Brian May writes:
> Confirmed this fixes the problem, at least on wheezy.
I have a package available for testing.
https://people.debian.org/~bam/debian/pool/main/a/autotrace/
Attached is the debdiff.
--
Brian May
diff -Nru autotrace-0.31.1/debian/changelog autotrace-0.31.1/debian/changelog
-
Ben Hutchings writes:
> Or with only parentheses added:
>
> XMALLOC(pstoedit_suffix_table, sizeof(char *) * (2 * (dd_tmp -
> dd_start) + 1));
Yes, that looks simpler.
Confirmed this fixes the problem, at least on wheezy.
Without patch:
=== cut ===
(wheezy-amd64-default)root@prune:/tmp/brian/t
On Mon, 2016-09-12 at 08:30 +1000, Brian May wrote:
> Hello,
>
> Have had a look at CVE-2016-7392 in autotrace, from a quick glance at
> source code, the code does:
>
> XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
>
> Which I believe is the same as:
>
> XMALLOC(
Hello,
Have had a look at CVE-2016-7392 in autotrace, from a quick glance at
source code, the code does:
XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
Which I believe is the same as:
XMALLOC(pstoedit_suffix_table, (sizeof(char *) * 2 * (dd_tmp - dd_start)) + 1);
