meta/recipes-multimedia/libtiff/tiff/CVE-2025-8176_2.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

From c090daf37e7f2ad09ec7e9cfabd1c5fde3dee6eb Mon Sep 17 00:00:00 2001
From: Lee Howard <faxguy@howardsilvan.com>
Date: Sat, 24 May 2025 21:25:16 -0700
Subject: [PATCH 4/7] Fix tiffmedian bug #707

CVE: CVE-2025-8176
Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/ce46f002eca4148497363f80fab33f9396bcbeda]
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
---
 tools/tiffmedian.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/tiffmedian.c b/tools/tiffmedian.c
index f6cf26c..8c9978b 100644
--- a/tools/tiffmedian.c
+++ b/tools/tiffmedian.c
@@ -414,7 +414,10 @@ static void get_histogram(TIFF *in, Colorbox *box)
     for (i = 0; i < imagelength; i++)
     {
         if (TIFFReadScanline(in, inputline, i, 0) <= 0)
-            break;
+        {
+            fprintf(stderr, "Error reading scanline\n");
+            exit(EXIT_FAILURE);
+        }
         inptr = inputline;
         for (j = imagewidth; j-- > 0;)
         {
-- 
2.47.3