Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
openexr.20697
openexr-CVE-2021-3475.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openexr-CVE-2021-3475.patch of Package openexr.20697
Index: openexr-2.2.1/IlmImf/ImfTiledInputFile.cpp =================================================================== --- openexr-2.2.1.orig/IlmImf/ImfTiledInputFile.cpp 2021-03-31 16:46:33.459586875 +0200 +++ openexr-2.2.1/IlmImf/ImfTiledInputFile.cpp 2021-03-31 16:46:33.471586946 +0200 @@ -976,6 +976,16 @@ TiledInputFile::initialize () _data->tileBufferSize = _data->maxBytesPerTileLine * _data->tileDesc.ySize; // + // OpenEXR has a limit of INT_MAX compressed bytes per tile + // disallow uncompressed tile sizes above INT_MAX too to guarantee file is written + // + if( _data->tileBufferSize > INT_MAX ) + { + throw IEX_NAMESPACE::ArgExc ("Tile size too large for OpenEXR format"); + } + + + // // Create all the TileBuffers and allocate their internal buffers // Index: openexr-2.2.1/IlmImf/ImfTiledMisc.cpp =================================================================== --- openexr-2.2.1.orig/IlmImf/ImfTiledMisc.cpp 2021-03-31 16:46:33.471586946 +0200 +++ openexr-2.2.1/IlmImf/ImfTiledMisc.cpp 2021-03-31 16:49:37.220675276 +0200 @@ -301,7 +301,9 @@ calculateNumTiles (int *numTiles, { for (int i = 0; i < numLevels; i++) { - numTiles[i] = (levelSize (min, max, i, rmode) + size - 1) / size; + // use 64 bits to avoid int overflow if size is large. + Int64 l = levelSize (min, max, i, rmode); + numTiles[i] = (l + size - 1) / size; } } Index: openexr-2.2.1/IlmImf/ImfTiledOutputFile.cpp =================================================================== --- openexr-2.2.1.orig/IlmImf/ImfTiledOutputFile.cpp 2017-11-18 00:00:24.000000000 +0100 +++ openexr-2.2.1/IlmImf/ImfTiledOutputFile.cpp 2021-03-31 16:46:33.471586946 +0200 @@ -1022,6 +1022,17 @@ TiledOutputFile::initialize (const Heade _data->tileBufferSize = _data->maxBytesPerTileLine * _data->tileDesc.ySize; + // + // OpenEXR has a limit of INT_MAX compressed bytes per tile + // disallow uncompressed tile sizes above INT_MAX too to guarantee file is written + // + if( _data->tileBufferSize > INT_MAX ) + { + throw IEX_NAMESPACE::ArgExc ("Tile size too large for OpenEXR format"); + } + + + // // Create all the TileBuffers and allocate their internal buffers //
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor