diff options
Diffstat (limited to 'repo/djvulibre/djvulibre-3.5.27-out-of-bound-write-2.patch')
| -rw-r--r-- | repo/djvulibre/djvulibre-3.5.27-out-of-bound-write-2.patch | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/repo/djvulibre/djvulibre-3.5.27-out-of-bound-write-2.patch b/repo/djvulibre/djvulibre-3.5.27-out-of-bound-write-2.patch new file mode 100644 index 0000000..f2fae47 --- /dev/null +++ b/repo/djvulibre/djvulibre-3.5.27-out-of-bound-write-2.patch @@ -0,0 +1,14 @@ +diff --git a/libdjvu/DjVuText.cpp b/libdjvu/DjVuText.cpp +index 60a4f39..b11df7b 100644 +--- a/libdjvu/DjVuText.cpp ++++ b/libdjvu/DjVuText.cpp +@@ -345,7 +345,8 @@ DjVuTXT::decode(const GP<ByteStream> &gbs) + int textsize = bs.read24(); + char *buffer = textUTF8.getbuf(textsize); + int readsize = bs.read(buffer,textsize); +- buffer[readsize] = 0; ++ if (buffer) ++ buffer[readsize] = 0; + if (readsize < textsize) + G_THROW( ERR_MSG("DjVuText.corrupt_chunk") ); + // Try reading zones |