From 48ca75555522716f0f686dcae3dd6cf3d8ad714d Mon Sep 17 00:00:00 2001 From: davidovski Date: Tue, 31 May 2022 11:05:19 +0100 Subject: removed idea of repos --- repo/tiff/CVE-2018-12900.patch | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 repo/tiff/CVE-2018-12900.patch (limited to 'repo/tiff/CVE-2018-12900.patch') diff --git a/repo/tiff/CVE-2018-12900.patch b/repo/tiff/CVE-2018-12900.patch new file mode 100644 index 0000000..f95cd06 --- /dev/null +++ b/repo/tiff/CVE-2018-12900.patch @@ -0,0 +1,29 @@ +From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001 +From: pgajdos +Date: Tue, 13 Nov 2018 09:03:31 +0100 +Subject: [PATCH] prevent integer overflow + +--- + tools/tiffcp.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/tools/tiffcp.c b/tools/tiffcp.c +index 2f406e2d..ece7ba13 100644 +--- a/tools/tiffcp.c ++++ b/tools/tiffcp.c +@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) + status = 0; + goto done; + } ++ if (0xFFFFFFFF / tilew < spp) ++ { ++ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps); ++ status = 0; ++ goto done; ++ } + bytes_per_sample = bps/8; + + for (row = 0; row < imagelength; row += tl) { +-- +2.18.1 + -- cgit v1.2.1