Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
openexr.21777
openexr-CVE-2017-9111,9113,9115.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openexr-CVE-2017-9111,9113,9115.patch of Package openexr.21777
Index: openexr-2.1.0/exrmakepreview/makePreview.cpp =================================================================== --- openexr-2.1.0.orig/exrmakepreview/makePreview.cpp 2013-06-18 21:51:40.000000000 +0200 +++ openexr-2.1.0/exrmakepreview/makePreview.cpp 2019-06-14 21:45:07.647887121 +0200 @@ -52,6 +52,7 @@ #include <ImathFun.h> #include <math.h> #include <iostream> +#include <stdlib.h> #include <OpenEXRConfig.h> using namespace OPENEXR_IMF_NAMESPACE; @@ -109,6 +110,9 @@ generatePreview (const char inFileName[] int h = dw.max.y - dw.min.y + 1; Array2D <Rgba> pixels (h, w); + if (INT_MAX / abs(w) < abs(dw.min.y) || + INT_MAX - abs(dw.min.x) < abs(dw.min.y * w)) + throw IEX_NAMESPACE::ArgExc ("Invalid data window in image header."); in.setFrameBuffer (&pixels[0][0] - dw.min.y * w - dw.min.x, 1, w); in.readPixels (dw.min.y, dw.max.y); Index: openexr-2.1.0/exrmaketiled/Image.h =================================================================== --- openexr-2.1.0.orig/exrmaketiled/Image.h 2013-10-16 00:55:09.000000000 +0200 +++ openexr-2.1.0/exrmaketiled/Image.h 2019-06-14 21:44:54.411813691 +0200 @@ -49,6 +49,7 @@ #include <string> #include <map> +#include <stdlib.h> #include "namespaceAlias.h" @@ -192,6 +193,9 @@ TypedImageChannel<T>::slice () const const IMATH_NAMESPACE::Box2i &dw = image().dataWindow(); int w = dw.max.x - dw.min.x + 1; + if (INT_MAX / abs(w) < abs(dw.min.y) || + INT_MAX - abs(dw.min.x) < abs(dw.min.y * w)) + throw IEX_NAMESPACE::ArgExc ("Invalid data window in image header."); return OPENEXR_IMF_INTERNAL_NAMESPACE::Slice (pixelType(), (char *) (&_pixels[0][0] - dw.min.y * w - dw.min.x), sizeof (T),
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor