From 086802c88bb2c14d6abd4afe54fec8ea39923bc6 Mon Sep 17 00:00:00 2001 From: David Tardon Date: Fri, 31 Jul 2015 20:48:42 +0200 Subject: [PATCH] Resolves: rhbz#1248443 unbounded heap allocation --- ...bz-1248443-unbounded-heap-allocation.patch | 25 +++++++++++++++++++ librevenge.spec | 2 ++ 2 files changed, 27 insertions(+) create mode 100644 0001-rhbz-1248443-unbounded-heap-allocation.patch diff --git a/0001-rhbz-1248443-unbounded-heap-allocation.patch b/0001-rhbz-1248443-unbounded-heap-allocation.patch new file mode 100644 index 0000000..b5f037d --- /dev/null +++ b/0001-rhbz-1248443-unbounded-heap-allocation.patch @@ -0,0 +1,25 @@ +From 111c0f374ae8f9c4d2183fb9e826d7084c85488f Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Fri, 31 Jul 2015 17:58:29 +0200 +Subject: [PATCH] rhbz#1248443 unbounded heap allocation + +--- + src/lib/RVNGOLEStream.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/lib/RVNGOLEStream.cpp b/src/lib/RVNGOLEStream.cpp +index 89055f7..c75b135 100644 +--- a/src/lib/RVNGOLEStream.cpp ++++ b/src/lib/RVNGOLEStream.cpp +@@ -755,6 +755,8 @@ bool librevenge::Header::valid(const unsigned long fileSize) + if (m_threshold != 4096) return false; + // there must be at least the header, one bat sector and one dirent sector in the file + if ((fileSize / m_size_bbat) < 3) return false; ++ // sectors must fit into the file ++ if ((fileSize / m_size_bbat) < m_num_mbat) return false; + if (m_num_bat == 0) return false; + if ((m_num_bat > 109) && (m_num_bat > (m_num_mbat * (m_size_bbat/4-1)) + 109)) return false; + if ((m_num_bat < 109) && (m_num_mbat != 0)) return false; +-- +2.1.0 + diff --git a/librevenge.spec b/librevenge.spec index e905e81..1bffd0a 100644 --- a/librevenge.spec +++ b/librevenge.spec @@ -15,6 +15,8 @@ BuildRequires: doxygen BuildRequires: pkgconfig(cppunit) BuildRequires: pkgconfig(zlib) +Patch0: 0001-rhbz-1248443-unbounded-heap-allocation.patch + %description %{name} is a base library for writing document import filters. It has interfaces for text documents, vector graphics, spreadsheets and