blob: 2020508fdf585b57c6c499046226e5bdf73b3429 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From 1e7d217a323eac701b134afc4ae39b6bdfdbc96a Mon Sep 17 00:00:00 2001
From: Su_Laus <sulau@freenet.de>
Date: Wed, 17 Jan 2024 06:57:08 +0000
Subject: [PATCH] codec of input image is available, independently from codec
check of output image and return with error if not.
Fixes #606.
CVE: CVE-2023-6228
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a]
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
---
tools/tiffcp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
index aff0626..a4f7f6b 100644
--- a/tools/tiffcp.c
+++ b/tools/tiffcp.c
@@ -846,6 +846,8 @@ static int tiffcp(TIFF *in, TIFF *out)
if (!TIFFIsCODECConfigured(compression))
return FALSE;
TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
+ if (!TIFFIsCODECConfigured(input_compression))
+ return FALSE;
TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
if (input_compression == COMPRESSION_JPEG)
{
--
2.40.0
|
