Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.1:Update
tiff
tiff-3.8.2-CVE-2010-1411.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tiff-3.8.2-CVE-2010-1411.patch of Package tiff
Index: tiff-3.8.2/libtiff/tif_fax3.c =================================================================== --- tiff-3.8.2.orig/libtiff/tif_fax3.c +++ tiff-3.8.2/libtiff/tif_fax3.c @@ -42,6 +42,7 @@ #define G3CODES #include "t4.h" #include <stdio.h> +#include <stdint.h> /* * Compression+decompression state blocks are @@ -491,10 +492,21 @@ Fax3SetupState(TIFF* tif) td->td_compression == COMPRESSION_CCITTFAX4 ); - nruns = needsRefLine ? 2*TIFFroundup(rowpixels,32) : rowpixels; + uint64_t val64 = rowpixels; + if (needsRefLine) + { + val64 = 2 * (((val64 + 31) /32) * 32); + if (val64 > 0xffffffff) + return (0); + } + nruns = (val64 &0xffffffff); + + val64 = 2*(uint64_t)nruns+3; + if (val64 > 0xffffffff) + return (0); - dsp->runs = (uint32*) _TIFFCheckMalloc(tif, 2*nruns+3, sizeof (uint32), - "for Group 3/4 run arrays"); + dsp->runs = (uint32*) _TIFFCheckMalloc(tif, (val64 & 0xffffffff), + sizeof(uint32), "for Group 3/4 run arrays"); if (dsp->runs == NULL) return (0); dsp->curruns = dsp->runs;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor