diff options
Diffstat (limited to 'app-text/ptex/files/CVE-2009-1284.patch')
| -rw-r--r-- | app-text/ptex/files/CVE-2009-1284.patch | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/app-text/ptex/files/CVE-2009-1284.patch b/app-text/ptex/files/CVE-2009-1284.patch new file mode 100644 index 000000000000..3e5b7f791500 --- /dev/null +++ b/app-text/ptex/files/CVE-2009-1284.patch @@ -0,0 +1,18 @@ +--- tetex-src-3.0.orig/texk/web2c/bibtex.ch 2004-07-15 02:32:51.000000000 +0900 ++++ tetex-src-3.0/texk/web2c/bibtex.ch 2009-09-30 08:11:22.000000000 +0900 +@@ -1077,6 +1077,15 @@ + @y + @z + ++% Forgot to check for pool overflow here. Triggered by test case linked ++% from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920. ++@x ++while (sp_ptr < sp_end) do {shift the substring} ++@y ++str_room(sp_end - sp_ptr); ++while (sp_ptr < sp_end) do {shift the substring} ++@z ++ + % [459] Eliminate unreferenced statement label, because `undefined' is + % now a constant expression that is not evaluated at the Web level. If + % this label were ever required, it could be replaced by the constant |