diff options
Diffstat (limited to 'meta/recipes-multimedia/libtiff/files/CVE-2023-3316.patch')
-rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2023-3316.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-3316.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-3316.patch new file mode 100644 index 0000000000..8db24fc714 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-3316.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From d63de61b1ec3385f6383ef9a1f453e4b8b11d536 Mon Sep 17 00:00:00 2001 | ||
2 | From: Su_Laus <sulau@freenet.de> | ||
3 | Date: Fri, 3 Feb 2023 17:38:55 +0100 | ||
4 | Subject: [PATCH] TIFFClose() avoid NULL pointer dereferencing. fix#515 | ||
5 | |||
6 | Closes #515 | ||
7 | |||
8 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536] | ||
9 | CVE: CVE-2023-3316 | ||
10 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
11 | --- | ||
12 | libtiff/tif_close.c | 11 +++++++---- | ||
13 | tools/tiffcrop.c | 5 ++++- | ||
14 | 2 files changed, 11 insertions(+), 5 deletions(-) | ||
15 | |||
16 | diff --git a/libtiff/tif_close.c b/libtiff/tif_close.c | ||
17 | index e4228df..335e80f 100644 | ||
18 | --- a/libtiff/tif_close.c | ||
19 | +++ b/libtiff/tif_close.c | ||
20 | @@ -118,13 +118,16 @@ TIFFCleanup(TIFF* tif) | ||
21 | */ | ||
22 | |||
23 | void | ||
24 | -TIFFClose(TIFF* tif) | ||
25 | +TIFFClose(TIFF *tif) | ||
26 | { | ||
27 | - TIFFCloseProc closeproc = tif->tif_closeproc; | ||
28 | - thandle_t fd = tif->tif_clientdata; | ||
29 | + if (tif != NULL) | ||
30 | + { | ||
31 | + TIFFCloseProc closeproc = tif->tif_closeproc; | ||
32 | + thandle_t fd = tif->tif_clientdata; | ||
33 | |||
34 | TIFFCleanup(tif); | ||
35 | - (void) (*closeproc)(fd); | ||
36 | + (void)(*closeproc)(fd); | ||
37 | + } | ||
38 | } | ||
39 | |||
40 | /* vim: set ts=8 sts=8 sw=8 noet: */ | ||
41 | diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c | ||
42 | index a533089..f14bb0c 100644 | ||
43 | --- a/tools/tiffcrop.c | ||
44 | +++ b/tools/tiffcrop.c | ||
45 | @@ -2526,7 +2526,10 @@ main(int argc, char* argv[]) | ||
46 | } | ||
47 | } | ||
48 | |||
49 | - TIFFClose(out); | ||
50 | + if (out != NULL) | ||
51 | + { | ||
52 | + TIFFClose(out); | ||
53 | + } | ||
54 | |||
55 | return (0); | ||
56 | } /* end main */ | ||
57 | -- | ||
58 | 2.25.1 | ||
59 | |||