~ubuntu-branches/ubuntu/raring/libjpeg6b/raring-updates

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Description: fix information disclosure via uninitialized memory in
 the get_dht function
Origin: vendor, http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git;a=commit;h=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libjpeg-turbo/+bug/1252912
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729867

Index: libjpeg6b-6b1/jdmarker.c
===================================================================
--- libjpeg6b-6b1.orig/jdmarker.c	2013-11-22 08:10:13.915093622 -0500
+++ libjpeg6b-6b1/jdmarker.c	2013-11-22 08:40:37.723140321 -0500
@@ -465,6 +465,7 @@
     for (i = 0; i < count; i++)
       INPUT_BYTE(cinfo, huffval[i], return FALSE);
 
+    MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));
     length -= count;
 
     if (index & 0x10) {		/* AC table definition */