aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/libtiff-CVE-2016-5323.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2016-5323.patch')
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5323.patch88
1 files changed, 0 insertions, 88 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5323.patch b/gnu/packages/patches/libtiff-CVE-2016-5323.patch
deleted file mode 100644
index 8b2a043d29..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2016-5323.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-Fix CVE-2016-5323.
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
-http://bugzilla.maptools.org/show_bug.cgi?id=2559
-
-Patch extracted from upstream CVS repo with:
-$ cvs diff -u -r1.36 -r1.37 tools/tiffcrop.c
-
-Index: tools/tiffcrop.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
-retrieving revision 1.36
-retrieving revision 1.37
-diff -u -r1.36 -r1.37
---- libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
-+++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
-@@ -3738,7 +3738,7 @@
-
- matchbits = maskbits << (8 - src_bit - bps);
- /* load up next sample from each plane */
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- buff1 = ((*src) & matchbits) << (src_bit);
-@@ -3837,7 +3837,7 @@
- src_bit = bit_offset % 8;
-
- matchbits = maskbits << (16 - src_bit - bps);
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- if (little_endian)
-@@ -3947,7 +3947,7 @@
- src_bit = bit_offset % 8;
-
- matchbits = maskbits << (32 - src_bit - bps);
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- if (little_endian)
-@@ -4073,7 +4073,7 @@
- src_bit = bit_offset % 8;
-
- matchbits = maskbits << (64 - src_bit - bps);
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- if (little_endian)
-@@ -4263,7 +4263,7 @@
-
- matchbits = maskbits << (8 - src_bit - bps);
- /* load up next sample from each plane */
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- buff1 = ((*src) & matchbits) << (src_bit);
-@@ -4362,7 +4362,7 @@
- src_bit = bit_offset % 8;
-
- matchbits = maskbits << (16 - src_bit - bps);
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- if (little_endian)
-@@ -4471,7 +4471,7 @@
- src_bit = bit_offset % 8;
-
- matchbits = maskbits << (32 - src_bit - bps);
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- if (little_endian)
-@@ -4597,7 +4597,7 @@
- src_bit = bit_offset % 8;
-
- matchbits = maskbits << (64 - src_bit - bps);
-- for (s = 0; s < spp; s++)
-+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- src = in[s] + src_offset + src_byte;
- if (little_endian)
generated by cgit v1.2.3 (git 2.45.0) at 2024-12-02 11:03:33 +0000