File libraw-CVE-2017-14265.patch of Package libraw.openSUSE_Leap_42.3_Update

Overview Repositories Revisions Requests Users Attributes Meta

File libraw-CVE-2017-14265.patch of Package libraw.openSUSE_Leap_42.3_Update

Index: LibRaw-0.17.1/internal/dcraw_common.cpp
===================================================================
--- LibRaw-0.17.1.orig/internal/dcraw_common.cpp	2017-09-15 18:28:13.330732870 +0200
+++ LibRaw-0.17.1/internal/dcraw_common.cpp	2017-09-15 18:28:27.758986666 +0200
@@ -4981,6 +4985,10 @@ void CLASS cielab (ushort rgb[3], short lab[3])
 void CLASS xtrans_interpolate (int passes)
 {
   int c, d, f, g, h, i, v, ng, row, col, top, left, mrow, mcol;
+#ifdef LIBRAW_LIBRARY_BUILD
+  int cstat[4]={0,0,0,0};
+#endif
+
   int val, ndir, pass, hm[8], avg[4], color[3][8];
   static const short orth[12] = { 1,0,0,1,-1,0,0,-1,1,0,0,1 },
 	patt[2][16] = { { 0,1,0,-1,2,0,-1,0,1,1,1,-1,0,0,0,0 },
@@ -4998,6 +5006,18 @@ void CLASS xtrans_interpolate (int passes)
     fprintf (stderr,_("%d-pass X-Trans interpolation...\n"), passes);
 #endif
 
+#ifdef LIBRAW_LIBRARY_BUILD
+/* Check against right pattern */
+  for (row = 0; row < 6; row++)
+         for (col = 0; col < 6; col++)
+                 cstat[fcol(row,col)]++;
+
+  if(cstat[0] < 6 || cstat[0]>10 || cstat[1]< 16 
+    || cstat[1]>24 || cstat[2]< 6 || cstat[2]>10 || cstat[3])
+         throw LIBRAW_EXCEPTION_IO_CORRUPT;
+#endif
+
+
   cielab (0,0);
   ndir = 4 << (passes > 1);
   buffer = (char *) malloc (TS*TS*(ndir*11+6));

Places

File libraw-CVE-2017-14265.patch of Package libraw.openSUSE_Leap_42.3_Update

Places