meta/recipes-multimedia/libtiff/tiff/CVE-2023-26966.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

From b0e1c25dd1d065200c8d8f59ad0afe014861a1b9 Mon Sep 17 00:00:00 2001
From: Su_Laus <sulau@freenet.de>
Date: Thu, 16 Feb 2023 12:03:16 +0100
Subject: [PATCH] tif_luv: Check and correct for NaN data in uv_encode().

Closes #530

Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/b0e1c25dd1d065200c8d8f59ad0afe014861a1b9]
CVE: CVE-2023-26966
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 libtiff/tif_luv.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c
index 13765ea..40b2719 100644
--- a/libtiff/tif_luv.c
+++ b/libtiff/tif_luv.c
@@ -908,6 +908,13 @@ uv_encode(double u, double v, int em)	/* encode (u',v') coordinates */
 {
 	register int	vi, ui;
 
+	/* check for NaN */
+	if (u != u || v != v)
+	{
+		u = U_NEU;
+		v = V_NEU;
+        }
+
 	if (v < UV_VSTART)
 		return oog_encode(u, v);
 	vi = tiff_itrunc((v - UV_VSTART)*(1./UV_SQSIZ), em);
-- 
2.25.1