texlive-base/texlive-base-CVE-2018-17407.patch

diff -up texlive-base-20180414/source/texk/dvipsk/writet1.c.CVE-2018-17407 texlive-base-20180414/source/texk/dvipsk/writet1.c
--- texlive-base-20180414/source/texk/dvipsk/writet1.c.CVE-2018-17407	2018-10-01 11:03:50.140899732 -0400
+++ texlive-base-20180414/source/texk/dvipsk/writet1.c	2018-10-01 11:04:31.425999765 -0400
@@ -1449,7 +1449,9 @@ static void t1_check_unusual_charstring(
         *(strend(t1_buf_array) - 1) = ' ';
 
         t1_getline();
+        alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
         strcat(t1_buf_array, t1_line_array);
+        alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
         strcpy(t1_line_array, t1_buf_array);
         t1_line_ptr = eol(t1_line_array);
     }
diff -up texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w.CVE-2018-17407 texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w
--- texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w.CVE-2018-17407	2018-10-01 11:05:54.404187837 -0400
+++ texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w	2018-10-01 11:06:33.537335758 -0400
@@ -1625,7 +1625,9 @@ static void t1_check_unusual_charstring(
     if (sscanf(p, "%i", &i) != 1) {
         strcpy(t1_buf_array, t1_line_array);
         t1_getline();
+        alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
         strcat(t1_buf_array, t1_line_array);
+        alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
         strcpy(t1_line_array, t1_buf_array);
         t1_line_ptr = eol(t1_line_array);
     }
diff -up texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c.CVE-2018-17407 texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c
--- texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c.CVE-2018-17407	2018-10-01 11:06:57.881806099 -0400
+++ texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c	2018-10-01 11:08:06.424314628 -0400
@@ -1598,7 +1598,9 @@ static void t1_check_unusual_charstring(
         *(strend(t1_buf_array) - 1) = ' ';
 
         t1_getline();
+        alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
         strcat(t1_buf_array, t1_line_array);
+        alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
         strcpy(t1_line_array, t1_buf_array);
         t1_line_ptr = eol(t1_line_array);
     }
apply upstream fix for CVE-2018-17407 2018-10-01 15:33:09 +00:00			`diff -up texlive-base-20180414/source/texk/dvipsk/writet1.c.CVE-2018-17407 texlive-base-20180414/source/texk/dvipsk/writet1.c`
			`--- texlive-base-20180414/source/texk/dvipsk/writet1.c.CVE-2018-17407 2018-10-01 11:03:50.140899732 -0400`
			`+++ texlive-base-20180414/source/texk/dvipsk/writet1.c 2018-10-01 11:04:31.425999765 -0400`
			`@@ -1449,7 +1449,9 @@ static void t1_check_unusual_charstring(`
			`*(strend(t1_buf_array) - 1) = ' ';`

			`t1_getline();`
			`+ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);`
			`strcat(t1_buf_array, t1_line_array);`
			`+ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);`
			`strcpy(t1_line_array, t1_buf_array);`
			`t1_line_ptr = eol(t1_line_array);`
			`}`
			`diff -up texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w.CVE-2018-17407 texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w`
			`--- texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w.CVE-2018-17407 2018-10-01 11:05:54.404187837 -0400`
			`+++ texlive-base-20180414/source/texk/web2c/luatexdir/font/writet1.w 2018-10-01 11:06:33.537335758 -0400`
			`@@ -1625,7 +1625,9 @@ static void t1_check_unusual_charstring(`
			`if (sscanf(p, "%i", &i) != 1) {`
			`strcpy(t1_buf_array, t1_line_array);`
			`t1_getline();`
			`+ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);`
			`strcat(t1_buf_array, t1_line_array);`
			`+ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);`
			`strcpy(t1_line_array, t1_buf_array);`
			`t1_line_ptr = eol(t1_line_array);`
			`}`
			`diff -up texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c.CVE-2018-17407 texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c`
			`--- texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c.CVE-2018-17407 2018-10-01 11:06:57.881806099 -0400`
			`+++ texlive-base-20180414/source/texk/web2c/pdftexdir/writet1.c 2018-10-01 11:08:06.424314628 -0400`
			`@@ -1598,7 +1598,9 @@ static void t1_check_unusual_charstring(`
			`*(strend(t1_buf_array) - 1) = ' ';`

			`t1_getline();`
			`+ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);`
			`strcat(t1_buf_array, t1_line_array);`
			`+ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);`
			`strcpy(t1_line_array, t1_buf_array);`
			`t1_line_ptr = eol(t1_line_array);`
			`}`