On Wed, 2017-05-03 at 11:11 +0200, Mattia Rizzolo wrote: [..] > You LTS upload broke libpodofo ABI. The symbol > _ZNK6PoDoFo7PdfPage25GetInheritedKeyFromObjectEPKcPKNS_9PdfObjectE@Base > as present in the wheezy version (libpodofo0.9.0_0.9.0-1.1+b1_amd64.deb) > became > _ZNK6PoDoFo7PdfPage25GetInheritedKeyFromObjectEPKcPKNS_9PdfObjectEi@Base > in wheezy-security (libpodofo0.9.0_0.9.0-1.1+deb7u1_amd64.deb). > > Now, I do not know what's LTS policy about silent ABI breakage, but I > doubt you are OK with that. > > > That's in particular caused by > https://anonscm.debian.org/git/collab-maint/libpodofo.git/tree/debian/patches/CVE-2017-5852.patch?h=debian/0.9.0-1.1%2bdeb7u1#n123 > > - const PdfObject* GetInheritedKeyFromObject( const char* inKey, const > PdfObject* inObject ) const; > + const PdfObject* GetInheritedKeyFromObject( const char* inKey, const > PdfObject* inObject, int depth = 0 ) const; > > > ATM, I don't know how to fix that CVE without breaking the ABI.
Create two overloaded functions rather than one function implementation
that's overloaded through a default parameter:
- const PdfObject* GetInheritedKeyFromObject( const char* inKey, const
PdfObject* inObject, int depth = 0 ) const;
+ const PdfObject* GetInheritedKeyFromObject( const char* inKey, const
PdfObject* inObject ) const;
+ const PdfObject* GetInheritedKeyFromObject( const char* inKey, const
PdfObject* inObject, int depth ) const;
...
+const PdfObject* PdfPage::GetInheritedKeyFromObject( const char* inKey, const
PdfObject* inObject ) const
+{
+ return GetInheritedKeyFromObject(inKey, inObject, 0);
+}
Ben.
--
Ben Hutchings
friends: People who know you well, but like you anyway.
signature.asc
Description: This is a digitally signed message part
