Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
libraw
libraw-CVE-2018-5817,5818,5819.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libraw-CVE-2018-5817,5818,5819.patch of Package libraw
Index: LibRaw-0.15.4/internal/dcraw_common.cpp =================================================================== --- LibRaw-0.15.4.orig/internal/dcraw_common.cpp 2019-01-09 13:13:21.522843966 +0100 +++ LibRaw-0.15.4/internal/dcraw_common.cpp 2019-01-09 13:16:39.631801826 +0100 @@ -6025,7 +6025,7 @@ void CLASS parse_rollei() fseek (ifp, 0, SEEK_SET); memset (&t, 0, sizeof t); do { - fgets (line, 128, ifp); + if(!fgets (line, 128, ifp)) break; if ((val = strchr(line,'='))) *val++ = 0; else @@ -6063,6 +6063,7 @@ void CLASS parse_sinar_ia() order = 0x4949; fseek (ifp, 4, SEEK_SET); entries = get4(); + if(entries < 1 || entries > 8192) return; fseek (ifp, get4(), SEEK_SET); while (entries--) { off = get4(); get4(); @@ -8490,6 +8491,7 @@ dng_skip: } if (!tiff_bps) tiff_bps = 12; if (!maximum) maximum = (1 << tiff_bps) - 1; + if(maximum > 0xffff) maximum = 0xffff; if (!load_raw || height < 22) is_raw = 0; #ifdef NO_JASPER if (load_raw == &CLASS redcine_load_raw) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor