diff options
author | Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> | 2019-11-24 15:50:19 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-11-25 21:37:01 +0000 |
commit | 9c44ecdb9bd6d70f0dfde2a8f0b52015fb6a1d86 (patch) | |
tree | 2af7fab2cd3a894a5182f93b63f6d5216dc9863a | |
parent | d8cd909e7c073eb6365732e5c906f52933fe2e66 (diff) | |
download | openembedded-core-contrib-9c44ecdb9bd6d70f0dfde2a8f0b52015fb6a1d86.tar.gz |
tiff: Refresh patch
Refresh CVE-2019-7663.patch as it can't be applyed when using PATCHTOOL = "patch".
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch | 71 |
1 files changed, 26 insertions, 45 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch index f244fb2f32..94e4e33e83 100644 --- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch @@ -1,22 +1,37 @@ -CVE: CVE-2019-7663 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> +CVE: CVE-2019-7663 +Upstream-Status: Backport +Signed-off-by: +Ross Burton <ross.burton@intel.com> From c6fc6c1fa895024c86285c58efd6424cf8078f32 Mon Sep 17 00:00:00 2001 From: Thomas Bernard <miniupnp@free.fr> Date: Mon, 11 Feb 2019 10:05:33 +0100 Subject: [PATCH 1/2] check that (Tile Width)*(Samples/Pixel) do no overflow -fixes bug 2833 +From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001 +From: Thomas Bernard <miniupnp@free.fr> +Date: Mon, 11 Feb 2019 21:42:03 +0100 +Subject: [PATCH 2/2] tiffcp.c: use INT_MAX + +Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> +Refresh this patch as it can't be applyed when using PATCHTOOL = "patch". --- - tools/tiffcp.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) + tools/tiffcp.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tools/tiffcp.c b/tools/tiffcp.c -index 2f406e2d..f0ee2c02 100644 +index 2f406e2..8c81aa4 100644 --- a/tools/tiffcp.c +++ b/tools/tiffcp.c -@@ -1408,7 +1408,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) +@@ -41,6 +41,7 @@ + #include <stdio.h> + #include <stdlib.h> + #include <string.h> ++#include <limits.h> + + #include <ctype.h> + +@@ -1408,7 +1409,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) int status = 1; uint32 imagew = TIFFRasterScanlineSize(in); uint32 tilew = TIFFTileRowSize(in); @@ -25,11 +40,11 @@ index 2f406e2d..f0ee2c02 100644 tsize_t tilesize = TIFFTileSize(in); tdata_t tilebuf; uint8* bufp = (uint8*) buf; -@@ -1416,6 +1416,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) +@@ -1416,6 +1417,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) uint32 row; uint16 bps = 0, bytes_per_sample; -+ if (spp > (0x7fffffff / tilew)) ++ if (spp > (INT_MAX / tilew)) + { + TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)"); + return 0; @@ -39,39 +54,5 @@ index 2f406e2d..f0ee2c02 100644 if (tilebuf == 0) return 0; -- -2.20.1 - - -From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001 -From: Thomas Bernard <miniupnp@free.fr> -Date: Mon, 11 Feb 2019 21:42:03 +0100 -Subject: [PATCH 2/2] tiffcp.c: use INT_MAX - ---- - tools/tiffcp.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/tools/tiffcp.c b/tools/tiffcp.c -index f0ee2c02..8c81aa4f 100644 ---- a/tools/tiffcp.c -+++ b/tools/tiffcp.c -@@ -41,6 +41,7 @@ - #include <stdio.h> - #include <stdlib.h> - #include <string.h> -+#include <limits.h> - - #include <ctype.h> - -@@ -1416,7 +1417,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) - uint32 row; - uint16 bps = 0, bytes_per_sample; - -- if (spp > (0x7fffffff / tilew)) -+ if (spp > (INT_MAX / tilew)) - { - TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)"); - return 0; --- -2.20.1 +2.7.4 |