Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
tiff.32962
tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627....
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch of Package tiff.32962
Index: tiff-4.0.9/tools/tiffcrop.c =================================================================== --- tiff-4.0.9.orig/tools/tiffcrop.c +++ tiff-4.0.9/tools/tiffcrop.c @@ -756,6 +756,11 @@ static char* usage_info[] = { " The four debug/dump options are independent, though it makes little sense to", " specify a dump file without specifying a detail level.", " ", +"Note 1: The (-X|-Y), -Z, -z and -S options are mutually exclusive.", +" In no case should the options be applied to a given selection successively.", +"Note 2: Any of the -X, -Y, -Z and -z options together with other PAGE_MODE_x options", +" such as - H, -V, -P, -J or -K are not supported and may cause buffer overflows.", +" ", NULL }; @@ -2111,9 +2116,20 @@ void process_command_opts (int argc, ch R = (crop_data->crop_mode & CROP_REGIONS) ? 1 : 0; S = (page->mode & PAGE_MODE_ROWSCOLS) ? 1 : 0; if (XY + Z + R + S > 1) { - TIFFError("tiffcrop input error", "The crop options(-X|-Y), -Z, -z and -S are mutually exclusive.->Exit"); + TIFFError("tiffcrop input error", "The crop options(-X|-Y), -Z, -z and -S are mutually exclusive.->exit"); exit(EXIT_FAILURE); } + + /* Check for not allowed combination: + * Any of the -X, -Y, -Z and -z options together with other PAGE_MODE_x options + * such as -H, -V, -P, -J or -K are not supported and may cause buffer overflows. +. */ + if ((XY + Z + R > 0) && page->mode != PAGE_MODE_NONE) { + TIFFError("tiffcrop input error", + "Any of the crop options -X, -Y, -Z and -z together with other PAGE_MODE_x options such as - H, -V, -P, -J or -K is not supported and may cause buffer overflows..->exit"); + exit(EXIT_FAILURE); + } + } /* end process_command_opts */ /* Start a new output file if one has not been previously opened or @@ -2381,6 +2397,7 @@ main(int argc, char* argv[]) exit (-1); } + /* Crop input image and copy zones and regions from input image into seg_buffs or crop_buff. */ if (crop.selections > 0) { if (processCropSelections(&image, &crop, &read_buff, seg_buffs)) @@ -2397,6 +2414,7 @@ main(int argc, char* argv[]) exit (-1); } } + /* Format and write selected image parts to output file(s). */ if (page.mode == PAGE_MODE_NONE) { /* Whole image or sections not based on output page size */ if (crop.selections > 0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor