diff options
author | davidovski <david@davidovski.xyz> | 2022-04-17 22:07:52 +0100 |
---|---|---|
committer | davidovski <david@davidovski.xyz> | 2022-04-17 22:07:52 +0100 |
commit | c35d083dc525e223b085ec00e6863ea6eafb003c (patch) | |
tree | 5bbe25b4f92cd1821c8cbbefed9c19de6e42b98e /extra/tiff | |
parent | 7cc715c1249422ddf91987be64a35eef43e3e62d (diff) |
updated musl
Diffstat (limited to 'extra/tiff')
-rw-r--r-- | extra/tiff/CVE-2018-12900.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/extra/tiff/CVE-2018-12900.patch b/extra/tiff/CVE-2018-12900.patch new file mode 100644 index 0000000..f95cd06 --- /dev/null +++ b/extra/tiff/CVE-2018-12900.patch @@ -0,0 +1,29 @@ +From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001 +From: pgajdos <pgajdos@suse.cz> +Date: Tue, 13 Nov 2018 09:03:31 +0100 +Subject: [PATCH] prevent integer overflow + +--- + tools/tiffcp.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/tools/tiffcp.c b/tools/tiffcp.c +index 2f406e2d..ece7ba13 100644 +--- a/tools/tiffcp.c ++++ b/tools/tiffcp.c +@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) + status = 0; + goto done; + } ++ if (0xFFFFFFFF / tilew < spp) ++ { ++ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps); ++ status = 0; ++ goto done; ++ } + bytes_per_sample = bps/8; + + for (row = 0; row < imagelength; row += tl) { +-- +2.18.1 + |