File tiff-CVE-2018-12900.patch of Package tiff.34105
Index: tiff-4.0.10/tools/tiffcp.c
===================================================================
--- tiff-4.0.10.orig/tools/tiffcp.c 2018-10-13 15:58:55.180101778 +0200
+++ tiff-4.0.10/tools/tiffcp.c 2018-11-12 17:00:52.706128841 +0100
@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuf
status = 0;
goto done;
}
+ if (0xFFFFFFFF / tilew < spp)
+ {
+ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps);
+ status = 0;
+ goto done;
+ }
bytes_per_sample = bps/8;
for (row = 0; row < imagelength; row += tl) {