[Secure-testing-team] Re: xpdf vulnerability?
Hamish Moffatt
hamish at debian.org
Tue Mar 22 12:11:08 UTC 2005
On Tue, Mar 22, 2005 at 11:57:01AM +0100, Frank Küster wrote:
> Hamish Moffatt <hamish at debian.org> wrote:
> > I was tempted to revert all the security patches and apply upstream's
> > versions, but I'm not sure that all the changes are there. Especially as
> > I don't know how 0888 and 0889 differ.
>
> Note also that the security team advised not to use the upstream patches
> which rely on specific compiler properties, namely the non-optimizing of
> constructs like
Good point. However I just checked the three upstream patches for Xpdf
3.0 and I can't see these type of changes in there at all?!
> if (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size) {
or
> if (size < 0 || size >= INT_MAX/sizeof(XRefEntry)) {
INT_MAX is still 2^31 and XRefEntry is an enum, so I guess it's OK.
(I checked my amd64 system, but I expect INT_MAX is actually defined by
the C spec.)
Thanks,
Hamish
--
Hamish Moffatt VK3SB <hamish at debian.org> <hamish at cloud.net.au>
More information about the Secure-testing-team
mailing list