[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- HTMLDOC
From:       Alex Legler <a3li () gentoo ! org>
Date:       2009-07-26 7:24:30
Message-ID: 1248593070.4204.16.camel () localhost
[Download RAW message or body]


On Sa, 2009-07-25 at 15:31 +0200, Nico Golde wrote:
> Did you check:
> htmllib.cxx:          if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2)
> ps-pdf.cxx:   if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2)
> as well?
> Looks like a similar issue to me.
> 

Indeed it is the same issue. I could cause an overflow with a crafted
AFM font file.

I have added these two to the upstream bug report.

Regards,
Alex

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]