diff options
Diffstat (limited to 'meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch')
-rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch new file mode 100644 index 0000000000..fd67305c0b --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From b5c7d4c4e03333ac16b5cfb11acaaeaa493334f8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Su_Laus <sulau@freenet.de> | ||
3 | Date: Fri, 5 May 2023 19:43:46 +0200 | ||
4 | Subject: [PATCH] Consider error return of writeSelections(). Fixes #553 | ||
5 | |||
6 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/b5c7d4c4e03333ac16b5cfb11acaaeaa493334f8] | ||
7 | CVE: CVE-2023-3618 | ||
8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
9 | --- | ||
10 | tools/tiffcrop.c | 14 ++++++++++---- | ||
11 | 1 file changed, 10 insertions(+), 4 deletions(-) | ||
12 | |||
13 | diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c | ||
14 | index 7121c7c..93b7f96 100644 | ||
15 | --- a/tools/tiffcrop.c | ||
16 | +++ b/tools/tiffcrop.c | ||
17 | @@ -2437,9 +2437,15 @@ main(int argc, char* argv[]) | ||
18 | { /* Whole image or sections not based on output page size */ | ||
19 | if (crop.selections > 0) | ||
20 | { | ||
21 | - writeSelections(in, &out, &crop, &image, &dump, seg_buffs, | ||
22 | - mp, argv[argc - 1], &next_page, total_pages); | ||
23 | - } | ||
24 | + if (writeSelections(in, &out, &crop, &image, &dump, | ||
25 | + seg_buffs, mp, argv[argc - 1], | ||
26 | + &next_page, total_pages)) | ||
27 | + { | ||
28 | + TIFFError("main", | ||
29 | + "Unable to write new image selections"); | ||
30 | + exit(EXIT_FAILURE); | ||
31 | + } | ||
32 | + } | ||
33 | else /* One file all images and sections */ | ||
34 | { | ||
35 | if (update_output_file (&out, mp, crop.exp_mode, argv[argc - 1], | ||
36 | @@ -7749,7 +7755,7 @@ createCroppedImage(struct image_data *image, struct crop_mask *crop, | ||
37 | /* Memory is freed before crop_buff_ptr is overwritten */ | ||
38 | if (*crop_buff_ptr != NULL) | ||
39 | { | ||
40 | - _TIFFfree(*crop_buff_ptr); | ||
41 | + _TIFFfree(*crop_buff_ptr); | ||
42 | } | ||
43 | |||
44 | /* process full image, no crop buffer needed */ | ||
45 | -- | ||
46 | 2.25.1 | ||
47 | |||