[Okular-devel] new xpdf vulnerability
Albert Astals Cid
aacid at kde.org
Tue Jan 9 00:02:40 CET 2007
A Dilluns 08 Gener 2007 22:55, Albert Astals Cid va escriure:
> A Dilluns 08 Gener 2007 21:24, Dirk Mueller va escriure:
> > Hi,
> >
> > could you please check out
> >
> > http://projects.info-pull.com/moab/MOAB-06-01-2007.html
> >
> > against kpdf and okular and possible other places that could be affected?
> > looks like a new round of xpdf fixes have to be done :(
>
> Having a look at them at the moment.
Had the look. The problem is that while reading the page tree you can have
loops, that is, a page tree or one of it children can refer to itself. We are
not checking against that so we end on a infinite recursive call loop. The
quick way i imagine to fix that is have a variable passed around with
readPageTree where we keep all the page tree nodes we have read and each time
we read a new one check it's not there, but that seems quite intensive both
memory and speed wise :-/
I'll be off until wednesday evening.
More ideas?
Albert
>
> Albert
>
> > Thanks,
> > Dirk
> > _______________________________________________
> > Okular-devel mailing list
> > Okular-devel at kde.org
> > https://mail.kde.org/mailman/listinfo/okular-devel
>
> _______________________________________________
> Okular-devel mailing list
> Okular-devel at kde.org
> https://mail.kde.org/mailman/listinfo/okular-devel
More information about the Okular-devel
mailing list