cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 15:38:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

tiff: fix multiple CVE's

Browse Source 
This commit fixes multiple CVE's for library tiff:
CVE-2012-4564
CVE-2013-1960
CVE-2013-1961
CVE-2013-4231
CVE-2013-4232
CVE-2013-4244
CVE-2013-4243

Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
This commit is contained in:
Jiri Slachta
2014-08-04 12:08:07 +02:00
committed by Steven Barth
parent 317c39a7ba
commit 20ee7a564c
8 changed files with 1036 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libs/tiff/patches/010-CVE-2012-4564.patch
+31
View File
@@ -0,0 +1,31 @@
Index: tiff-4.0.3/tools/ppm2tiff.c
===================================================================
--- tiff-4.0.3.orig/tools/ppm2tiff.c 2013-06-23 10:36:50.779629492 -0400
+++ tiff-4.0.3/tools/ppm2tiff.c 2013-06-23 10:36:50.775629494 -0400
@@ -89,6 +89,7 @@
int c;
extern int optind;
extern char* optarg;
+ tmsize_t scanline_size;
if (argc < 2) {
fprintf(stderr, "%s: Too few arguments\n", argv[0]);
@@ -237,8 +238,16 @@
}
if (TIFFScanlineSize(out) > linebytes)
buf = (unsigned char *)_TIFFmalloc(linebytes);
- else
- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
+ else {
+ scanline_size = TIFFScanlineSize(out);
+ if (scanline_size != 0)
+ buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
+ else {
+ fprintf(stderr, "%s: scanline size overflow\n",infile);
+ (void) TIFFClose(out);
+ exit(-2);
+ }
+ }
if (resolution > 0) {
TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);