guix/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch

37 lines
1.1 KiB
Diff
Raw Normal View History

Fix CVE-2016-10133:
https://bugs.ghostscript.com/show_bug.cgi?id=697401
http://seclists.org/oss-sec/2017/q1/74
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10133
Patch lifted from upstream source repository:
https://git.ghostscript.com/?p=mujs.git;h=77ab465f1c394bb77f00966cd950650f3f53cb24
From 77ab465f1c394bb77f00966cd950650f3f53cb24 Mon Sep 17 00:00:00 2001
From: Tor Andersson <tor.andersson@gmail.com>
Date: Thu, 12 Jan 2017 14:47:01 +0100
Subject: [PATCH] Fix 697401: Error when dropping extra arguments to
lightweight functions.
---
thirdparty/mujs/jsrun.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/thirdparty/mujs/jsrun.c b/thirdparty/mujs/jsrun.c
index ee80845..782a6f9 100644
--- a/thirdparty/mujs/jsrun.c
+++ b/thirdparty/mujs/jsrun.c
@@ -937,7 +937,7 @@ static void jsR_calllwfunction(js_State *J, int n, js_Function *F, js_Environmen
jsR_savescope(J, scope);
if (n > F->numparams) {
- js_pop(J, F->numparams - n);
+ js_pop(J, n - F->numparams);
n = F->numparams;
}
for (i = n; i < F->varlen; ++i)
--
2.9.1