From b103d539e2421a66db911f069885ffbd5760bffd Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>

Date: Thu, 6 Dec 2018 14:58:16 +0100

Subject: [PATCH 07/10] Fix CVE-2018-17100

---

 tools/ppm2tiff.c | 13 +++++++------

 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/tools/ppm2tiff.c b/tools/ppm2tiff.c

index 8e168ad..fc97983 100644

--- a/tools/ppm2tiff.c

+++ b/tools/ppm2tiff.c

@@ -72,15 +72,16 @@ BadPPM(char* file)

 	exit(-2);

 }

+

+#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))

+#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)

+

 static tmsize_t

 multiply_ms(tmsize_t m1, tmsize_t m2)

 {

-	tmsize_t bytes = m1 * m2;

-

-	if (m1 && bytes / m1 != m2)

-		bytes = 0;

-

-	return bytes;

+        if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )

+            return 0;

+        return m1 * m2;

 }

 int

-- 

2.17.2