Merge pull request #6730 from Hoshpak/libmwaw-security

libmwaw: add CVE-2017-9433.patch
2017-06-15 00:50:16 -04:00 · 2017-06-15 00:50:16 -04:00 · de0d0e1645
parent 728af39310 909f87a4c7
commit de0d0e1645
2 changed files with 12 additions and 1 deletions
--- a/srcpkgs/libmwaw/patches/CVE-2017-9433.patch
+++ b/srcpkgs/libmwaw/patches/CVE-2017-9433.patch
@ -0,0 +1,11 @@
+--- src/lib/MsWrd1Parser.cxx
+++ src/lib/MsWrd1Parser.cxx
+@@ -902,7 +902,7 @@
+     int id = fIt++->second;
+     fPos[1] = fIt==footnoteMap.end() ? m_state->m_eot : fIt->first;
+     if (id >= int(m_state->m_footnotesList.size()))
+-      m_state->m_footnotesList.resize(size_t(id),MWAWVec2l(0,0));
+      m_state->m_footnotesList.resize(size_t(id)+1,MWAWVec2l(0,0));
+     m_state->m_footnotesList[size_t(id)]=fPos;
+   }
+   ascii().addDelimiter(input->tell(),'|');
--- a/srcpkgs/libmwaw/template
+++ b/srcpkgs/libmwaw/template
@ -1,7 +1,7 @@
 # Template file for 'libmwaw'
 pkgname=libmwaw
 version=0.3.11
-revision=1
+revision=2
 build_style=gnu-configure
 hostmakedepends="pkg-config doxygen"
 makedepends="boost-devel zlib-devel librevenge-devel"