diff options
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2014-8129.patch')
| -rw-r--r-- | gnu/packages/patches/libtiff-CVE-2014-8129.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8129.patch b/gnu/packages/patches/libtiff-CVE-2014-8129.patch new file mode 100644 index 0000000000..091ec8f573 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2014-8129.patch @@ -0,0 +1,45 @@ +Copied from Debian + +From cd82b5267ad4c10eb91e4ee8a716a81362cf851c Mon Sep 17 00:00:00 2001 +From: erouault <erouault> +Date: Sun, 21 Dec 2014 18:07:48 +0000 +Subject: [PATCH] * libtiff/tif_next.c: check that BitsPerSample = 2. Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2487 (CVE-2014-8129) + +--- + ChangeLog | 5 +++++ + libtiff/tif_next.c | 17 +++++++++++++++++ + 2 files changed, 22 insertions(+) + +diff --git a/libtiff/tif_next.c b/libtiff/tif_next.c +index a53c716..d834196 100644 +--- a/libtiff/tif_next.c ++++ b/libtiff/tif_next.c +@@ -141,10 +141,27 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) + return (0); + } + ++static int ++NeXTPreDecode(TIFF* tif, uint16 s) ++{ ++ static const char module[] = "NeXTPreDecode"; ++ TIFFDirectory *td = &tif->tif_dir; ++ (void)s; ++ ++ if( td->td_bitspersample != 2 ) ++ { ++ TIFFErrorExt(tif->tif_clientdata, module, "Unsupported BitsPerSample = %d", ++ td->td_bitspersample); ++ return (0); ++ } ++ return (1); ++} ++ + int + TIFFInitNeXT(TIFF* tif, int scheme) + { + (void) scheme; ++ tif->tif_predecode = NeXTPreDecode; + tif->tif_decoderow = NeXTDecode; + tif->tif_decodestrip = NeXTDecode; + tif->tif_decodetile = NeXTDecode; |