diff options
Diffstat (limited to 'meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch')
| -rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch deleted file mode 100644 index 7db0a35f72..0000000000 --- a/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch +++ /dev/null | |||
| @@ -1,39 +0,0 @@ | |||
| 1 | From 9be22b639ea69e102d3847dca4c53ef025e9527b Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Even Rouault <even.rouault@spatialys.com> | ||
| 3 | Date: Sat, 29 Apr 2023 12:20:46 +0200 | ||
| 4 | Subject: [PATCH] LZWDecode(): avoid crash when trying to read again from a | ||
| 5 | strip whith a missing end-of-information marker (fixes #548) | ||
| 6 | |||
| 7 | CVE: CVE-2023-2731 | ||
| 8 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/9be22b639ea69e102d3847dca4c53ef025e9527b] | ||
| 9 | |||
| 10 | --- | ||
| 11 | libtiff/tif_lzw.c | 5 +++++ | ||
| 12 | 1 file changed, 5 insertions(+) | ||
| 13 | |||
| 14 | diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c | ||
| 15 | index ba75a07e..d631fa10 100644 | ||
| 16 | --- a/libtiff/tif_lzw.c | ||
| 17 | +++ b/libtiff/tif_lzw.c | ||
| 18 | @@ -423,6 +423,10 @@ static int LZWDecode(TIFF *tif, uint8_t *op0, tmsize_t occ0, uint16_t s) | ||
| 19 | |||
| 20 | if (sp->read_error) | ||
| 21 | { | ||
| 22 | + TIFFErrorExtR(tif, module, | ||
| 23 | + "LZWDecode: Scanline %" PRIu32 " cannot be read due to " | ||
| 24 | + "previous error", | ||
| 25 | + tif->tif_row); | ||
| 26 | return 0; | ||
| 27 | } | ||
| 28 | |||
| 29 | @@ -742,6 +746,7 @@ after_loop: | ||
| 30 | return (1); | ||
| 31 | |||
| 32 | no_eoi: | ||
| 33 | + sp->read_error = 1; | ||
| 34 | TIFFErrorExtR(tif, module, | ||
| 35 | "LZWDecode: Strip %" PRIu32 " not terminated with EOI code", | ||
| 36 | tif->tif_curstrip); | ||
| 37 | -- | ||
| 38 | 2.34.1 | ||
| 39 | |||