Avoid stack overflow in DjVuPort

by remembering which file we are opening Resolves: #1943411, #1943685
4 years ago · fc359410f7
parent 439dfebe00
commit fc359410f7
2 changed files with 43 additions and 1 deletions
--- a/djvulibre-3.5.27-djvuport-stack-overflow.patch
+++ b/djvulibre-3.5.27-djvuport-stack-overflow.patch
@ -0,0 +1,36 @@
+diff --git a/libdjvu/DjVuPort.cpp b/libdjvu/DjVuPort.cpp
+index 2b3e0d2..ede7f6b 100644
+--- a/libdjvu/DjVuPort.cpp
+++ b/libdjvu/DjVuPort.cpp
+@@ -507,10 +507,19 @@ GP<DjVuFile>
+ DjVuPortcaster::id_to_file(const DjVuPort * source, const GUTF8String &id)
+ {
+    GPList<DjVuPort> list;
+
+   if (!!opening_id && opening_id == id)
+      G_THROW("DjVuPortcaster: recursive opening of the same file (corrupted file?)");
+   else
+      opening_id = id;
+
+    compute_closure(source, list, true);
+    GP<DjVuFile> file;
+    for(GPosition pos=list;pos;++pos)
+       if ((file=list[pos]->id_to_file(source, id))) break;
+
+   opening_id = GUTF8String();
+
+    return file;
+ }
+ 
+diff --git a/libdjvu/DjVuPort.h b/libdjvu/DjVuPort.h
+index e2b3125..313dc2b 100644
+--- a/libdjvu/DjVuPort.h
+++ b/libdjvu/DjVuPort.h
+@@ -484,6 +484,7 @@ private:
+                        const DjVuPort *dst, int distance);
+    void compute_closure(const DjVuPort *src, GPList<DjVuPort> &list,
+                         bool sorted=false);
+   GUTF8String opening_id;
+ };
+ 
+ 
--- a/djvulibre.spec
+++ b/djvulibre.spec
@ -3,7 +3,7 @@
 Summary: DjVu viewers, encoders, and utilities
 Name: djvulibre
 Version: 3.5.27
-Release: 26%{?dist}
+Release: 27%{?dist}
 License: GPLv2+
 URL: http://djvu.sourceforge.net/
 Source0: http://downloads.sourceforge.net/djvu/%{name}-%{version}.tar.gz
@ -18,6 +18,7 @@ Patch7: djvulibre-3.5.27-null-dereference.patch
 Patch8: djvulibre-3.5.27-check-image-size.patch
 Patch9: djvulibre-3.5.27-integer-overflow.patch
 Patch10: djvulibre-3.5.27-check-input-pool.patch
+Patch11: djvulibre-3.5.27-djvuport-stack-overflow.patch

 Requires(post): xdg-utils
 Requires(preun): xdg-utils
@ -80,6 +81,7 @@ Development files for DjVuLibre.
 %patch8 -p1 -b .check-image-size
 %patch9 -p1 -b .integer-overflow
 %patch10 -p1 -b .check-input-pool
+%patch11 -p1 -b .djvuport-stack-overflow


 %build 
@ -187,6 +189,10 @@ fi


 %changelog
+* Mon May 03 2021 Marek Kasik <mkasik@redhat.com> - 3.5.27-27
+- Avoid stack overflow in DjVuPort by remembering which file we are opening
+- Resolves: #1943411, #1943685
+
 * Mon May 03 2021 Marek Kasik <mkasik@redhat.com> - 3.5.27-26
 - Check input pool for NULL
 - Resolves: #1943410