app-text/xpdf/files/xpdf-CVE-2019-17064.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

Fix CVE-2019-17064

Fix NULL pointer dereference by initializing field before use.
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890#p42672

diff '--color=auto' -Naurd xpdf-4.02.orig/xpdf/Catalog.cc xpdf-4.02/xpdf/Catalog.cc
--- xpdf-4.02.orig/xpdf/Catalog.cc	2019-09-25 22:54:33.000000000 +0300
+++ xpdf-4.02/xpdf/Catalog.cc	2020-03-01 12:05:43.235486706 +0300
@@ -159,6 +159,7 @@
   baseURI = NULL;
   form = NULL;
   embeddedFiles = NULL;
+  pageLabels = NULL;
 #if MULTITHREADED
   gInitMutex(&pageMutex);
 #endif
@@ -241,7 +242,6 @@
   // get the ViewerPreferences object
   catDict.dictLookupNF("ViewerPreferences", &viewerPrefs);
 
-  pageLabels = NULL;
   if (catDict.dictLookup("PageLabels", &obj)->isDict()) {
     readPageLabelTree(&obj);
   }