRef.cc | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 textproc/pdftohtml/files/patch-src-XRef.cc

(limited to 'textproc/pdftohtml/files/patch-src-XRef.cc')

diff --git a/textproc/pdftohtml/files/patch-src-XRef.cc b/textproc/pdftohtml/files/patch-src-XRef.cc
new file mode 100644
index 000000000000..c352ea43448a
--- /dev/null
+++ b/textproc/pdftohtml/files/patch-src-XRef.cc
@@ -0,0 +1,12 @@
+--- xpdf/XRef.cc.orig	Wed Jun 25 00:41:27 2003
++++ xpdf/XRef.cc	Fri Jan 28 14:25:54 2005
+@@ -486,6 +486,9 @@
+ 	} else {
+ 	  keyLength = 5;
+ 	}
++	if (keyLength > 16) {
++	  keyLength = 16;
++	}
+ 	permFlags = permissions.getInt();
+ 	if (encVersion >= 1 && encVersion <= 2 &&
+ 	    encRevision >= 2 && encRevision <= 3) {
-- 
cgit v1.2.3