From 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sat, 14 Jul 2018 21:03:06 +0100
Subject: gentoo resync : 14.07.2018

---
 .../antiword/files/antiword-0.37-CVE-2014-8123.patch    | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch

(limited to 'app-text/antiword/files')

diff --git a/app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch b/app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch
new file mode 100644
index 000000000000..8b6baf9b2ca2
--- /dev/null
+++ b/app-text/antiword/files/antiword-0.37-CVE-2014-8123.patch
@@ -0,0 +1,17 @@
+index 8a95fb9..7797d1f 100644
+--- a/wordole.c
++++ b/wordole.c
+@@ -259,6 +259,11 @@ bGetPPS(FILE *pFile,
+ 		}
+ 		tNameSize = (size_t)usGetWord(0x40, aucBytes);
+ 		tNameSize = (tNameSize + 1) / 2;
++		if (tNameSize >= sizeof(atPPSlist[0].szName)) {
++			werr(0, "PPS %d appears to be invalid.", iIndex);
++			atPPSlist = xfree(atPPSlist);
++			return FALSE;
++		}
+ 		vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize);
+ 		atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes);
+ 		if (atPPSlist[iIndex].ucType == 5) {
+-- 
+2.1.2
-- 
cgit v1.2.3