← Back to branch summary

~ubuntu-branches/ubuntu/quantal/tiff/quantal

« back to all changes in this revision

Viewing changes to debian/patches/CVE-2010-2067.patch

  • Committer: Bazaar Package Importer
  • Author(s): Jay Berkenbilt
  • Date: 2010-06-18 21:28:11 UTC
  • mfrom: (10.1.1 sid)
  • Revision ID: james.westby@ubuntu.com-20100618212811-3t5mffcr8gpfpuel
Tags: 3.9.4-1
New upstream release

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/CVE-2010-2067.patch
1
 
Description: fix SubjectDistance tag processing buffer overflow (CVE-2010-2067)
2
 
Author: Frank Warmerdam <warmerdam@pobox.com>
3
 
 
4
 
Index: tiff-3.9.2/libtiff/tif_dirread.c
5
 
===================================================================
6
 
--- tiff-3.9.2.orig/libtiff/tif_dirread.c       2010-06-10 13:30:29.498390970 -0700
7
 
+++ tiff-3.9.2/libtiff/tif_dirread.c    2010-06-10 13:33:40.577518024 -0700
8
 
@@ -1919,6 +1919,12 @@
9
 
        float v;
10
 
        int ok = 0;
11
 
 
12
 
+       if (dir->tdir_count != 1 || dir->tdir_type != TIFF_RATIONAL) {
13
 
+               TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
14
 
+                       "incorrect count or type for SubjectDistance, tag ignored" );
15
 
+               return (0);
16
 
+       }
17
 
+
18
 
        if (TIFFFetchData(tif, dir, (char *)l)
19
 
            && cvtRational(tif, dir, l[0], l[1], &v)) {
20
 
                /*