Blame SOURCES/libjpeg-turbo-CVE-2021-20205.patch

7c2d2a
From 6bb9d7ea3fdc22a8a03b989e430d0f4953e59f03 Mon Sep 17 00:00:00 2001
7c2d2a
From: DRC <information@libjpeg-turbo.org>
7c2d2a
Date: Thu, 14 Jan 2021 18:35:15 -0600
7c2d2a
Subject: [PATCH] cjpeg: Fix FPE when compressing 0-width GIF
7c2d2a
7c2d2a
---
7c2d2a
 cderror.h | 5 ++++-
7c2d2a
 rdgif.c   | 8 +++++++-
7c2d2a
 2 files changed, 11 insertions(+), 2 deletions(-)
7c2d2a
7c2d2a
diff --git a/cderror.h b/cderror.h
7c2d2a
index a386b69..2844346 100644
7c2d2a
--- a/cderror.h
7c2d2a
+++ b/cderror.h
7c2d2a
@@ -1,9 +1,11 @@
7c2d2a
 /*
7c2d2a
  * cderror.h
7c2d2a
  *
7c2d2a
+ * This file was part of the Independent JPEG Group's software:
7c2d2a
  * Copyright (C) 1994-1997, Thomas G. Lane.
7c2d2a
  * Modified 2009-2017 by Guido Vollbeding.
7c2d2a
- * This file is part of the Independent JPEG Group's software.
7c2d2a
+ * libjpeg-turbo Modifications:
7c2d2a
+ * Copyright (C) 2021, D. R. Commander.
7c2d2a
  * For conditions of distribution and use, see the accompanying README.ijg
7c2d2a
  * file.
7c2d2a
  *
7c2d2a
@@ -60,6 +62,7 @@ JMESSAGE(JTRC_BMP_OS2_MAPPED, "%ux%u 8-bit colormapped OS2 BMP image")
7c2d2a
 JMESSAGE(JERR_GIF_BUG, "GIF output got confused")
7c2d2a
 JMESSAGE(JERR_GIF_CODESIZE, "Bogus GIF codesize %d")
7c2d2a
 JMESSAGE(JERR_GIF_COLORSPACE, "GIF output must be grayscale or RGB")
7c2d2a
+JMESSAGE(JERR_GIF_EMPTY, "Empty GIF image")
7c2d2a
 JMESSAGE(JERR_GIF_IMAGENOTFOUND, "Too few images in GIF file")
7c2d2a
 JMESSAGE(JERR_GIF_NOT, "Not a GIF file")
7c2d2a
 JMESSAGE(JTRC_GIF, "%ux%ux%d GIF image")
7c2d2a
diff --git a/rdgif.c b/rdgif.c
7c2d2a
index e1ea56c..8a379fe 100644
7c2d2a
--- a/rdgif.c
7c2d2a
+++ b/rdgif.c
7c2d2a
@@ -1,9 +1,11 @@
7c2d2a
 /*
7c2d2a
  * rdgif.c
7c2d2a
  *
7c2d2a
+ * This file was part of the Independent JPEG Group's software:
7c2d2a
  * Copyright (C) 1991-1997, Thomas G. Lane.
7c2d2a
  * Modified 2019 by Guido Vollbeding.
7c2d2a
- * This file is part of the Independent JPEG Group's software.
7c2d2a
+ * libjpeg-turbo Modifications:
7c2d2a
+ * Copyright (C) 2021, D. R. Commander.
7c2d2a
  * For conditions of distribution and use, see the accompanying README.ijg
7c2d2a
  * file.
7c2d2a
  *
7c2d2a
@@ -404,6 +406,8 @@ start_input_gif(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
7c2d2a
     ERREXIT(cinfo, JERR_INPUT_EOF);
7c2d2a
   width = LM_to_uint(hdrbuf, 0);
7c2d2a
   height = LM_to_uint(hdrbuf, 2);
7c2d2a
+  if (width == 0 || height == 0)
7c2d2a
+    ERREXIT(cinfo, JERR_GIF_EMPTY);
7c2d2a
   /* we ignore the color resolution, sort flag, and background color index */
7c2d2a
   aspectRatio = UCH(hdrbuf[6]);
7c2d2a
   if (aspectRatio != 0 && aspectRatio != 49)
7c2d2a
@@ -446,6 +450,8 @@ start_input_gif(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
7c2d2a
     /* we ignore top/left position info, also sort flag */
7c2d2a
     width = LM_to_uint(hdrbuf, 4);
7c2d2a
     height = LM_to_uint(hdrbuf, 6);
7c2d2a
+    if (width == 0 || height == 0)
7c2d2a
+      ERREXIT(cinfo, JERR_GIF_EMPTY);
7c2d2a
     source->is_interlaced = (BitSet(hdrbuf[8], INTERLACE) != 0);
7c2d2a
 
7c2d2a
     /* Read local colormap if header indicates it is present */
7c2d2a
-- 
7c2d2a
2.26.3
7c2d2a