diff --git a/djvulibre.spec b/djvulibre.spec index 4c01cc3..726cbe7 100644 --- a/djvulibre.spec +++ b/djvulibre.spec @@ -1,7 +1,7 @@ Name: djvulibre Summary: An open source (GPL'ed) implementation of DjVu Version: 3.5.27 -Release: 18 +Release: 19 License: GPLv2+ URL: http://djvu.sourceforge.net/ Source0: http://downloads.sourceforge.net/djvu/djvulibre-%{version}.tar.gz @@ -18,6 +18,7 @@ Patch9: CVE-2021-32490.patch Patch10: CVE-2021-32491.patch Patch11: CVE-2021-32492.patch Patch12: CVE-2021-3630.patch +Patch13: fix-stack-overflow-in-process_incl_chunk.patch Requires(post): xdg-utils Requires(preun): xdg-utils @@ -101,6 +102,9 @@ rm -f %{_datadir}/icons/hicolor/32x32/apps/djvulibre-djview3.png || : %{_mandir}/man1/* %changelog +* Mon Feb 07 2022 herengui - 3.5.27-19 +- fix stack-overflow in process_incl_chunk + * Wed Jul 07 2021 wangyue - 3.5.27-18 - Fix CVE-2021-3630 diff --git a/fix-stack-overflow-in-process_incl_chunk.patch b/fix-stack-overflow-in-process_incl_chunk.patch new file mode 100644 index 0000000..32cc33b --- /dev/null +++ b/fix-stack-overflow-in-process_incl_chunk.patch @@ -0,0 +1,27 @@ +From dddf5d485e534c1f70d795ff37a0b2dba42e442a Mon Sep 17 00:00:00 2001 +From: herengui +Date: Mon, 7 Feb 2022 10:26:11 +0800 +Subject: [PATCH] fix stack-overflow in process_incl_chunk + +Signed-off-by: herengui +--- + libdjvu/DjVuFile.cpp | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/libdjvu/DjVuFile.cpp b/libdjvu/DjVuFile.cpp +index d5be2e5..e9deef9 100644 +--- a/libdjvu/DjVuFile.cpp ++++ b/libdjvu/DjVuFile.cpp +@@ -566,6 +566,9 @@ DjVuFile::process_incl_chunk(ByteStream & str, int file_num) + incl_str.setat(incl_str.length()-1, 0); + } + ++ if (!incl_str.is_valid()) ++ return 0; ++ + if (incl_str.length()>0) + { + if (strchr(incl_str, '/')) +-- +2.20.1 +