diff options
Diffstat (limited to 'meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4243.patch')
-rw-r--r-- | meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4243.patch | 40 |
1 files changed, 0 insertions, 40 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4243.patch b/meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4243.patch deleted file mode 100644 index 642a117976..0000000000 --- a/meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4243.patch +++ /dev/null @@ -1,40 +0,0 @@ -This patch comes from: http://bugzilla.maptools.org/attachment.cgi?id=518&action=diff#tools/gif2tiff.c_sec2 - -Upstream-Status: Pending - -Signed-off-by: Baogen shang <baogen.shang@windriver.com> ---- a/tools/gif2tiff.c 2013-10-14 17:08:43.966239709 +0800 -+++ b/tools/gif2tiff.c 2013-10-14 17:18:22.994239638 +0800 -@@ -280,6 +280,10 @@ - fprintf(stderr, "no colormap present for image\n"); - return (0); - } -+ if (width == 0 || height == 0) { -+ fprintf(stderr, "Invalid value of width or height\n"); -+ return(0); -+ } - if ((raster = (unsigned char*) _TIFFmalloc(width*height+EXTRAFUDGE)) == NULL) { - fprintf(stderr, "not enough memory for image\n"); - return (0); -@@ -397,6 +401,10 @@ - return 1; - } - -+ if (*fill >= raster + width*height) { -+ fprintf(stderr, "raster full before eoi code\n"); -+ return 0; -+ } - if (oldcode == -1) { - *(*fill)++ = suffix[code]; - firstchar = oldcode = code; -@@ -428,6 +436,10 @@ - } - oldcode = incode; - do { -+ if (*fill >= raster + width*height) { -+ fprintf(stderr, "raster full before eoi code\n"); -+ return 0; -+ } - *(*fill)++ = *--stackp; - } while (stackp > stack); - return 1; |