Description: Add check for buffer overflow with malformed input files
 This was later re-found and became CVE-2014-8123. 
Author: <eriks@debian.org>
Bug-Debian: http://bugs.debian.org/407015
Bug-Debian: https://bugs.debian.org/771768
Forwarded: http://seclists.org/oss-sec/2014/q4/870
Last-Update: 2016-01-11

--- antiword-0.37~/wordole.c	2005-08-26 21:49:57.000000000 +0200
+++ antiword-0.37/wordole.c	2009-06-03 22:31:15.948014682 +0200
@@ -259,6 +259,10 @@
 		}
 		tNameSize = (size_t)usGetWord(0x40, aucBytes);
 		tNameSize = (tNameSize + 1) / 2;
+		if ( tNameSize > sizeof(atPPSlist[iIndex].szName)) {
+			werr(0, "Name Size of PPS %d is too large", iIndex);
+			tNameSize = sizeof(atPPSlist[iIndex].szName);
+		}
 		vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize);
 		atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes);
 		if (atPPSlist[iIndex].ucType == 5) {
orm></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>refs</a><a class='active' href='/guix/log/gnu/services.scm'>log</a><a href='/guix/tree/gnu/services.scm?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>tree</a><a href='/guix/commit/gnu/services.scm?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>commit</a><a href='/guix/diff/gnu/services.scm?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/services.scm'>
<input type='hidden' name='id' value='a1d4e562f1061d3300ed9cb37e6a40bddccf0197'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>root</a>/<a href='/guix/log/gnu?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>gnu</a>/<a href='/guix/log/gnu/services.scm?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197'>services.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/services.scm?id=a1d4e562f1061d3300ed9cb37e6a40bddccf0197&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2023-03-16 12:37:03 +0100'>2023-03-16</span></td><td><a href='/guix/commit/gnu/services.scm?id=93918c67c5761d8f688cda5f5b49d5c49c7626d0'>services: etc-service: Deprecate etc-service procedure.</a><span class='msg-avail'>...</span></td><td>Bruno Victal</td></tr>
<tr><td><span title='2022-08-30 00:40:04 +0200'>2022-08-30</span></td><td><a href='/guix/commit/gnu/services.scm?id=9096bc28a30d48486efa13488ac4814b2ccd0fa2'>services: provenance: Use 'current-channels' to obtain provenance data.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-05-29 02:00:19 +0200'>2022-05-29</span></td><td><a href='/guix/commit/gnu/services.scm?id=4cb6994790d1b499bc07f183ac9d7b4fbfc3c9bc'>gnu: services: Update setuid service description.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2022-05-18 22:29:54 +0200'>2022-05-18</span></td><td><a href='/guix/commit/gnu/services.scm?id=3948ac25b1dccc40c7fdf56377f94a0775a835ee'>services: Make &lt;service-type&gt; 'description' field mandatory.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-05-18 22:29:54 +0200'>2022-05-18</span></td><td><a href='/guix/commit/gnu/services.scm?id=9a5d68692314bebd16dbcdc0d4e4e52fa4d5812f'>services: Add more description fields.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-03-10 23:46:51 +0100'>2022-03-10</span></td><td><a href='/guix/commit/gnu/services.scm?id=1b8f6a4cadf1715d3e4dc03dde06956fa3defdb6'>services: startup: Add description.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-11-27 23:06:17 +0100'>2021-11-27</span></td><td><a href='/guix/commit/gnu/services.scm?id=61ad9bc2adc189f41128874649b115cfaadec48d'>services: Document the 'delete' clause of 'modify-services'.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-08-12 12:34:13 +0200'>2021-08-12</span></td><td><a href='/guix/commit/gnu/services.scm?id=e0bd47b4fd5eb009f34004242e16b976e58756b0'>system: Handle 'setuid-programs' deprecation handling as a field sanitizer.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-07-29 11:32:08 -0400'>2021-07-29</span></td><td><a href='/guix/commit/gnu/services.scm?id=a7ac19851baab3fbcc40c4b2cf5b00a6ac9cd2f3'>services: setuid: More configurable setuid support.</a><span class='msg-avail'>...</span></td><td>Chris Lemmer-Webber</td></tr>
<tr><td><span title='2021-05-11 16:13:48 +0200'>2021-05-11</span></td><td><a href='/guix/commit/gnu/services.scm?id=a3df382525ac515d1aa083f7f5bd3bd31eb1df40'>gnu: Allow services to install kernel-loadable modules.</a><span class='msg-avail'>...</span></td><td>raid5atemyhomework</td></tr>
<tr><td><span title='2021-04-12 17:49:07 +0200'>2021-04-12</span></td><td><a href='/guix/commit/gnu/services.scm?id=a247f5c7537df7e0c09051ba22d5c95eb08f48b9'>services: Support DELETE in MODIFY-SERVICES macro.</a><span class='msg-avail'>...</span></td><td>Ricardo Wurmus</td></tr>