diff options
Diffstat (limited to 'meta/recipes-multimedia/libtiff/files/CVE-2022-0865.patch')
-rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2022-0865.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2022-0865.patch b/meta/recipes-multimedia/libtiff/files/CVE-2022-0865.patch new file mode 100644 index 0000000000..e2d136f587 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2022-0865.patch @@ -0,0 +1,39 @@ +From a1c933dabd0e1c54a412f3f84ae0aa58115c6067 Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Thu, 24 Feb 2022 22:26:02 +0100 +Subject: [PATCH] tif_jbig.c: fix crash when reading a file with multiple IFD + in memory-mapped mode and when bit reversal is needed (fixes #385) + +CVE: CVE-2022-0865 +Upstream-Status: Backport [https://sources.debian.org/src/tiff/4.1.0+git191117-2%7Edeb10u4/debian/patches/CVE-2022-0865.patch/] +Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> +Comment: No change in any hunk + +--- + libtiff/tif_jbig.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/libtiff/tif_jbig.c b/libtiff/tif_jbig.c +index 74086338..8bfa4cef 100644 +--- a/libtiff/tif_jbig.c ++++ b/libtiff/tif_jbig.c +@@ -208,6 +208,16 @@ int TIFFInitJBIG(TIFF* tif, int scheme) + */ + tif->tif_flags |= TIFF_NOBITREV; + tif->tif_flags &= ~TIFF_MAPPED; ++ /* We may have read from a previous IFD and thus set TIFF_BUFFERMMAP and ++ * cleared TIFF_MYBUFFER. It is necessary to restore them to their initial ++ * value to be consistent with the state of a non-memory mapped file. ++ */ ++ if (tif->tif_flags&TIFF_BUFFERMMAP) { ++ tif->tif_rawdata = NULL; ++ tif->tif_rawdatasize = 0; ++ tif->tif_flags &= ~TIFF_BUFFERMMAP; ++ tif->tif_flags |= TIFF_MYBUFFER; ++ } + + /* Setup the function pointers for encode, decode, and cleanup. */ + tif->tif_setupdecode = JBIGSetupDecode; +-- +GitLab + |