Overview

File libraw-CVE-2018-5817,5818,5819.patch of Package libraw.15684

Index: LibRaw-0.18.9/internal/dcraw_common.cpp
===================================================================
--- LibRaw-0.18.9.orig/internal/dcraw_common.cpp	2019-01-09 13:06:48.692944632 +0100
+++ LibRaw-0.18.9/internal/dcraw_common.cpp	2019-01-09 13:11:35.066329244 +0100
@@ -12009,7 +12009,7 @@ void CLASS parse_rollei()
   fseek (ifp, 0, SEEK_SET);
   memset (&t, 0, sizeof t);
   do {
-    fgets (line, 128, ifp);
+    if(!fgets (line, 128, ifp)) break;
     if ((val = strchr(line,'=')))
       *val++ = 0;
     else
@@ -12047,6 +12047,7 @@ void CLASS parse_sinar_ia()
   order = 0x4949;
   fseek (ifp, 4, SEEK_SET);
   entries = get4();
+  if(entries < 1 || entries > 8192) return;
   fseek (ifp, get4(), SEEK_SET);
   while (entries--) {
     off = get4(); get4();
@@ -15610,6 +15611,7 @@ dng_skip:
       if(maximum < 0x10000 && curve[maximum]>0 &&    load_raw == &CLASS sony_arw2_load_raw)
         maximum = curve[maximum];
     }
+  if(maximum > 0xffff) maximum = 0xffff;
   if (!load_raw || height < 22 || width < 22 ||
 #ifdef LIBRAW_LIBRARY_BUILD
       (tiff_bps > 16 && load_raw != &LibRaw::deflate_dng_load_raw)
openSUSE Build Service is sponsored by
Places