On Sat, 2018-01-06 at 09:25 -0500, Probe Fuzzer wrote:
> we found that on latest version of PoDoFo (RELEASE_0.9.5_rc1),
Hi,
what is the RELEASE_0.9.5_rc1, please? The "rc1" suffix suggests it's a
"release candidate", while the release itself had been made like a year
ago, thus it seems you use some pre-release code. Nonetheless, as
mentioned, the last release happened around a year ago, where many
changes landed in the development version meanwhile, thus to save time
to you and to others, I suggest to try with the current trunk, where
you get truly the latest version of the code. As there is also
discussed a new release now, testing the pre-release code will be more
than appreciated.
> src/src/base/PdfXRefStreamParserObject.cpp:125:64: runtime error:
> signed integer overflow: 3 + 9223372036854775807 cannot be
> represented in type 'long int [3]'
It looks like it had been fixed more than 6 months ago in the
development version at revision 1851:
https://sourceforge.net/p/podofo/code/1851
as part of the fix for CVE-2017-8787.
Thanks and bye,
zyx
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
