gentoo resync : 14.07.2018

author: V3n3RiX <venerix@redcorelinux.org> 2018-07-14 21:03:06 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2018-07-14 21:03:06 +0100
commit: 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch)
tree: 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /app-text/antiword/files
parent: 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch b/app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch
new file mode 100644
index 000000000000..8b6baf9b2ca2
--- /dev/null
+++ b/app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch
@@ -0,0 +1,17 @@
+index 8a95fb9..7797d1f 100644
+--- a/wordole.c
++++ b/wordole.c
+@@ -259,6 +259,11 @@ bGetPPS(FILE *pFile,
+ 		}
+ 		tNameSize = (size_t)usGetWord(0x40, aucBytes);
+ 		tNameSize = (tNameSize + 1) / 2;
++		if (tNameSize >= sizeof(atPPSlist[0].szName)) {
++			werr(0, "PPS %d appears to be invalid.", iIndex);
++			atPPSlist = xfree(atPPSlist);
++			return FALSE;
++		}
+ 		vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize);
+ 		atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes);
+ 		if (atPPSlist[iIndex].ucType == 5) {
+-- 
+2.1.2
author	V3n3RiX <venerix@redcorelinux.org>	2018-07-14 21:03:06 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2018-07-14 21:03:06 +0100
commit	8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch)
tree	7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /app-text/antiword/files
parent	30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff)