File tiff-CVE-2022-22844.patch of Package tiff

Overview Repositories Revisions Requests Users Attributes Meta

File tiff-CVE-2022-22844.patch of Package tiff

Index: tiff-4.0.9/tools/tiffset.c
===================================================================
--- tiff-4.0.9.orig/tools/tiffset.c
+++ tiff-4.0.9/tools/tiffset.c
@@ -33,6 +33,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
+#include <stdint.h>
 
 #include "tiffio.h"
 
@@ -134,9 +135,19 @@ main(int argc, char* argv[])
 
             arg_index++;
             if (TIFFFieldDataType(fip) == TIFF_ASCII) {
-                if (TIFFSetField(tiff, TIFFFieldTag(fip), argv[arg_index]) != 1)
-                    fprintf( stderr, "Failed to set %s=%s\n",
-                             TIFFFieldName(fip), argv[arg_index] );
+				if(TIFFFieldPassCount( fip )) {
+					size_t len;
+					len = strlen(argv[arg_index]) + 1;
+					if (len > UINT16_MAX || TIFFSetField(tiff, TIFFFieldTag(fip),
+								(uint16_t)len, argv[arg_index]) != 1)
+						fprintf( stderr, "Failed to set %s=%s\n",
+								TIFFFieldName(fip), argv[arg_index] );
+				} else {
+					if (TIFFSetField(tiff, TIFFFieldTag(fip),
+								argv[arg_index]) != 1)
+						fprintf( stderr, "Failed to set %s=%s\n",
+								TIFFFieldName(fip), argv[arg_index] );
+				}
             } else if (TIFFFieldWriteCount(fip) > 0
 		       || TIFFFieldWriteCount(fip) == TIFF_VARIABLE) {
                 int     ret = 1;

Places

File tiff-CVE-2022-22844.patch of Package tiff

Places