Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
tiff.import4396
tiff-3.9.4-CVE-2010-4665.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tiff-3.9.4-CVE-2010-4665.patch of Package tiff.import4396
http://bugzilla.maptools.org/attachment.cgi?id=398 Make tiffdump more paranoid about checking the count field of a directory entry. diff -Naur tiff-3.9.4.orig/tools/tiffdump.c tiff-3.9.4/tools/tiffdump.c --- tools/tiffdump.c 2010-06-08 14:50:44.000000000 -0400 +++ tools/tiffdump.c 2010-06-22 12:51:42.207932477 -0400 @@ -46,6 +46,7 @@ # include <io.h> #endif +#include "tiffiop.h" #include "tiffio.h" #ifndef O_BINARY @@ -317,7 +318,7 @@ printf(">\n"); continue; } - space = dp->tdir_count * datawidth[dp->tdir_type]; + space = TIFFSafeMultiply(int, dp->tdir_count, datawidth[dp->tdir_type]); if (space <= 0) { printf(">\n"); Error("Invalid count for tag %u", dp->tdir_tag); @@ -709,7 +710,7 @@ w = (dir->tdir_type < NWIDTHS ? datawidth[dir->tdir_type] : 0); cc = dir->tdir_count * w; if (lseek(fd, (off_t)dir->tdir_offset, 0) != (off_t)-1 - && read(fd, cp, cc) != -1) { + && read(fd, cp, cc) == cc) { if (swabflag) { switch (dir->tdir_type) { case TIFF_SHORT:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor