You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1.2 KiB
39 lines
1.2 KiB
Description: CVE-2017-7378
|
|
Acked-By: Mattia Rizzolo <mattia@debian.org>
|
|
Last-Update: 2017-05-17
|
|
Origin: https://sourceforge.net/p/podofo/code/1847
|
|
Bug-Debian: https://bugs.debian.org/859330
|
|
|
|
--- a/src/doc/PdfPainter.cpp
|
|
+++ b/src/doc/PdfPainter.cpp
|
|
@@ -1938,16 +1938,27 @@
|
|
const pdf_utf16be cTab = 0x0900;
|
|
const pdf_utf16be cSpace = 0x2000;
|
|
|
|
+ if( lStringLen == -1 )
|
|
+ lStringLen = rsString.GetCharacterLength();
|
|
+
|
|
+ if (lStringLen > rsString.GetCharacterLength())
|
|
+ {
|
|
+ PdfError::DebugMessage( "Requested to expand tabs in string of %" PDF_FORMAT_INT64 " chars, while it has only %" PDF_FORMAT_INT64 "; correcting the value\n",
|
|
+ static_cast<pdf_int64>( lStringLen ), static_cast<pdf_int64>( rsString.GetCharacterLength() ) );
|
|
+
|
|
+ lStringLen = rsString.GetCharacterLength();
|
|
+ }
|
|
+
|
|
// count the number of tabs in the string
|
|
if( bUnicode )
|
|
{
|
|
- for( i=0;i<=lStringLen;i++ )
|
|
+ for( i=0;i<lStringLen;i++ )
|
|
if( rsString.GetUnicode()[i] == cTab )
|
|
++nTabCnt;
|
|
}
|
|
else
|
|
{
|
|
- for( i=0;i<=lStringLen;i++ )
|
|
+ for( i=0;i<lStringLen;i++ )
|
|
if( rsString.GetString()[i] == '\t' )
|
|
++nTabCnt;
|
|
}
|