nixpkgs-suyu/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch
Robert Scott e6889d46e0 poppler_0_61: add patch for CVE-2019-9959
custom adapted patch to accommodate the openjpeg1/openjpeg2 split that
0.61 still has
2019-10-12 14:35:01 +01:00

20 lines
715 B
Diff

diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
--- a/poppler/JPEG2000Stream.cc
+++ b/poppler/JPEG2000Stream.cc
@@ -201,7 +201,7 @@ void JPXStream::init()
if (getDict()) smaskInData = getDict()->lookup("SMaskInData");
int bufSize = BUFFER_INITIAL_SIZE;
- if (oLen.isInt()) bufSize = oLen.getInt();
+ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
if (cspace.isArray() && cspace.arrayGetLength() > 0) {
@@ -365,7 +365,7 @@ void JPXStream::init()
}
int bufSize = BUFFER_INITIAL_SIZE;
- if (oLen.isInt()) bufSize = oLen.getInt();
+ if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
if (cspace.isArray() && cspace.arrayGetLength() > 0) {