Sophie: t1lib-1:5.1.2-8mdv2010.1 src

t1lib-5.1.2-8mdv2010.1.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

--- t1lib-5.1.1.orig/debian/patches/cve-2007-4033.diff
+++ t1lib-5.1.1/debian/patches/cve-2007-4033.diff
@@ -0,0 +1,19 @@
+This patch fixes CVE-2007-4033.
+
+Index: t1lib-5.1.1/lib/t1lib/t1env.c
+===================================================================
+--- t1lib-5.1.1.orig/lib/t1lib/t1env.c	2008-01-05 19:08:50.000000000 +0100
++++ t1lib-5.1.1/lib/t1lib/t1env.c	2008-01-05 19:09:14.000000000 +0100
+@@ -611,6 +611,12 @@
+ #endif 
+     strcat( pathbuf, DIRECTORY_SEP);
+     /* And finally the filename: */
++    /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf
++       let's try next pathbuf */
++    if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) {
++	i++;
++    	continue;
++    }
+     strcat( pathbuf, StrippedName);
+     
+     /* Check for existence of the path: */