rpms / python-pillow

Clone
Source Code
GIT

Blame SOURCES/CVE-2021-28676.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-beta c7-ppc64le c8 c8-beta c8s c9s-sig-cloud-openstack-bobcat c9s-sig-cloud-openstack-caracal c9s-sig-cloud-openstack-xena c9s-sig-cloud-openstack-zed
  1.   464eb7493d5814a0b689a699f51a575e5ae36ecf
  2.   SOURCES
  3.   CVE-2021-28676.patch
Blob History Raw
7c055c 
From cedb7ba568161021bc2f2f48af95fcf33e262f77 Mon Sep 17 00:00:00 2001
7c055c 
From: Lumir Balhar <lbalhar@redhat.com>
7c055c 
Date: Mon, 14 Jun 2021 09:30:01 +0200
7c055c 
Subject: [PATCH 4/5] CVE-2021-28676
7c055c
7c055c 
---
7c055c 
 src/libImaging/FliDecode.c | 5 +++++
7c055c 
 1 file changed, 5 insertions(+)
7c055c
7c055c 
diff --git a/src/libImaging/FliDecode.c b/src/libImaging/FliDecode.c
7c055c 
index 72ba138..9181b8b 100644
7c055c 
--- a/src/libImaging/FliDecode.c
7c055c 
+++ b/src/libImaging/FliDecode.c
7c055c 
@@ -209,6 +209,11 @@ ImagingFliDecode(Imaging im, ImagingCodecState state, UINT8* buf, int bytes)
7c055c 
 	    return -1;
7c055c 
 	}
7c055c 
 	advance = I32(ptr);
7c055c 
+	if (advance == 0 ) {
7c055c 
+        // If there's no advance, we're in in infinite loop
7c055c 
+        state->errcode = IMAGING_CODEC_BROKEN;
7c055c 
+        return -1;
7c055c 
+    }
7c055c 
 	ptr += advance;
7c055c 
 	bytes -= advance;
7c055c 
     }
7c055c 
--
7c055c 
2.31.1
7c055c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation