Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-15-SP5:GA
tiff.32960
tiff-CVE-2019-7663.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tiff-CVE-2019-7663.patch of Package tiff.32960
Index: tiff-4.0.9/libtiff/tif_dirwrite.c =================================================================== --- tiff-4.0.9.orig/libtiff/tif_dirwrite.c +++ tiff-4.0.9/libtiff/tif_dirwrite.c @@ -1898,12 +1898,14 @@ TIFFWriteDirectoryTagTransferfunction(TI n=3; if (n==3) { - if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16))) + if (tif->tif_dir.td_transferfunction[2] == NULL || + !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16))) n=2; } if (n==2) { - if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16))) + if (tif->tif_dir.td_transferfunction[1] == NULL || + !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16))) n=1; } if (n==0) Index: tiff-4.0.9/tools/tiffcp.c =================================================================== --- tiff-4.0.9.orig/tools/tiffcp.c +++ tiff-4.0.9/tools/tiffcp.c @@ -1391,7 +1391,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuf int status = 1; uint32 imagew = TIFFRasterScanlineSize(in); uint32 tilew = TIFFTileRowSize(in); - int iskew = imagew - tilew*spp; + int iskew; tsize_t tilesize = TIFFTileSize(in); tdata_t tilebuf; uint8* bufp = (uint8*) buf; @@ -1399,6 +1399,13 @@ DECLAREreadFunc(readSeparateTilesIntoBuf uint32 row; uint16 bps = 0, bytes_per_sample; + if (spp > (0x7fffffff / tilew)) + { + TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)"); + return 0; + } + iskew = imagew - tilew*spp; + tilebuf = _TIFFmalloc(tilesize); if (tilebuf == 0) return 0;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
