summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/mupdf-CVE-2016-7563.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/mupdf-CVE-2016-7563.patch')
-rw-r--r--gnu/packages/patches/mupdf-CVE-2016-7563.patch37
1 files changed, 37 insertions, 0 deletions
diff --git a/gnu/packages/patches/mupdf-CVE-2016-7563.patch b/gnu/packages/patches/mupdf-CVE-2016-7563.patch
new file mode 100644
index 0000000000..288c9ab2df
--- /dev/null
+++ b/gnu/packages/patches/mupdf-CVE-2016-7563.patch
@@ -0,0 +1,37 @@
+Fix CVE-2016-7563:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7563
+http://bugs.ghostscript.com/show_bug.cgi?id=697136
+
+Patch copied from upstream source repository:
+http://git.ghostscript.com/?p=mujs.git;a=commitdiff;h=f8234d830e17fc5e8fe09eb76d86dad3f6233c59
+
+From f8234d830e17fc5e8fe09eb76d86dad3f6233c59 Mon Sep 17 00:00:00 2001
+From: Tor Andersson <tor.andersson@artifex.com>
+Date: Tue, 20 Sep 2016 17:11:32 +0200
+Subject: [PATCH] Fix bug 697136.
+
+We were unconditionally reading the next character if we encountered
+a '*' in a multi-line comment; possibly reading past the end of
+the input.
+---
+ jslex.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/jslex.c b/jslex.c
+index 7b80800..cbd0eeb 100644
+--- a/thirdparty/mujs/jslex.c
++++ b/thirdparty/mujs/jslex.c
+@@ -225,7 +225,8 @@ static int lexcomment(js_State *J)
+ if (jsY_accept(J, '/'))
+ return 0;
+ }
+- jsY_next(J);
++ else
++ jsY_next(J);
+ }
+ return -1;
+ }
+--
+2.10.2
+
generated by cgit v1.2.3 (git 2.45.2) at 2024-07-23 14:15:53 +0000