diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-09-25 19:33:39 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-09-28 08:31:11 +0100 |
commit | ad6182343997a405079870a2fe91c4e0c6b94595 (patch) | |
tree | 4aa7483cd0ad7de54338afc8e7971417abe1dd81 /media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch | |
parent | e8f81810baa21f490d6910e8e2d424546b72a333 (diff) |
gentoo resync : 25.09.2019
Diffstat (limited to 'media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch')
-rw-r--r-- | media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch b/media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch new file mode 100644 index 000000000000..9d59ca413fbe --- /dev/null +++ b/media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch @@ -0,0 +1,17 @@ +Fix a buffer overflow bug. See +https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2 + +--- a/dcraw.cc ++++ b/dcraw.cc +@@ -3013,7 +3013,10 @@ + diff = diff ? -diff : 0x80; + if (ftell(ifp) + 12 >= (int) seg[1][1]) + diff = 0; +- raw_image[pix] = pred[pix & 1] += diff; ++ if(pix>=raw_width*raw_height) ++ derror(); ++ else ++ raw_image[pix] = pred[pix & 1] += diff; + if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2; + } + maximum = 0xff; |