|
Lucio Andrés Illanes Albornoz |
4e574b |
From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
From: pgajdos <pgajdos@suse.cz>
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
Date: Tue, 13 Nov 2018 09:03:31 +0100
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
Subject: [PATCH] prevent integer overflow
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
---
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
tools/tiffcp.c | 6 ++++++
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
1 file changed, 6 insertions(+)
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
index 2f406e2d..ece7ba13 100644
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
--- a/tools/tiffcp.c
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+++ b/tools/tiffcp.c
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
status = 0;
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
goto done;
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
}
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+ if (0xFFFFFFFF / tilew < spp)
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+ {
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps);
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+ status = 0;
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+ goto done;
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
+ }
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
bytes_per_sample = bps/8;
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
for (row = 0; row < imagelength; row += tl) {
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
--
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
2.18.1
|
|
Lucio Andrés Illanes Albornoz |
4e574b |
|