1 files changed, 0 insertions, 36 deletions

diff --git a/source/l/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch b/source/l/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch
deleted file mode 100644
index c6bd017c2..000000000
--- a/source/l/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch
+++ /dev/null
@@ -1,36 +0,0 @@
---- libwmf-0.2.8.4/src/player.c
-+++ libwmf-0.2.8.4/src/player.c
-@@ -139,8 +139,31 @@
- 		WMF_DEBUG (API,"bailing...");
- 		return (API->err);
- 	}
--	
-- 	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
-+
-+	U32 nMaxRecordSize = (MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char);
-+	if (nMaxRecordSize)
-+	{
-+		//before allocating memory do a sanity check on size by seeking
-+		//to claimed end to see if its possible. We're constrained here
-+		//by the api and existing implementations to not simply seeking
-+		//to SEEK_END. So use what we have to skip to the last byte and
-+		//try and read it.
-+		const long nPos = WMF_TELL (API);
-+		WMF_SEEK (API, nPos + nMaxRecordSize - 1);
-+		if (ERR (API))
-+		{	WMF_DEBUG (API,"bailing...");
-+			return (API->err);
-+		}
-+		int byte = WMF_READ (API);
-+		if (byte == (-1))
-+		{	WMF_ERROR (API,"Unexpected EOF!");
-+		       	API->err = wmf_E_EOF;
-+		       	return (API->err);
-+		}
-+		WMF_SEEK (API, nPos);
-+	}
-+
-+ 	P->Parameters = (unsigned char*) wmf_malloc (API, nMaxRecordSize);
- 
- 	if (ERR (API))
- 	{	WMF_DEBUG (API,"bailing...");