File libraw-CVE-2017-16909.patch of Package libraw.9683

Overview Repositories Revisions Requests Users Attributes Meta

File libraw-CVE-2017-16909.patch of Package libraw.9683

index 9c969cd9..e16bade8 100644
Index: LibRaw-0.15.4/internal/dcraw_common.cpp
===================================================================
--- LibRaw-0.15.4.orig/internal/dcraw_common.cpp	2017-12-14 14:12:57.743297219 +0100
+++ LibRaw-0.15.4/internal/dcraw_common.cpp	2017-12-14 14:13:28.643844370 +0100
@@ -1885,7 +1885,7 @@ void CLASS panasonic_load_raw()
   int row, col, i, j, sh=0, pred[2], nonz[2];
 
   pana_bits(0);
-  for (row=0; row < height; row++)
+  for (row = 0; row < raw_height; row++)
     for (col=0; col < raw_width; col++) {
       if ((i = col % 14) == 0)
 	pred[0] = pred[1] = nonz[0] = nonz[1] = 0;
@@ -1894,11 +1894,13 @@ void CLASS panasonic_load_raw()
 	if ((j = pana_bits(8))) {
 	  if ((pred[i & 1] -= 0x80 << sh) < 0 || sh == 4)
 	       pred[i & 1] &= ~(-1 << sh);
-	  pred[i & 1] += j << sh;
-	}
-      } else if ((nonz[i & 1] = pana_bits(8)) || i > 11)
-	pred[i & 1] = nonz[i & 1] << 4 | pana_bits(4);
-      if ((RAW(row,col) = pred[col & 1]) > 4098 && col < width) derror();
+          pred[i & 1] += j << sh;
+        }
+      }
+      else if ((nonz[i & 1] = pana_bits(8)) || i > 11)
+        pred[i & 1] = nonz[i & 1] << 4 | pana_bits(4);
+      if ((RAW(row, col) = pred[col & 1]) > 4098 && col < width && row < height)
+        derror();
     }
 }
 
@@ -6093,8 +6095,13 @@ void CLASS parse_fuji (int offset)
 
   fseek (ifp, offset, SEEK_SET);
   entries = get4();
-  if (entries > 255) return;
-  while (entries--) {
+  if (entries > 255)
+    return;
+#ifdef LIBRAW_LIBRARY_BUILD
+  imgdata.process_warnings |=  LIBRAW_WARN_PARSEFUJI_PROCESSED; 
+#endif
+  while (entries--)
+  {
     tag = get2();
     len = get2();
     save = ftell(ifp);
@@ -8399,7 +8406,13 @@ wb550:
     }
   }
 dng_skip:
-  if (fuji_width) {
+#ifdef LIBRAW_LIBRARY_BUILD
+  // Clear erorneus fuji_width if not set through parse_fuji or for DNG
+  if(fuji_width && !dng_version && !(imgdata.process_warnings & LIBRAW_WARN_PARSEFUJI_PROCESSED ))
+     fuji_width = 0;
+#endif
+  if (fuji_width)
+  {
     fuji_width = width >> !fuji_layout;
     if (~fuji_width & 1) filters = 0x49494949;
     width = (height >> fuji_layout) + fuji_width;
Index: LibRaw-0.15.4/libraw/libraw_const.h
===================================================================
--- LibRaw-0.15.4.orig/libraw/libraw_const.h	2013-08-23 04:55:48.000000000 +0200
+++ LibRaw-0.15.4/libraw/libraw_const.h	2017-12-14 14:12:57.755297432 +0100
@@ -59,7 +59,8 @@ enum LibRaw_warnings
     LIBRAW_WARN_NO_JASPER = 1<<11,
     LIBRAW_WARN_RAWSPEED_PROBLEM = 1<<12,
     LIBRAW_WARN_RAWSPEED_UNSUPPORTED = 1<<13,
-    LIBRAW_WARN_RAWSPEED_PROCESSED = 1<<14
+    LIBRAW_WARN_RAWSPEED_PROCESSED = 1<<14,
+    LIBRAW_WARN_PARSEFUJI_PROCESSED = 1 << 16
 };
 
 enum LibRaw_exceptions

Places

File libraw-CVE-2017-16909.patch of Package libraw.9683

Places