← Back to branch summary

~ubuntu-branches/ubuntu/trusty/libjpeg-turbo/trusty

~ubuntu-branches/ubuntu/trusty/libjpeg-turbo/trusty

« back to all changes in this revision

Viewing changes to jdmarker.c

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2013-12-19 15:07:26 UTC
Revision ID: package-import@ubuntu.com-20131219150726-agy0p1zz1pgrac9j

Tags: 1.3.0-0ubuntu2

https://launchpad.net/bugs/1252912

https://launchpad.net/bugs/1252912

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

files added:
.pc/CVE-2013-6629.patch

.pc/CVE-2013-6629.patch/jdmarker.c

.pc/CVE-2013-6630.patch

.pc/CVE-2013-6630.patch/jdmarker.c

debian/patches/CVE-2013-6629.patch

debian/patches/CVE-2013-6630.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

jdmarker.c

Show diffs side-by-side

added added

removed removed

348

348

349

349

TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,

350

350

compptr->dc_tbl_no, compptr->ac_tbl_no);

351

352

/* This CSi (cc) should differ from the previous CSi */

353

for (ci = 0; ci < i; ci++) {

354

if (cinfo->cur_comp_info[ci] == compptr)

355

ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);

356

}

351

357

}

352

358

353

359

/* Collect the additional scan parameters Ss, Se, Ah/Al. */

465

471

for (i = 0; i < count; i++)

466

472

INPUT_BYTE(cinfo, huffval[i], return FALSE);

467

473

474

MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));

468

475

length -= count;

469

476

470

477

if (index & 0x10) { /* AC table definition */

Older »