~ubuntu-branches/ubuntu/raring/libjpeg6b/raring-updates

« back to all changes in this revision

Viewing changes to debian/patches/CVE-2013-6629.patch

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2013-11-22 08:58:58 UTC
  • Revision ID: package-import@ubuntu.com-20131122085858-n5kmkin5z4e2fsrq
Tags: 6b1-3ubuntu1.13.04.1
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
Description: fix information disclosure via uninitialized memory in
 
2
 the get_sos function
 
3
Origin: vendor, http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git;a=commit;h=2285c50bcd51dd999d80b99b30ce9aef9fb80833
 
4
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libjpeg-turbo/+bug/1252912
 
5
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729867
 
6
 
 
7
Index: libjpeg6b-6b1/jdmarker.c
 
8
===================================================================
 
9
--- libjpeg6b-6b1.orig/jdmarker.c       1998-02-21 15:24:50.000000000 -0500
 
10
+++ libjpeg6b-6b1/jdmarker.c    2013-11-22 08:10:03.055093344 -0500
 
11
@@ -342,6 +342,12 @@
 
12
     
 
13
     TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
 
14
             compptr->dc_tbl_no, compptr->ac_tbl_no);
 
15
+
 
16
+    /* This CSi (cc) should differ from the previous CSi */
 
17
+    for (ci = 0; ci < i; ci++) {
 
18
+      if (cinfo->cur_comp_info[ci] == compptr)
 
19
+        ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
 
20
+    }
 
21
   }
 
22
 
 
23
   /* Collect the additional scan parameters Ss, Se, Ah/Al. */