3
From 77837423c3a125a3b39ddae246ff904f437cf845 Mon Sep 17 00:00:00 2001
4
From: bfriesen <bfriesen>
5
Date: Mon, 22 Dec 2014 02:52:38 +0000
6
Subject: [PATCH] * tools/tiffdump.c: Guard against arithmetic overflow when
7
calculating allocation buffer sizes.
11
tools/tiffdump.c | 21 ++++++++++++++++++---
12
2 files changed, 23 insertions(+), 3 deletions(-)
14
Index: tiff-3.9.5/tools/tiffdump.c
15
===================================================================
16
--- tiff-3.9.5.orig/tools/tiffdump.c 2015-03-30 07:47:36.009335099 -0400
17
+++ tiff-3.9.5/tools/tiffdump.c 2015-03-30 07:49:47.910486251 -0400
30
TIFFSwabShort(&dircount);
31
- dir = (TIFFDirEntry *)_TIFFmalloc(dircount * sizeof (TIFFDirEntry));
32
+ dir = (TIFFDirEntry *)_TIFFmalloc(TIFFSafeMultiply(tsize_t,dircount,sizeof (TIFFDirEntry)));
34
Fatal("No space for TIFF directory");