File GraphicsMagick-CVE-2016-7449.patch of Package GraphicsMagick.6323

Overview Repositories Revisions Requests Users Attributes Meta

File GraphicsMagick-CVE-2016-7449.patch of Package GraphicsMagick.6323

--- a/coders/tiff.c	Mon Aug 15 16:56:35 2016 -0500
+++ b/coders/tiff.c	Thu Aug 18 20:58:27 2016 -0500
@@ -1575,6 +1575,19 @@
 }
 #endif
 
+/*
+  Copy a possibly unterminated sized string to an image attribute.
+*/
+#define CopySizedFieldToAttribute(key,count,text)                     \
+  do                                                                  \
+    {                                                                 \
+      char _attribute[MaxTextExtent];                                 \
+      (void) memcpy(_attribute,text,Min(sizeof(_attribute),count));   \
+      _attribute[Min(sizeof(_attribute)-1,count)]='\0';                \
+      (void) SetImageAttribute(image,key,_attribute);                 \
+    } while(0);
+    
+
 typedef enum
 {
   ScanLineMethod,            /* Scanline method */
@@ -1634,6 +1647,7 @@
     units;
 
   uint32
+    count,
     height,
     rows_per_strip,
     width;
@@ -2037,34 +2051,17 @@
       if (TIFFGetField(tiff,TIFFTAG_SOFTWARE,&text) == 1)
         (void) SetImageAttribute(image,"software",text);
 
-      {
-	/*
-	  "Unsupported" tags return two arguments.
-	*/
-
-	uint32
-	  count;
-
-	char attribute[MaxTextExtent];
-
-	if (TIFFGetField(tiff,TIFFTAG_OPIIMAGEID,&count,&text) == 1)
-	  {
-	    (void) strlcpy(attribute,text,Min(sizeof(attribute),(count+1)));
-	    (void) SetImageAttribute(image,"imageid",attribute);
-	  }
-	
-	if (TIFFGetField(tiff,33423,&count,&text) == 1)
-	  {
-	    (void) strlcpy(attribute,text,Min(sizeof(attribute),(count+1)));
-	    (void) SetImageAttribute(image,"kodak-33423",attribute);
-	  }
-	
-	if (TIFFGetField(tiff,36867,&count,&text) == 1)
-	  {
-	    (void) strlcpy(attribute,text,Min(sizeof(attribute),(count+1)));
-	    (void) SetImageAttribute(image,"kodak-36867",attribute);
-	  }
-      }
+      /*
+        "Unsupported" tags return two arguments.
+      */
+      if (TIFFGetField(tiff,TIFFTAG_OPIIMAGEID,&count,&text) == 1)
+        CopySizedFieldToAttribute("imageid",count,text);
+      
+      if (TIFFGetField(tiff,33423,&count,&text) == 1)
+        CopySizedFieldToAttribute("kodak-33423",count,text);
+      
+      if (TIFFGetField(tiff,36867,&count,&text) == 1)
+        CopySizedFieldToAttribute("kodak-36867",count,text);
 
       if ((photometric == PHOTOMETRIC_PALETTE) ||
           ((photometric == PHOTOMETRIC_MINISWHITE ||

Places

File GraphicsMagick-CVE-2016-7449.patch of Package GraphicsMagick.6323

Places