summaryrefslogtreecommitdiff
path: root/source/l/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch
diff options
context:
space:
mode:
Diffstat (limited to 'source/l/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch')
-rw-r--r--source/l/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch27
1 files changed, 0 insertions, 27 deletions
diff --git a/source/l/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch b/source/l/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch
deleted file mode 100644
index 507fe662..00000000
--- a/source/l/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch
+++ /dev/null
@@ -1,27 +0,0 @@
---- libwmf-0.2.8.4.orig/src/player.c 2002-12-10 19:30:26.000000000 +0000
-+++ libwmf-0.2.8.4/src/player.c 2006-07-12 15:12:52.000000000 +0100
-@@ -42,6 +42,7 @@
- #include "player/defaults.h" /* Provides: default settings */
- #include "player/record.h" /* Provides: parameter mechanism */
- #include "player/meta.h" /* Provides: record interpreters */
-+#include <stdint.h>
-
- /**
- * @internal
-@@ -132,8 +134,14 @@
- }
- }
-
--/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
-- */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char));
-+ if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
-+ {
-+ API->err = wmf_E_InsMem;
-+ WMF_DEBUG (API,"bailing...");
-+ return (API->err);
-+ }
-+
-+ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char));
-
- if (ERR (API))
- { WMF_DEBUG (API,"bailing...");
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-05 12:32:09 +0000