summary refs log tree commit diff
path: root/pkgs/development/libraries/poppler/0.61-CVE-2019-9959.patch
blob: 5c2af7a2adc20635e048b4fdc5311ed50646bfd4 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
--- a/poppler/JPEG2000Stream.cc
+++ b/poppler/JPEG2000Stream.cc
@@ -201,7 +201,7 @@ void JPXStream::init()
   if (getDict()) smaskInData = getDict()->lookup("SMaskInData");
 
   int bufSize = BUFFER_INITIAL_SIZE;
-  if (oLen.isInt()) bufSize = oLen.getInt();
+  if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
 
   if (cspace.isArray() && cspace.arrayGetLength() > 0) {

@@ -365,7 +365,7 @@ void JPXStream::init()
   }
 
   int bufSize = BUFFER_INITIAL_SIZE;
-  if (oLen.isInt()) bufSize = oLen.getInt();
+  if (oLen.isInt() && oLen.getInt() > 0) bufSize = oLen.getInt();
 
   if (cspace.isArray() && cspace.arrayGetLength() > 0) {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-29 22:00:33 +0000