File tiff-CVE-2024-7006.patch of Package tiff.40031
Upstream:
3705f82b6483c7906cf08cd6b9dcdcd59c61d779
Index: tiff-4.0.9/libtiff/tif_dirinfo.c
===================================================================
--- tiff-4.0.9.orig/libtiff/tif_dirinfo.c
+++ tiff-4.0.9/libtiff/tif_dirinfo.c
@@ -625,7 +625,7 @@ _TIFFFindOrRegisterField(TIFF *tif, uint
fld = TIFFFindField(tif, tag, dt);
if (fld == NULL) {
fld = _TIFFCreateAnonField(tif, tag, dt);
- if (!_TIFFMergeFields(tif, fld, 1))
+ if (fld == NULL || !_TIFFMergeFields(tif, fld, 1))
return NULL;
}
Index: tiff-4.0.9/libtiff/tif_dirread.c
===================================================================
--- tiff-4.0.9.orig/libtiff/tif_dirread.c
+++ tiff-4.0.9/libtiff/tif_dirread.c
@@ -3677,11 +3677,10 @@ TIFFReadDirectory(TIFF* tif)
dp->tdir_tag,dp->tdir_tag);
/* the following knowingly leaks the
anonymous field structure */
- if (!_TIFFMergeFields(tif,
- _TIFFCreateAnonField(tif,
- dp->tdir_tag,
- (TIFFDataType) dp->tdir_type),
- 1)) {
+ const TIFFField *fld = _TIFFCreateAnonField(
+ tif, dp->tdir_tag, (TIFFDataType)dp->tdir_type);
+ if (fld == NULL || !_TIFFMergeFields(tif, fld, 1))
+ {
TIFFWarningExt(tif->tif_clientdata,
module,
"Registering anonymous field with tag %d (0x%x) failed",
@@ -4403,10 +4402,10 @@ TIFFReadCustomDirectory(TIFF* tif, toff_
TIFFWarningExt(tif->tif_clientdata, module,
"Unknown field with tag %d (0x%x) encountered",
dp->tdir_tag, dp->tdir_tag);
- if (!_TIFFMergeFields(tif, _TIFFCreateAnonField(tif,
- dp->tdir_tag,
- (TIFFDataType) dp->tdir_type),
- 1)) {
+ const TIFFField *fld = _TIFFCreateAnonField(
+ tif, dp->tdir_tag, (TIFFDataType)dp->tdir_type);
+ if (fld == NULL || !_TIFFMergeFields(tif, fld, 1))
+ {
TIFFWarningExt(tif->tif_clientdata, module,
"Registering anonymous field with tag %d (0x%x) failed",
dp->tdir_tag, dp->tdir_tag);
