Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
tiff.35291
tiff-CVE-2023-52356.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tiff-CVE-2023-52356.patch of Package tiff.35291
Index: tiff-4.0.9/libtiff/tif_getimage.c =================================================================== --- tiff-4.0.9.orig/libtiff/tif_getimage.c +++ tiff-4.0.9/libtiff/tif_getimage.c @@ -2929,6 +2929,14 @@ TIFFReadRGBAStripExt(TIFF* tif, uint32 r if (TIFFRGBAImageOK(tif, emsg) && TIFFRGBAImageBegin(&img, tif, stop_on_error, emsg)) { + if (row >= img.height) + { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), + "Invalid row passed to TIFFReadRGBAStrip()."); + TIFFRGBAImageEnd(&img); + return (0); + } + img.row_offset = row; img.col_offset = 0; @@ -3004,6 +3012,14 @@ TIFFReadRGBATileExt(TIFF* tif, uint32 co return( 0 ); } + if (col >= img.width || row >= img.height) + { + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), + "Invalid row/col passed to TIFFReadRGBATile()."); + TIFFRGBAImageEnd(&img); + return (0); + } + /* * The TIFFRGBAImageGet() function doesn't allow us to get off the * edge of the image, even to fill an otherwise valid tile. So we
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor