Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
libraw
libraw-CVE-2018-5817,5818,5819.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libraw-CVE-2018-5817,5818,5819.patch of Package libraw
Index: LibRaw-0.18.9/internal/dcraw_common.cpp =================================================================== --- LibRaw-0.18.9.orig/internal/dcraw_common.cpp 2019-01-09 13:06:48.692944632 +0100 +++ LibRaw-0.18.9/internal/dcraw_common.cpp 2019-01-09 13:11:35.066329244 +0100 @@ -12009,7 +12009,7 @@ void CLASS parse_rollei() fseek (ifp, 0, SEEK_SET); memset (&t, 0, sizeof t); do { - fgets (line, 128, ifp); + if(!fgets (line, 128, ifp)) break; if ((val = strchr(line,'='))) *val++ = 0; else @@ -12047,6 +12047,7 @@ void CLASS parse_sinar_ia() order = 0x4949; fseek (ifp, 4, SEEK_SET); entries = get4(); + if(entries < 1 || entries > 8192) return; fseek (ifp, get4(), SEEK_SET); while (entries--) { off = get4(); get4(); @@ -15610,6 +15611,7 @@ dng_skip: if(maximum < 0x10000 && curve[maximum]>0 && load_raw == &CLASS sony_arw2_load_raw) maximum = curve[maximum]; } + if(maximum > 0xffff) maximum = 0xffff; if (!load_raw || height < 22 || width < 22 || #ifdef LIBRAW_LIBRARY_BUILD (tiff_bps > 16 && load_raw != &LibRaw::deflate_dng_load_raw)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor