packages/libtiff
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!146 [sync] PR-142: modified backport-CVE-2022-48281.patch

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
This commit is contained in:
openeuler-ci-bot 2023-02-21 02:02:12 +00:00 committed by Gitee
commit 3680c6bfb9
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 22 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
backport-CVE-2022-48281.patch
View File

@ -3,22 +3,29 @@ From: Su Laus <sulau@freenet.de>
Date: Sat, 21 Jan 2023 15:58:10 +0000 Date: Sat, 21 Jan 2023 15:58:10 +0000
Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488. Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
Reference:https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5
Conflict:NA
--- ---
tools/tiffcrop.c | 2 +- tools/tiffcrop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-) 1 files changed, 1 insertions(+), 1 deletion(-)
create mode 100644 tools/tiffcrop.c.rej
diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index 92f8d09..20b9c23 100644 index 2c251aa..d3f7881 100644
--- a/tools/tiffcrop.c --- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c +++ b/tools/tiffcrop.c
@@ -7638,7 +7638,7 @@ processCropSelections(struct image_data *image, struct crop_mask *crop, @@ -7584,11 +7584,11 @@ processCropSelections(struct image_data *image, struct crop_mask *crop,
crop_buff = (unsigned char *)limitMalloc(cropsize + NUM_BUFF_OVERSIZE_BYTES); crop_buff = seg_buffs[i].buffer;
else if (!crop_buff)
{ crop_buff = (unsigned char *)limitMalloc(cropsize + NUM_BUFF_OVERSIZE_BYTES);
- prev_cropsize = seg_buffs[0].size; else
+ prev_cropsize = seg_buffs[i].size;
if (prev_cropsize < cropsize)
{ {
next_buff = _TIFFrealloc(crop_buff, cropsize + NUM_BUFF_OVERSIZE_BYTES); - prev_cropsize = seg_buffs[0].size;
+ prev_cropsize = seg_buffs[i].size;
if (prev_cropsize < cropsize)
{
next_buff = _TIFFrealloc(crop_buff, cropsize + NUM_BUFF_OVERSIZE_BYTES);
if (! next_buff)
{
-- --
2.33.0 2.33.0

5
libtiff.spec
View File

@ -1,6 +1,6 @@
Name: libtiff Name: libtiff
Version: 4.3.0 Version: 4.3.0
Release: 23 Release: 24
Summary: TIFF Library and Utilities Summary: TIFF Library and Utilities
License: libtiff License: libtiff
URL: https://www.simplesystems.org/libtiff/ URL: https://www.simplesystems.org/libtiff/
@ -158,6 +158,9 @@ find html -name 'Makefile*' | xargs rm
%exclude %{_datadir}/html/man/tiffgt.1.html %exclude %{_datadir}/html/man/tiffgt.1.html
%changelog %changelog
* Mon Feb 20 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-24
- modified backport-CVE-2022-48281.patch
* Thu Feb 16 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-23 * Thu Feb 16 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-23
- fix CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799, - fix CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799,
- fix CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804 - fix CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804