FreeBSD Bugzilla – Attachment 150077 Details for
Bug 195558
Patch for buffer overflow in textproc/antiword
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
textproc/antiword: Add patch to prevent buffer overflow
antiword-0.37_4.diff (text/plain), 2.89 KB, created by
Fabian Keil
on 2014-12-01 15:59:55 UTC
(
hide
)
Description:
textproc/antiword: Add patch to prevent buffer overflow
Filename:
MIME Type:
Creator:
Fabian Keil
Created:
2014-12-01 15:59:55 UTC
Size:
2.89 KB
patch
obsolete
>From 9b3f7a818a8205eab4fff61b15788b5a7201c460 Mon Sep 17 00:00:00 2001 >From: Fabian Keil <fk@fabiankeil.de> >Date: Tue, 25 Nov 2014 19:30:59 +0100 >Subject: [PATCH] textproc/antiword: Add patch to prevent buffer overflow > >.. and add a DEBUG option. >--- > textproc/antiword/Makefile | 12 ++++++++++-- > textproc/antiword/files/patch-wordole.c | 28 ++++++++++++++++++++++++++++ > 2 files changed, 38 insertions(+), 2 deletions(-) > create mode 100644 textproc/antiword/files/patch-wordole.c > >diff --git a/textproc/antiword/Makefile b/textproc/antiword/Makefile >index 7f0ad92..bf0f9e2 100644 >--- a/textproc/antiword/Makefile >+++ b/textproc/antiword/Makefile >@@ -3,13 +3,15 @@ > > PORTNAME= antiword > PORTVERSION= 0.37 >-PORTREVISION= 3 >+PORTREVISION= 4 > CATEGORIES= textproc > MASTER_SITES= http://www.winfield.demon.nl/linux/ > > MAINTAINER= leeym@FreeBSD.org > COMMENT= Application for displaying Microsoft(R) Word documents > >+OPTIONS_DEFINE= DEBUG >+ > LICENSE= GPLv2 > > BUILD_DEPENDS= ${LOCALBASE}/share/ghostscript/fonts/n022003l.afm:${PORTSDIR}/print/gsfonts >@@ -24,11 +26,17 @@ INSTALL_TARGET= global_install > PORTDOCS= COPYING ChangeLog Emacs Exmh FAQ History Mozilla Mutt Netscape \ > QandA ReadMe antiword.1 antiword.man antiword.php testdoc.doc > >+.include <bsd.port.options.mk> >+ >+.if ${PORT_OPTIONS:MDEBUG} >+CFLAGS+= -DDEBUG >+.else > CFLAGS+= -DNDEBUG >+.endif > > post-patch: > @${REINPLACE_CMD} -E 's,/usr/share,${LOCALBASE}/share,g; s,fonts2,fonts,' ${WRKSRC}/Unix-only/fontinfo.pl >- @${REINPLACE_CMD} -E 's|LD|CC|g; /^(CC|CFLAGS)/d; s,/usr/share,${PREFIX}/share,g; s|/usr/local/bin|${PREFIX}/bin|g' ${WRKSRC}/${MAKEFILE} >+ @${REINPLACE_CMD} -E 's|LD|CC|g; /^(CC|CFLAGS|OPT)/d; s,/usr/share,${PREFIX}/share,g; s|/usr/local/bin|${PREFIX}/bin|g' ${WRKSRC}/${MAKEFILE} > @${REINPLACE_CMD} -E 's,/usr/share,${PREFIX}/share,g' ${WRKSRC}/antiword.h > > post-install: >diff --git a/textproc/antiword/files/patch-wordole.c b/textproc/antiword/files/patch-wordole.c >new file mode 100644 >index 0000000..57138e2 >--- /dev/null >+++ b/textproc/antiword/files/patch-wordole.c >@@ -0,0 +1,28 @@ >+From a17e48746d7203f91a2c3bb1cdcbe9023c8d37a0 Mon Sep 17 00:00:00 2001 >+From: Fabian Keil <fk@fabiankeil.de> >+Date: Tue, 25 Nov 2014 18:58:52 +0100 >+Subject: [PATCH] bGetPPS(): Prevent overflow of atPPSlist[].szName[] >+ >+--- >+ wordole.c | 5 +++++ >+ 1 file changed, 5 insertions(+) >+ >+diff --git a/wordole.c b/wordole.c >+index 8a95fb9..7797d1f 100644 >+--- wordole.c >++++ wordole.c >+@@ -259,6 +259,11 @@ bGetPPS(FILE *pFile, >+ } >+ tNameSize = (size_t)usGetWord(0x40, aucBytes); >+ tNameSize = (tNameSize + 1) / 2; >++ if (tNameSize >= sizeof(atPPSlist[0].szName)) { >++ werr(0, "PPS %d appears to be invalid.", iIndex); >++ atPPSlist = xfree(atPPSlist); >++ return FALSE; >++ } >+ vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize); >+ atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes); >+ if (atPPSlist[iIndex].ucType == 5) { >+-- >+2.1.2 >+ >-- >2.1.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=150077">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 195558
: 150077