blob: 8db24fc714f74400e96debaeb01925e6ae95984d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
From d63de61b1ec3385f6383ef9a1f453e4b8b11d536 Mon Sep 17 00:00:00 2001
From: Su_Laus <sulau@freenet.de>
Date: Fri, 3 Feb 2023 17:38:55 +0100
Subject: [PATCH] TIFFClose() avoid NULL pointer dereferencing. fix#515
Closes #515
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536]
CVE: CVE-2023-3316
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
libtiff/tif_close.c | 11 +++++++----
tools/tiffcrop.c | 5 ++++-
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/libtiff/tif_close.c b/libtiff/tif_close.c
index e4228df..335e80f 100644
--- a/libtiff/tif_close.c
+++ b/libtiff/tif_close.c
@@ -118,13 +118,16 @@ TIFFCleanup(TIFF* tif)
*/
void
-TIFFClose(TIFF* tif)
+TIFFClose(TIFF *tif)
{
- TIFFCloseProc closeproc = tif->tif_closeproc;
- thandle_t fd = tif->tif_clientdata;
+ if (tif != NULL)
+ {
+ TIFFCloseProc closeproc = tif->tif_closeproc;
+ thandle_t fd = tif->tif_clientdata;
TIFFCleanup(tif);
- (void) (*closeproc)(fd);
+ (void)(*closeproc)(fd);
+ }
}
/* vim: set ts=8 sts=8 sw=8 noet: */
diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index a533089..f14bb0c 100644
--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
@@ -2526,7 +2526,10 @@ main(int argc, char* argv[])
}
}
- TIFFClose(out);
+ if (out != NULL)
+ {
+ TIFFClose(out);
+ }
return (0);
} /* end main */
--
2.25.1
|
