File tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.... of Package tiff

Overview Repositories Revisions Requests Users Attributes Meta

File tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch of Package tiff

Index: tiff-4.0.9/tools/tiffcrop.c
===================================================================
--- tiff-4.0.9.orig/tools/tiffcrop.c
+++ tiff-4.0.9/tools/tiffcrop.c
@@ -182,12 +182,12 @@ extern int getopt(int argc, char * const
 #define ROTATECW_270 32
 #define ROTATE_ANY (ROTATECW_90 | ROTATECW_180 | ROTATECW_270)
 
-#define CROP_NONE     0
-#define CROP_MARGINS  1
-#define CROP_WIDTH    2
-#define CROP_LENGTH   4
-#define CROP_ZONES    8
-#define CROP_REGIONS 16
+#define CROP_NONE     0     /* "-S" -> Page_MODE_ROWSCOLS and page->rows/->cols != 0 */
+#define CROP_MARGINS  1     /* "-m" */
+#define CROP_WIDTH    2     /* "-X" */
+#define CROP_LENGTH   4     /* "-Y" */
+#define CROP_ZONES    8     /* "-Z" */
+#define CROP_REGIONS 16     /* "-z" */
 #define CROP_ROTATE  32
 #define CROP_MIRROR  64
 #define CROP_INVERT 128
@@ -325,7 +325,7 @@ struct crop_mask {
 #define PAGE_MODE_RESOLUTION   1
 #define PAGE_MODE_PAPERSIZE    2
 #define PAGE_MODE_MARGINS      4
-#define PAGE_MODE_ROWSCOLS     8
+#define PAGE_MODE_ROWSCOLS     8    /* for -S option */
 
 #define INVERT_DATA_ONLY      10
 #define INVERT_DATA_AND_TAG   11
@@ -2104,6 +2104,16 @@ void  process_command_opts (int argc, ch
 		/*NOTREACHED*/
       }
     }
+    /*-- Check for not allowed combinations (e.g. -X, -Y and -Z, -z and -S are mutually exclusive) --*/
+    char XY, Z, R, S;
+    XY = ((crop_data->crop_mode & CROP_WIDTH) || (crop_data->crop_mode & CROP_LENGTH)) ? 1 : 0;
+    Z = (crop_data->crop_mode & CROP_ZONES) ? 1 : 0;
+    R = (crop_data->crop_mode & CROP_REGIONS) ? 1 : 0;
+    S = (page->mode & PAGE_MODE_ROWSCOLS) ? 1 : 0;
+    if (XY + Z + R + S > 1) {
+        TIFFError("tiffcrop input error", "The crop options(-X|-Y), -Z, -z and -S are mutually exclusive.->Exit");
+        exit(EXIT_FAILURE);
+    }
   }  /* end process_command_opts */
 
 /* Start a new output file if one has not been previously opened or

Places

File tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch of Package tiff

Places