summaryrefslogtreecommitdiffhomepage
path: root/patches/tiff/CVE-2018-12900.patch
diff options
context:
space:
mode:
authorLucio Andrés Illanes Albornoz <lucio@lucioillanes.de>2019-03-23 17:56:18 +0000
committerLucio Andrés Illanes Albornoz <lucio@lucioillanes.de>2019-03-23 17:56:18 +0000
commit4e574b64ac30b77c767f6466eaced934c7a4ce54 (patch)
tree4020dafa63b71dd605d0e76528c1ebfaa5697713 /patches/tiff/CVE-2018-12900.patch
parent3c21bc0ef035b510bc3691c79cfd939fe4755068 (diff)
downloadmidipix_build-4e574b64ac30b77c767f6466eaced934c7a4ce54.tar.bz2
midipix_build-4e574b64ac30b77c767f6466eaced934c7a4ce54.tar.xz
vars/build.vars:{clzip,expat}{_host,}: updated to v{1.11,2.2.6} (via Redfoxmoon.)
vars/build.vars:libxml2: updated to v2.9.9 (via Redfoxmoon.) vars/build.vars:libunistring: updated to v0.9.10 (via Redfoxmoon.) vars/build.vars:libpng: updated to v1.6.36 (via Redfoxmoon.) vars/build.vars:tiff: updated to v4.0.10 (via Redfoxmoon.) vars/build.vars:gdbm: updated to v1.18.1 (via Redfoxmoon.) vars/build.vars:pcre: updated to v8.43 (via Redfoxmoon.) vars/build.vars:gzip: updated to v1.10 (via Redfoxmoon.) vars/build.vars:gzip:${PKG_{CFLAGS_CONFIGURE_EXTRA,CONFIGURE_ARGS,MAKEFLAGS_{BUILD,INSTALL}_EXTRA}}: unset (via Redfoxmoon.) vars/build.vars:libvorbis: updated to v1.3.6 (via Redfoxmoon.) vars/build.vars:libxslt: updated to v1.1.33 (via Redfoxmoon.) vars/build.vars:libtirpc: updated to v1.1.4 (via Redfoxmoon.) patches/expat-2.2.{5,6}.local.patch: updated (via Redfoxmoon.) patches/libtirpc-1.{0.3,1.4}.local.patch: updated (via Redfoxmoon.) patches/libvorbis-1.3.5.local.patch: removes obsolete patch (via Redfoxmoon.) patches/libxslt-1.1.3{2,3}.local.patch: updated (via Redfoxmoon.) patches/pcre-8.4{2,3}.local.patch: updated (via Redfoxmoon.) patches/tiff/CVE-{2017-{11613,17095,18013,9935},2018-{10963,5784,7456,8905}}.patch: removes obsolete patches (via Redfoxmoon.) patches/tiff/CVE-2018-12900.patch: added (via Redfoxmoon.)
Diffstat (limited to 'patches/tiff/CVE-2018-12900.patch')
-rw-r--r--patches/tiff/CVE-2018-12900.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/patches/tiff/CVE-2018-12900.patch b/patches/tiff/CVE-2018-12900.patch
new file mode 100644
index 00000000..f95cd06a
--- /dev/null
+++ b/patches/tiff/CVE-2018-12900.patch
@@ -0,0 +1,29 @@
+From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001
+From: pgajdos <pgajdos@suse.cz>
+Date: Tue, 13 Nov 2018 09:03:31 +0100
+Subject: [PATCH] prevent integer overflow
+
+---
+ tools/tiffcp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index 2f406e2d..ece7ba13 100644
+--- a/tools/tiffcp.c
++++ b/tools/tiffcp.c
+@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+ status = 0;
+ goto done;
+ }
++ if (0xFFFFFFFF / tilew < spp)
++ {
++ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps);
++ status = 0;
++ goto done;
++ }
+ bytes_per_sample = bps/8;
+
+ for (row = 0; row < imagelength; row += tl) {
+--
+2.18.1
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 12:43:01 +0000