packages/qpdf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qpdf/CVE-2022-34503.patch
starlet-dx e57c30a312 Fix CVE-2022-34503 
(cherry picked from commit 768dcaacd1fda3b846e73aa4ed80678d21f6d92e)
2024-08-06 09:08:11 +08:00

34 lines
1.1 KiB
Diff
Raw Permalink Blame History

From 674dafd5a778643f103fff4d5ff1b140db293a59 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Mon, 5 Aug 2024 17:05:58 +0800
Subject: [PATCH 1/1] heap-buffer-overflow in QPDF::processXRefStream found by ASAN
Origin:
https://github.com/qpdf/qpdf/issues/701
https://bugzilla.suse.com/show_bug.cgi?id=1201830#c5
---
libqpdf/QPDF.cc | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
index c1e30e0..9313588 100644
--- a/libqpdf/QPDF.cc
+++ b/libqpdf/QPDF.cc
@@ -1014,6 +1014,13 @@ QPDF::processXRefStream(qpdf_offset_t xref_offset, QPDFObjectHandle& xref_obj)
"Cross-reference stream's /W contains"
" impossibly large values");
}
+ if (W[i] < 0)
+ {
+ throw QPDFExc(qpdf_e_damaged_pdf, this->m->file->getName(),
+ "xref stream", xref_offset,
+ "Cross-reference stream's /W contains"
+ " negative values");
+ }
entry_size += W[i];
}
if (entry_size == 0)
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink