Overview

File tiff-3.9.4-CVE-2009-5022.patch of Package tiff.683

http://bugzilla.maptools.org/show_bug.cgi?id=1999#c2 and diff between 3.9.5 and 3.9.4
Index: tiff-3.9.4/libtiff/tif_ojpeg.c
===================================================================
--- libtiff/tif_ojpeg.c
+++ libtiff/tif_ojpeg.c
@@ -1555,6 +1555,11 @@ OJPEGReadHeaderInfoSecStreamSof(TIFF* ti
 			TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data indicates unexpected width");
 			return(0);
 		}
+                if ((uint32)p>sp->strile_width)
+                {
+                        TIFFErrorExt(tif->tif_clientdata,module,"JPEG compressed data image width exceeds expected image width");
+                        return(0);
+                }
 		sp->sof_x=p;
 	}
 	/* Nf: Number of image components in frame */
openSUSE Build Service is sponsored by
Places