blob: 502a11d2a88caf61446e5c3bb3311c0ee17316fe (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Fix CVE-2017-9433:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9433
Patch copied from upstream source repository:
https://sourceforge.net/p/libmwaw/libmwaw/ci/68b3b74569881248bfb6cbb4266177cc253b292f
From 68b3b74569881248bfb6cbb4266177cc253b292f Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Sat, 8 Apr 2017 14:03:29 +0200
Subject: [PATCH] ofz#1037 resize vector correctly
---
src/lib/MsWrd1Parser.cxx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/MsWrd1Parser.cxx b/src/lib/MsWrd1Parser.cxx
index 63547e6..3626064 100644
--- a/src/lib/MsWrd1Parser.cxx
+++ b/src/lib/MsWrd1Parser.cxx
@@ -902,7 +902,7 @@ bool MsWrd1Parser::readFootnoteCorrespondance(MWAWVec2i limits)
int id = fIt++->second;
fPos[1] = fIt==footnoteMap.end() ? m_state->m_eot : fIt->first;
if (id >= int(m_state->m_footnotesList.size()))
- m_state->m_footnotesList.resize(size_t(id),MWAWVec2l(0,0));
+ m_state->m_footnotesList.resize(size_t(id)+1,MWAWVec2l(0,0));
m_state->m_footnotesList[size_t(id)]=fPos;
}
ascii().addDelimiter(input->tell(),'|');
--
2.13.1
|