source:
trunk/server/common/patches/texlive-CVE-2010-1440.patch
@
1560
| Last change on this file since 1560 was 1557, checked in by adehnert, 13 years ago | |
|---|---|
| File size: 1.1 KB | |
-
tetex-src-3.0/texk/dvipsk/dospecial.c
old new void predospecial P2C(integer, numbytes, 305 305 int j ; 306 306 static int omega_specials = 0; 307 307 308 if (nextstring + numbytes > maxstring) { 308 if (numbytes < 0 || numbytes > maxstring - nextstring) { 309 if (numbytes < 0 || numbytes > (INT_MAX - 1000) / 2 ) { 310 error("! Integer overflow in predospecial"); 311 exit(1); 312 } 309 313 p = nextstring = mymalloc(1000 + 2 * numbytes) ; 310 314 maxstring = nextstring + 2 * numbytes + 700 ; 311 315 } … … float *bbdospecial P1C(int, nbytes) 828 832 char seen[NKEYS] ; 829 833 float valseen[NKEYS] ; 830 834 831 if (nextstring + nbytes > maxstring) { 835 if (nbytes < 0 || nbytes > maxstring - nextstring) { 836 if (nbytes < 0 || nbytes > (INT_MAX - 1000) / 2 ) { 837 error("! Integer overflow in bbdospecial"); 838 exit(1); 839 } 832 840 p = nextstring = mymalloc(1000 + 2 * nbytes) ; 833 841 maxstring = nextstring + 2 * nbytes + 700 ; 834 842 }
Note: See TracBrowser
for help on using the repository browser.
