summaryrefslogtreecommitdiffstats
path: root/source/xap/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff
diff options
context:
space:
mode:
Diffstat (limited to 'source/xap/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff')
-rw-r--r--source/xap/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff55
1 files changed, 55 insertions, 0 deletions
diff --git a/source/xap/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff b/source/xap/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff
new file mode 100644
index 000000000..891c41fd3
--- /dev/null
+++ b/source/xap/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff
@@ -0,0 +1,55 @@
+From 3945969e0072217c143fefa3044512a31ac2afa8 Mon Sep 17 00:00:00 2001
+From: mancha <mancha1@hush.com>
+Date: Sun, 11 Aug 2013
+Subject: CVE-2012-2142
+
+Filter stuff that might end up in the shell to address CVE-2012-2142.
+This code was adapted from the Poppler project.
+---
+ Error.cc | 21 ++++++++++++++++-----
+ 1 file changed, 16 insertions(+), 5 deletions(-)
+
+--- a/xpdf/Error.cc 2013-08-11
++++ b/xpdf/Error.cc 2013-08-11
+@@ -43,7 +43,7 @@ void setErrorCallback(void (*cbk)(void *
+
+ void CDECL error(ErrorCategory category, int pos, const char *msg, ...) {
+ va_list args;
+- GString *s;
++ GString *s, *sanitized;
+
+ // NB: this can be called before the globalParams object is created
+ if (!errorCbk && globalParams && globalParams->getErrQuiet()) {
+@@ -52,17 +52,28 @@ void CDECL error(ErrorCategory category,
+ va_start(args, msg);
+ s = GString::formatv(msg, args);
+ va_end(args);
++
++ sanitized = new GString ();
++ for (int i = 0; i < s->getLength(); ++i) {
++ const char c = s->getChar(i);
++ if (c < (char)0x20 || c >= (char)0x7f) {
++ sanitized->appendf("<{0:02x}>", c & 0xff);
++ } else {
++ sanitized->append(c);
++ }
++ }
++
+ if (errorCbk) {
+- (*errorCbk)(errorCbkData, category, pos, s->getCString());
++ (*errorCbk)(errorCbkData, category, pos, sanitized->getCString());
+ } else {
+ if (pos >= 0) {
+ fprintf(stderr, "%s (%d): %s\n",
+- errorCategoryNames[category], pos, s->getCString());
++ errorCategoryNames[category], pos, sanitized->getCString());
+ } else {
+ fprintf(stderr, "%s: %s\n",
+- errorCategoryNames[category], s->getCString());
++ errorCategoryNames[category], sanitized->getCString());
+ }
+ fflush(stderr);
+ }
+- delete s;
++ delete sanitized;
+ }
generated by cgit v1.2.3 (git 2.26.2) at 2024-04-20 03:52:38 +0000