texlive/texlive-CVE-2007-4033.patch

17 lines
703 B
Diff
Raw Normal View History

2007-12-02 08:03:19 +00:00
diff -up tetex-src-3.0/libs/t1lib/t1env.c.CVE-2007-4033 tetex-src-3.0/libs/t1lib/t1env.c
--- tetex-src-3.0/libs/t1lib/t1env.c.CVE-2007-4033 2004-01-27 23:26:31.000000000 +0100
+++ tetex-src-3.0/libs/t1lib/t1env.c 2007-11-02 12:48:20.000000000 +0100
@@ -568,6 +568,12 @@ char *intT1_Env_GetCompletePath( char *F
#endif
strcat( pathbuf, DIRECTORY_SEP);
/* And finally the filename: */
+ /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf
+ let's try next pathbuf */
+ if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) {
+ i++;
+ continue;
+ }
strcat( pathbuf, StrippedName);
/* Check for existence of the path: */