File libraw-CVE-2018-5808.patch of Package libraw
Index: LibRaw-0.15.4/internal/dcraw_common.cpp
===================================================================
--- LibRaw-0.15.4.orig/internal/dcraw_common.cpp 2018-12-11 11:11:24.389644683 +0100
+++ LibRaw-0.15.4/internal/dcraw_common.cpp 2018-12-11 13:25:12.495967290 +0100
@@ -2702,6 +2702,11 @@ void CLASS sony_arw2_load_raw()
uchar *data, *dp;
ushort pix[16];
int row, col, val, max, min, imax, imin, sh, bit, i;
+#ifdef LIBRAW_LIBRARY_BUILD
+ if(raw_width> 32768 || raw_height > 32768) // definitely too much for old samsung
+ throw LIBRAW_EXCEPTION_IO_BADFILE;
+#endif
+ unsigned maxpixels = raw_width*(raw_height+7);
data = (uchar *) malloc (raw_width);
merror (data, "sony_arw2_load_raw()");
@@ -7328,7 +7333,8 @@ float CLASS find_green (int bps, int bit
UINT64 bitbuf=0;
int vbits, col, i, c;
ushort img[2][2064];
- double sum[]={0,0};
+ double sum[] = {0, 0};
+ if(width > 2064) return 0.f; // too wide
FORC(2) {
fseek (ifp, c ? off1:off0, SEEK_SET);