backends: Fix another security issue in the dvi-backend

Taken from evince commit: 439c5070022eab6cef7266aab47f978058012c72 From: Vincent Untz <[email protected]> Gnome bug: https://bugzilla.gnome.org/show_bug.cgi?id=640923
author: infirit <[email protected]> 2014-12-10 01:48:23 +0100
committer: infirit <[email protected]> 2014-12-10 01:48:23 +0100
commit: 4df03e6ebcf0443429d17027026532336e4b0aca (patch)
tree: bf4ae1ee20da15d7835cd0930307eb2a8a30d225 /backend/dvi
parent: 792b694b94965150f845fc3a940ee7c72b1d5b94 (diff)
download: atril-4df03e6ebcf0443429d17027026532336e4b0aca.tar.bz2
atril-4df03e6ebcf0443429d17027026532336e4b0aca.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/backend/dvi/mdvi-lib/afmparse.c b/backend/dvi/mdvi-lib/afmparse.c
index 361e23d6..e1cd1156 100644
--- a/backend/dvi/mdvi-lib/afmparse.c
+++ b/backend/dvi/mdvi-lib/afmparse.c
@@ -190,7 +190,7 @@ static char *linetoken(FILE *stream)
 while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); 
 
 idx = 0;
- while (ch != EOF && ch != lineterm) 
+ while (ch != EOF && ch != lineterm && idx < MAX_NAME)
 {
 ident[idx++] = ch;
 ch = fgetc(stream);
author	infirit <[email protected]>	2014-12-10 01:48:23 +0100
committer	infirit <[email protected]>	2014-12-10 01:48:23 +0100
commit	4df03e6ebcf0443429d17027026532336e4b0aca (patch)
tree	bf4ae1ee20da15d7835cd0930307eb2a8a30d225 /backend/dvi
parent	792b694b94965150f845fc3a940ee7c72b1d5b94 (diff)
download	atril-4df03e6ebcf0443429d17027026532336e4b0aca.tar.bz2 atril-4df03e6ebcf0443429d17027026532336e4b0aca.tar.xz