summary refs log tree commit diff
path: root/gnu/packages/patches/libtiff-CVE-2013-4232.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2013-4232.patch')
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-4232.patch20
1 files changed, 20 insertions, 0 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2013-4232.patch b/gnu/packages/patches/libtiff-CVE-2013-4232.patch
new file mode 100644
index 0000000000..3a92f61fef
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-4232.patch
@@ -0,0 +1,20 @@
+Copied from Debian
+
+Description: use after free in tiff2pdf
+Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2449
+Bug-Debian: http://bugs.debian.org/719303
+
+Index: tiff-4.0.3/tools/tiff2pdf.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2pdf.c	2013-08-22 11:46:37.292847242 -0400
++++ tiff-4.0.3/tools/tiff2pdf.c	2013-08-22 11:46:37.292847242 -0400
+@@ -2461,7 +2461,8 @@
+ 					(unsigned long) t2p->tiff_datasize, 
+ 					TIFFFileName(input));
+ 				t2p->t2p_error = T2P_ERR_ERROR;
+-			  _TIFFfree(buffer);
++				_TIFFfree(buffer);
++				return(0);
+ 			} else {
+ 				buffer=samplebuffer;
+ 				t2p->tiff_datasize *= t2p->tiff_samplesperpixel;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-02 06:01:47 +0000