updated musl

author: davidovski <david@davidovski.xyz> 2022-04-17 22:07:52 +0100
committer: davidovski <david@davidovski.xyz> 2022-04-17 22:07:52 +0100
commit: c35d083dc525e223b085ec00e6863ea6eafb003c (patch)
tree: 5bbe25b4f92cd1821c8cbbefed9c19de6e42b98e /extra/tiff
parent: 7cc715c1249422ddf91987be64a35eef43e3e62d (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/extra/tiff/CVE-2018-12900.patch b/extra/tiff/CVE-2018-12900.patch
new file mode 100644
index 0000000..f95cd06
--- /dev/null
+++ b/extra/tiff/CVE-2018-12900.patch
@@ -0,0 +1,29 @@
+From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001
+From: pgajdos <pgajdos@suse.cz>
+Date: Tue, 13 Nov 2018 09:03:31 +0100
+Subject: [PATCH] prevent integer overflow
+
+---
+ tools/tiffcp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index 2f406e2d..ece7ba13 100644
+--- a/tools/tiffcp.c
++++ b/tools/tiffcp.c
+@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+             status = 0;
+             goto done;
+         }
++        if (0xFFFFFFFF / tilew < spp)
++        {
++            TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps);
++            status = 0;
++            goto done;
++        }
+ 	bytes_per_sample = bps/8;
+ 
+ 	for (row = 0; row < imagelength; row += tl) {
+-- 
+2.18.1
+
author	davidovski <david@davidovski.xyz>	2022-04-17 22:07:52 +0100
committer	davidovski <david@davidovski.xyz>	2022-04-17 22:07:52 +0100
commit	c35d083dc525e223b085ec00e6863ea6eafb003c (patch)
tree	5bbe25b4f92cd1821c8cbbefed9c19de6e42b98e /extra/tiff
parent	7cc715c1249422ddf91987be64a35eef43e3e62d (diff)