|
 |
3528ec |
From 666a205254d095947de95670f014fe30137c0014 Mon Sep 17 00:00:00 2001
|
|
|
3528ec |
From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
|
|
|
3528ec |
Date: Thu, 6 Dec 2018 14:59:10 +0100
|
|
|
3528ec |
Subject: [PATCH 08/10] Fix CVE-2018-17101
|
|
|
3528ec |
|
|
|
3528ec |
---
|
|
|
3528ec |
tools/pal2rgb.c | 18 +++++++++++++++++-
|
|
|
3528ec |
tools/tiff2bw.c | 18 +++++++++++++++++-
|
|
|
3528ec |
2 files changed, 34 insertions(+), 2 deletions(-)
|
|
|
3528ec |
|
|
|
3528ec |
diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
|
|
|
3528ec |
index 426bbc0..994757a 100644
|
|
|
3528ec |
--- a/tools/pal2rgb.c
|
|
|
3528ec |
+++ b/tools/pal2rgb.c
|
|
|
3528ec |
@@ -389,7 +389,23 @@ cpTags(TIFF* in, TIFF* out)
|
|
|
3528ec |
{
|
|
|
3528ec |
struct cpTag *p;
|
|
|
3528ec |
for (p = tags; p < &tags[NTAGS]; p++)
|
|
|
3528ec |
- cpTag(in, out, p->tag, p->count, p->type);
|
|
|
3528ec |
+ {
|
|
|
3528ec |
+ if( p->tag == TIFFTAG_GROUP3OPTIONS )
|
|
|
3528ec |
+ {
|
|
|
3528ec |
+ uint16 compression;
|
|
|
3528ec |
+ if( !TIFFGetField(in, TIFFTAG_COMPRESSION, &compression) ||
|
|
|
3528ec |
+ compression != COMPRESSION_CCITTFAX3 )
|
|
|
3528ec |
+ continue;
|
|
|
3528ec |
+ }
|
|
|
3528ec |
+ if( p->tag == TIFFTAG_GROUP4OPTIONS )
|
|
|
3528ec |
+ {
|
|
|
3528ec |
+ uint16 compression;
|
|
|
3528ec |
+ if( !TIFFGetField(in, TIFFTAG_COMPRESSION, &compression) ||
|
|
|
3528ec |
+ compression != COMPRESSION_CCITTFAX4 )
|
|
|
3528ec |
+ continue;
|
|
|
3528ec |
+ }
|
|
|
3528ec |
+ cpTag(in, out, p->tag, p->count, p->type);
|
|
|
3528ec |
+ }
|
|
|
3528ec |
}
|
|
|
3528ec |
#undef NTAGS
|
|
|
3528ec |
|
|
|
3528ec |
diff --git a/tools/tiff2bw.c b/tools/tiff2bw.c
|
|
|
3528ec |
index 02605df..53067e7 100644
|
|
|
3528ec |
--- a/tools/tiff2bw.c
|
|
|
3528ec |
+++ b/tools/tiff2bw.c
|
|
|
3528ec |
@@ -427,7 +427,23 @@ cpTags(TIFF* in, TIFF* out)
|
|
|
3528ec |
{
|
|
|
3528ec |
struct cpTag *p;
|
|
|
3528ec |
for (p = tags; p < &tags[NTAGS]; p++)
|
|
|
3528ec |
- cpTag(in, out, p->tag, p->count, p->type);
|
|
|
3528ec |
+ {
|
|
|
3528ec |
+ if( p->tag == TIFFTAG_GROUP3OPTIONS )
|
|
|
3528ec |
+ {
|
|
|
3528ec |
+ uint16 compression;
|
|
|
3528ec |
+ if( !TIFFGetField(in, TIFFTAG_COMPRESSION, &compression) ||
|
|
|
3528ec |
+ compression != COMPRESSION_CCITTFAX3 )
|
|
|
3528ec |
+ continue;
|
|
|
3528ec |
+ }
|
|
|
3528ec |
+ if( p->tag == TIFFTAG_GROUP4OPTIONS )
|
|
|
3528ec |
+ {
|
|
|
3528ec |
+ uint16 compression;
|
|
|
3528ec |
+ if( !TIFFGetField(in, TIFFTAG_COMPRESSION, &compression) ||
|
|
|
3528ec |
+ compression != COMPRESSION_CCITTFAX4 )
|
|
|
3528ec |
+ continue;
|
|
|
3528ec |
+ }
|
|
|
3528ec |
+ cpTag(in, out, p->tag, p->count, p->type);
|
|
|
3528ec |
+ }
|
|
|
3528ec |
}
|
|
|
3528ec |
#undef NTAGS
|
|
|
3528ec |
|
|
|
3528ec |
--
|
|
|
3528ec |
2.17.2
|
|
|
3528ec |
|