blob: cf94fd23d84e2c551b97e429a633faa278ef6e36 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
From 8c0859a80444c90b8dfb862a9f16de74e16f0a9e Mon Sep 17 00:00:00 2001
From: xiaoxiaoafeifei <lliangliang2007@163.com>
Date: Fri, 21 Apr 2023 13:01:34 +0000
Subject: [PATCH] countInkNamesString(): fix `UndefinedBehaviorSanitizer`:
applying zero offset to null pointer
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f]
CVE: CVE-2023-2908
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
libtiff/tif_dir.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
index 349dfe4..1402c8e 100644
--- a/libtiff/tif_dir.c
+++ b/libtiff/tif_dir.c
@@ -145,10 +145,10 @@ static uint16_t
countInkNamesString(TIFF *tif, uint32_t slen, const char *s)
{
uint16_t i = 0;
- const char *ep = s + slen;
- const char *cp = s;
if (slen > 0) {
+ const char *ep = s + slen;
+ const char *cp = s;
do {
for (; cp < ep && *cp != '\0'; cp++) {}
if (cp >= ep)
--
2.25.1
|