Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
dcraw
dcraw-CVE-2018-19655.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File dcraw-CVE-2018-19655.patch of Package dcraw
Author: Filip Hroch <hroch@physics.muni.cz> Description: stack-based buffer overflow bug --- a/dcraw.c +++ b/dcraw.c @@ -8345,9 +8345,15 @@ { UINT64 bitbuf=0; int vbits, col, i, c; - ushort img[2][2064]; + ushort *img; double sum[]={0,0}; +#define IMG2D(row,col) \ + img[(row)*width+(col)] + + img = (ushort *) malloc(2*width*sizeof(ushort)); + merror (img, "find_green()"); + FORC(2) { fseek (ifp, c ? off1:off0, SEEK_SET); for (vbits=col=0; col < width; col++) { @@ -8356,13 +8362,14 @@ for (i=0; i < bite; i+=8) bitbuf |= (unsigned) (fgetc(ifp) << i); } - img[c][col] = bitbuf << (64-bps-vbits) >> (64-bps); + IMG2D(c,col) = bitbuf << (64-bps-vbits) >> (64-bps); } } FORC(width-1) { - sum[ c & 1] += ABS(img[0][c]-img[1][c+1]); - sum[~c & 1] += ABS(img[1][c]-img[0][c+1]); + sum[ c & 1] += ABS(IMG2D(0,c)-IMG2D(1,c+1)); + sum[~c & 1] += ABS(IMG2D(1,c)-IMG2D(0,c+1)); } + free(img); return 100 * log(sum[0]/sum[1]); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor