autotrace/autotrace-0.31.1-CVE-2016-7392.patch
Jaroslav Škarvada eb3e392089 Enabled pstoedit backend
Fixed out of bounds write when using pstoedit backend
  Resolves: CVE-2016-7392
Fixed hardcoded version on source URL
Fixed bogus date in changelog (best effort)
2017-01-20 18:18:18 +01:00

17 lines
618 B
Diff

Subject: Fix heap-based buffer overflow in pstoedit_suffix_table_init
ID: CVE-2016-7392
Author: unknown (taken from DLA-621-1)
Bug-Debian: https://bugs.debian.org/837599
--- a/output-pstoedit.c
+++ b/output-pstoedit.c
@@ -84,7 +84,7 @@
dd_tmp = dd_start;
while (dd_tmp->symbolicname)
dd_tmp++;
- XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
+ XMALLOC(pstoedit_suffix_table, sizeof(char *) * (2 * (dd_tmp - dd_start) + 1));
#if defined (OUTPUT_PSTOEDIT_DEBUG) && defined(__GNUC__)
fprintf(stderr, "OUTPUT PSTOEDIT BACKEND DEBUG(%s)\n", __FUNCTION__);