File tiff-CVE-2025-8177.patch of Package tiff
This also includes e8de4dc1f923576dce9d625caeebd93f9db697e1
alongside the actual fix for this CVE e8de4dc1f923576dce9d625caeebd93f9db697e1
Index: tiff-4.7.0/tools/thumbnail.c
===================================================================
--- tiff-4.7.0.orig/tools/thumbnail.c
+++ tiff-4.7.0/tools/thumbnail.c
@@ -620,7 +620,15 @@ static void setrow(uint8_t *row, uint32_
}
acc += bits[*src & mask1];
}
- *row++ = cmap[(255 * acc) / area];
+ if (255 * acc / area < 256)
+ {
+ *row++ = cmap[(255 * acc) / area];
+ }
+ else
+ {
+ fprintf(stderr, "acc=%d, area=%d\n", acc, area);
+ *row++ = cmap[0];
+ }
}
}
