kdegraphics/patches/post-3.5.7-kdegraphics-CVE-2007-3387.diff

Index: kpdf/xpdf/xpdf/Stream.cc
===================================================================
--- kpdf/xpdf/xpdf/Stream.cc	(revision 689574)
+++ kpdf/xpdf/xpdf/Stream.cc	(working copy)
@@ -411,9 +411,9 @@ StreamPredictor::StreamPredictor(Stream 
 
   nVals = width * nComps;
   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-      nComps >= INT_MAX / nBits ||
-      width >= INT_MAX / nComps / nBits ||
-      nVals * nBits + 7 < 0) {
+      nComps > gfxColorMaxComps || nBits > 16 ||
+      width >= INT_MAX / nComps ||
+      nVals >= (INT_MAX - 7) / nBits) {
     return;
   }
   pixBytes = (nComps * nBits + 7) >> 3;
1	Index: kpdf/xpdf/xpdf/Stream.cc
2	===================================================================
3	--- kpdf/xpdf/xpdf/Stream.cc (revision 689574)
4	+++ kpdf/xpdf/xpdf/Stream.cc (working copy)
5	@@ -411,9 +411,9 @@ StreamPredictor::StreamPredictor(Stream
6
7	nVals = width * nComps;
8	if (width <= 0 \|\| nComps <= 0 \|\| nBits <= 0 \|\|
9	- nComps >= INT_MAX / nBits \|\|
10	- width >= INT_MAX / nComps / nBits \|\|
11	- nVals * nBits + 7 < 0) {
12	+ nComps > gfxColorMaxComps \|\| nBits > 16 \|\|
13	+ width >= INT_MAX / nComps \|\|
14	+ nVals >= (INT_MAX - 7) / nBits) {
15	return;
16	}
17	pixBytes = (nComps * nBits + 7) >> 3;