rpms / libtiff

Clone
Source Code
GIT

Blame SOURCES/libtiff-CVE-2016-3186.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   f135ac6e64af9bdc093bd82a0d952a6037fbc0b0
  2.   SOURCES
  3.   libtiff-CVE-2016-3186.patch
Blob History Raw
460672 
From 4c5f309925e568f3ccd4bacc1907c082401c13cd Mon Sep 17 00:00:00 2001
460672 
From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
460672 
Date: Thu, 6 Dec 2018 14:42:00 +0100
460672 
Subject: [PATCH 01/10] Fix CVE-2016-3186
460672
460672 
---
460672 
 tools/gif2tiff.c | 2 +-
460672 
 1 file changed, 1 insertion(+), 1 deletion(-)
460672
460672 
diff --git a/tools/gif2tiff.c b/tools/gif2tiff.c
460672 
index 1e9b4b9..e89ac5b 100644
460672 
--- a/tools/gif2tiff.c
460672 
+++ b/tools/gif2tiff.c
460672 
@@ -316,7 +316,7 @@ readextension(void)
460672 
     char buf[255];
460672
460672 
     (void) getc(infile);
460672 
-    while ((count = getc(infile)))
460672 
+    while ((count = getc(infile)) && count >= 0 && count <= 255)
460672 
         fread(buf, 1, count, infile);
460672 
 }
460672
460672 
--
460672 
2.17.2
460672

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation