summaryrefslogtreecommitdiff
path: root/media-libs/tiff/files/tiff-3.9.7-tiffinfo-exif.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs/tiff/files/tiff-3.9.7-tiffinfo-exif.patch')
-rw-r--r--media-libs/tiff/files/tiff-3.9.7-tiffinfo-exif.patch59
1 files changed, 59 insertions, 0 deletions
diff --git a/media-libs/tiff/files/tiff-3.9.7-tiffinfo-exif.patch b/media-libs/tiff/files/tiff-3.9.7-tiffinfo-exif.patch
new file mode 100644
index 000000000000..a326e21e298b
--- /dev/null
+++ b/media-libs/tiff/files/tiff-3.9.7-tiffinfo-exif.patch
@@ -0,0 +1,59 @@
+Teach "tiffinfo -D" to not try to print image data inside an EXIF subdirectory,
+because there isn't any. Back-patched from an upstream 4.0.2 fix.
+
+This is not a security issue in itself (it crashes, but with a simple NULL
+pointer dereference). However, our test case for CVE-2012-5581 tickles this
+bug, so it seems easier to fix this than make a new test case.
+
+
+diff -Naur tiff-3.9.4.orig/tools/tiffinfo.c tiff-3.9.4/tools/tiffinfo.c
+--- tiff-3.9.4.orig/tools/tiffinfo.c 2010-06-08 14:50:44.000000000 -0400
++++ tiff-3.9.4/tools/tiffinfo.c 2012-12-11 16:33:17.062228558 -0500
+@@ -49,7 +49,7 @@
+ int stoponerr = 1; /* stop on first read error */
+
+ static void usage(void);
+-static void tiffinfo(TIFF*, uint16, long);
++static void tiffinfo(TIFF*, uint16, long, int);
+
+ int
+ main(int argc, char* argv[])
+@@ -124,19 +124,20 @@
+ if (tif != NULL) {
+ if (dirnum != -1) {
+ if (TIFFSetDirectory(tif, (tdir_t) dirnum))
+- tiffinfo(tif, order, flags);
++ tiffinfo(tif, order, flags, 1);
+ } else if (diroff != 0) {
+ if (TIFFSetSubDirectory(tif, diroff))
+- tiffinfo(tif, order, flags);
++ tiffinfo(tif, order, flags, 1);
+ } else {
+ do {
+ uint32 offset;
+
+- tiffinfo(tif, order, flags);
++ tiffinfo(tif, order, flags, 1);
+ if (TIFFGetField(tif, TIFFTAG_EXIFIFD,
+ &offset)) {
+- if (TIFFReadEXIFDirectory(tif, offset))
+- tiffinfo(tif, order, flags);
++ if (TIFFReadEXIFDirectory(tif, offset)) {
++ tiffinfo(tif, order, flags, 0);
++ }
+ }
+ } while (TIFFReadDirectory(tif));
+ }
+@@ -426,10 +427,10 @@
+ }
+
+ static void
+-tiffinfo(TIFF* tif, uint16 order, long flags)
++tiffinfo(TIFF* tif, uint16 order, long flags, int is_image)
+ {
+ TIFFPrintDirectory(tif, stdout, flags);
+- if (!readdata)
++ if (!readdata || !is_image)
+ return;
+ if (rawdata) {
+ if (order) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 23:50:35 +0000