removed idea of repos

author: davidovski <david@davidovski.xyz> 2022-05-31 11:05:19 +0100
committer: davidovski <david@davidovski.xyz> 2022-05-31 11:05:19 +0100
commit: 48ca75555522716f0f686dcae3dd6cf3d8ad714d (patch)
tree: 00c0f58550ba4661e87376f2f02c8001c69bae44 /repo/tiff/CVE-2018-12900.patch
parent: 871b2b573f01c1b3176a0f65458b3d281b41c437 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/repo/tiff/CVE-2018-12900.patch b/repo/tiff/CVE-2018-12900.patch
new file mode 100644
index 0000000..f95cd06
--- /dev/null
+++ b/repo/tiff/CVE-2018-12900.patch
@@ -0,0 +1,29 @@
+From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001
+From: pgajdos <pgajdos@suse.cz>
+Date: Tue, 13 Nov 2018 09:03:31 +0100
+Subject: [PATCH] prevent integer overflow
+
+---
+ tools/tiffcp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index 2f406e2d..ece7ba13 100644
+--- a/tools/tiffcp.c
++++ b/tools/tiffcp.c
+@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+             status = 0;
+             goto done;
+         }
++        if (0xFFFFFFFF / tilew < spp)
++        {
++            TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps);
++            status = 0;
++            goto done;
++        }
+ 	bytes_per_sample = bps/8;
+ 
+ 	for (row = 0; row < imagelength; row += tl) {
+-- 
+2.18.1
+
author	davidovski <david@davidovski.xyz>	2022-05-31 11:05:19 +0100
committer	davidovski <david@davidovski.xyz>	2022-05-31 11:05:19 +0100
commit	48ca75555522716f0f686dcae3dd6cf3d8ad714d (patch)
tree	00c0f58550ba4661e87376f2f02c8001c69bae44 /repo/tiff/CVE-2018-12900.patch
parent	871b2b573f01c1b3176a0f65458b3d281b41c437 (diff)