Index | Thread | Search

From:
Nick Permyakov <nick.permyakov@gmail.com>
Subject:
Patch to fix CVE-2025-53367 in graphics/djvulibre
To:
ports@openbsd.org
Date:
Fri, 10 Apr 2026 18:27:57 +0400

Download raw body.

Thread
Hi,

Here's an upstream patch that fixes a potential buffer overflow in
graphics/djvulibre.

Best regards,
Nick Permyakov

Index: Makefile
===================================================================
RCS file: /cvs/ports/graphics/djvulibre/Makefile,v
diff -u -p -u -r1.53 Makefile
--- Makefile	22 Jul 2025 12:40:55 -0000	1.53
+++ Makefile	9 Apr 2026 21:13:52 -0000
@@ -1,7 +1,7 @@
 COMMENT=	view, decode and encode DjVu files

 DISTNAME=	djvulibre-3.5.28
-REVISION=	4
+REVISION=	5
 SHARED_LIBS=	djvulibre	27.0	# 28.0
 CATEGORIES=	graphics print

Index: patches/patch-libdjvu_MMRDecoder_cpp
===================================================================
RCS file: patches/patch-libdjvu_MMRDecoder_cpp
diff -N patches/patch-libdjvu_MMRDecoder_cpp
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ patches/patch-libdjvu_MMRDecoder_cpp	9 Apr 2026 21:13:52 -0000
@@ -0,0 +1,25 @@
+Fix CVE-2025-53367: potential buffer overflow in MMRDecoder
+https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3da/
+
+Index: libdjvu/MMRDecoder.cpp
+--- libdjvu/MMRDecoder.cpp.orig
++++ libdjvu/MMRDecoder.cpp
+@@ -589,6 +589,9 @@ MMRDecoder::scanruns(const unsigned short **endptr)
+   int a0,rle,b1;
+   for(a0=0,rle=0,b1=*pr++;a0 < width;)
+     {
++      // Check for buffer overflow
++      if (xr > lineruns+width+2 || pr > prevruns+width+2)
++        G_THROW(invalid_mmr_data);
+       // Process MMR codes
+       const int c=mrtable->decode(src);
+       switch ( c )
+@@ -714,7 +717,7 @@
+                         rle++;
+                         a0++;
+                       }
+-                    if (a0 > width)
++                    if (a0 > width || xr > lineruns+width+2)
+                       G_THROW(invalid_mmr_data);
+                   }
+                 // Analyze uncompressed termination code.