1
Description: fix SubjectDistance tag processing buffer overflow (CVE-2010-2067)
2
Author: Frank Warmerdam <warmerdam@pobox.com>
4
Index: tiff-3.9.2/libtiff/tif_dirread.c
5
===================================================================
6
--- tiff-3.9.2.orig/libtiff/tif_dirread.c 2010-06-10 13:30:29.498390970 -0700
7
+++ tiff-3.9.2/libtiff/tif_dirread.c 2010-06-10 13:33:40.577518024 -0700
12
+ if (dir->tdir_count != 1 || dir->tdir_type != TIFF_RATIONAL) {
13
+ TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
14
+ "incorrect count or type for SubjectDistance, tag ignored" );
18
if (TIFFFetchData(tif, dir, (char *)l)
19
&& cvtRational(tif, dir, l[0], l[1], &v)) {