Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
libraw
libraw-CVE-2018-5808.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libraw-CVE-2018-5808.patch of Package libraw
Index: LibRaw-0.15.4/internal/dcraw_common.cpp =================================================================== --- LibRaw-0.15.4.orig/internal/dcraw_common.cpp 2018-12-11 11:11:24.389644683 +0100 +++ LibRaw-0.15.4/internal/dcraw_common.cpp 2018-12-11 13:25:12.495967290 +0100 @@ -2702,6 +2702,11 @@ void CLASS sony_arw2_load_raw() uchar *data, *dp; ushort pix[16]; int row, col, val, max, min, imax, imin, sh, bit, i; +#ifdef LIBRAW_LIBRARY_BUILD + if(raw_width> 32768 || raw_height > 32768) // definitely too much for old samsung + throw LIBRAW_EXCEPTION_IO_BADFILE; +#endif + unsigned maxpixels = raw_width*(raw_height+7); data = (uchar *) malloc (raw_width); merror (data, "sony_arw2_load_raw()"); @@ -7328,7 +7333,8 @@ float CLASS find_green (int bps, int bit UINT64 bitbuf=0; int vbits, col, i, c; ushort img[2][2064]; - double sum[]={0,0}; + double sum[] = {0, 0}; + if(width > 2064) return 0.f; // too wide FORC(2) { fseek (ifp, c ? off1:off0, SEEK_SET);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor