Description: Add check for buffer overflow with malformed input files
 This was later re-found and became CVE-2014-8123. 
Author: <eriks@debian.org>
Bug-Debian: http://bugs.debian.org/407015
Bug-Debian: https://bugs.debian.org/771768
Forwarded: http://seclists.org/oss-sec/2014/q4/870
Last-Update: 2016-01-11

--- antiword-0.37~/wordole.c	2005-08-26 21:49:57.000000000 +0200
+++ antiword-0.37/wordole.c	2009-06-03 22:31:15.948014682 +0200
@@ -259,6 +259,10 @@
 		}
 		tNameSize = (size_t)usGetWord(0x40, aucBytes);
 		tNameSize = (tNameSize + 1) / 2;
+		if ( tNameSize > sizeof(atPPSlist[iIndex].szName)) {
+			werr(0, "Name Size of PPS %d is too large", iIndex);
+			tNameSize = sizeof(atPPSlist[iIndex].szName);
+		}
 		vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize);
 		atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes);
 		if (atPPSlist[iIndex].ucType == 5) {
='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>refs</a><a class='active' href='/guix/log/gnu/packages/netpbm.scm'>log</a><a href='/guix/tree/gnu/packages/netpbm.scm?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>tree</a><a href='/guix/commit/gnu/packages/netpbm.scm?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>commit</a><a href='/guix/diff/gnu/packages/netpbm.scm?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/netpbm.scm'>
<input type='hidden' name='id' value='daeb3cd98c6771b2e305d88de40aa833e772d181'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>root</a>/<a href='/guix/log/gnu?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>gnu</a>/<a href='/guix/log/gnu/packages?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>packages</a>/<a href='/guix/log/gnu/packages/netpbm.scm?id=daeb3cd98c6771b2e305d88de40aa833e772d181'>netpbm.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/netpbm.scm?id=daeb3cd98c6771b2e305d88de40aa833e772d181&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2019-02-28 22:35:41 +0100'>2019-02-28</span></td><td><a href='/guix/commit/gnu/packages/netpbm.scm?id=2a18b57222895b167522fcdecd7a0c37e64b5fbd'>gnu: netpbm: Fix CVE-2017-258[67].</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/netpbm.scm (netpbm)[source]: Add patches.
* gnu/packages/patches/netpbm-CVE-2017-2586.patch,
gnu/packages/patches/netpbm-CVE-2017-2587.patch: New files.
* gnu/local.mk: Fix missing copyright year.
(dist_patch_DATA): Add them.
</span></span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2019-02-12 23:23:19 -0500'>2019-02-12</span></td><td><a href='/guix/commit/gnu/packages/netpbm.scm?id=344e0f56218f6b2680e0ab00446eed372216d420'>gnu: netpbm: Fix a hard-coded path.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://bugs.gnu.org/24735&gt;.

* gnu/packages/netpbm.scm (netpbm)[arguments]: Patch a path in the 'configure'
phase.
</span></span></td><td>Leo Famulari</td></tr>