Hello zyx, hello all, > zyx <z...@gmx.us> has written on 21 January 2018 at 14:52: > > > On Sun, 2018-01-14 at 13:37 +0100, zyx wrote: > > I cannot reproduce this with revision 1866 > > Hi, > I realized that I didn't pass the correct flags to the compiler. I had > it set only in CFLAGS, but no tin CXXFLAGS. Correcting that showed the > runtime error for me too. > > Looking in the code, there had been a typo in the in-parameter validity > check, which I fixed in revision 1870: > http://sourceforge.net/p/podofo/code/1870 >
the same input parameter validity check is missing in the constructor PdfMemoryOutputStream(char*, pdf_long) in line 88 meaning m_pBuffer + m_lLen can be NULL (first memcpy parameter in line 124, so [1] undefined behaviour then), i.e. CVE-2018-5308 isn't fully fixed yet (as I read it). Please insert the check, mentioning the CVE in the commit message. > Bye, > zyx Best regards, mabri [1] http://en.cppreference.com/w/c/string/byte/memcpy ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users
