* [gentoo-commits] gentoo-x86 commit in media-libs/tiff/files: tiff-3.9.2-CVE-2010-1411.patch
@ 2010-07-18 21:18 Steve Arnold (nerdboy)
0 siblings, 0 replies; only message in thread
From: Steve Arnold (nerdboy) @ 2010-07-18 21:18 UTC (permalink / raw
To: gentoo-commits
nerdboy 10/07/18 21:18:15
Added: tiff-3.9.2-CVE-2010-1411.patch
Log:
Updated oldest version for CVE-2010-1411.
(Portage version: 2.2_rc67/cvs/Linux x86_64)
Revision Changes Path
1.1 media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch?rev=1.1&content-type=text/plain
Index: tiff-3.9.2-CVE-2010-1411.patch
===================================================================
--- libtiff/tif_fax3.c.orig 2010-05-13 19:36:08.995479161 +0200
+++ libtiff/tif_fax3.c 2010-05-13 19:48:04.215467428 +0200
@@ -42,6 +42,7 @@
#define G3CODES
#include "t4.h"
#include <stdio.h>
+#include <stdint.h>
/*
* Compression+decompression state blocks are
@@ -493,9 +494,21 @@
td->td_compression == COMPRESSION_CCITTFAX4
);
- nruns = needsRefLine ? 2*TIFFroundup(rowpixels,32) : rowpixels;
+ uint64_t val64 = rowpixels;
+ if (needsRefLine)
+ {
+ val64 = 2*TIFFroundup(rowpixels,32);
+ if (val64 > 0xffffffff)
+ return (0);
+ }
+ nruns = (val64 &0xffffffff);
nruns += 3;
- dsp->runs = (uint32*) _TIFFCheckMalloc(tif, 2*nruns, sizeof (uint32),
+
+ val64 = 2*nruns+3;
+ if (val64 > 0xffffffff)
+ return (0);
+
+ dsp->runs = (uint32*) _TIFFCheckMalloc(tif, (val64 & 0xffffffff), sizeof (uint32),
"for Group 3/4 run arrays");
if (dsp->runs == NULL)
return (0);
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2010-07-18 21:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-07-18 21:18 [gentoo-commits] gentoo-x86 commit in media-libs/tiff/files: tiff-3.9.2-CVE-2010-1411.patch Steve Arnold (nerdboy)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox