← Back to branch summary

~ubuntu-branches/ubuntu/quantal/libjpeg-turbo/quantal-security

~ubuntu-branches/ubuntu/quantal/libjpeg-turbo/quantal-security

« back to all changes in this revision

Viewing changes to jdmarker.c

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2013-11-22 10:00:21 UTC
mfrom: (5.1.1 precise-proposed)
Revision ID: package-import@ubuntu.com-20131122100021-ejao0wk4ubusaqp5

Tags: 1.2.1-0ubuntu2.12.10.1

https://launchpad.net/bugs/1252912

https://launchpad.net/bugs/1252912

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

files added:
.pc/CVE-2013-6629.patch

.pc/CVE-2013-6629.patch/jdmarker.c

.pc/CVE-2013-6630.patch

.pc/CVE-2013-6630.patch/jdmarker.c

debian/patches/CVE-2013-6629.patch

debian/patches/CVE-2013-6630.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

jdmarker.c

Show diffs side-by-side

added added

removed removed

347

347

348

348

TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,

349

349

compptr->dc_tbl_no, compptr->ac_tbl_no);

350

351

/* This CSi (cc) should differ from the previous CSi */

352

for (ci = 0; ci < i; ci++) {

353

if (cinfo->cur_comp_info[ci] == compptr)

354

ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);

355

}

350

356

}

351

357

352

358

/* Collect the additional scan parameters Ss, Se, Ah/Al. */

464

470

for (i = 0; i < count; i++)

465

471

INPUT_BYTE(cinfo, huffval[i], return FALSE);

466

472

473

MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));

467

474

length -= count;

468

475

469

476

if (index & 0x10) { /* AC table definition */

Older »