[OE-core] [zeus][PATCH] tiff: Refresh patch

Zheng Ruoqin zhengrq.fnst at cn.fujitsu.com
Thu Nov 21 08:44:15 UTC 2019


Refresh CVE-2019-7663.patch as it can't be applyed when using PATCHTOOL = "patch".

Signed-off-by: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
---
 .../libtiff/tiff/CVE-2019-7663.patch               | 71 ++++++++--------------
 1 file changed, 26 insertions(+), 45 deletions(-)

diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
index f244fb2..94e4e33 100644
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
@@ -1,22 +1,37 @@
-CVE: CVE-2019-7663
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton at intel.com>
+CVE: CVE-2019-7663 
+Upstream-Status: Backport 
+Signed-off-by:
+Ross Burton <ross.burton at intel.com>
 
 From c6fc6c1fa895024c86285c58efd6424cf8078f32 Mon Sep 17 00:00:00 2001
 From: Thomas Bernard <miniupnp at free.fr>
 Date: Mon, 11 Feb 2019 10:05:33 +0100
 Subject: [PATCH 1/2] check that (Tile Width)*(Samples/Pixel) do no overflow
 
-fixes bug 2833
+From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001
+From: Thomas Bernard <miniupnp at free.fr>
+Date: Mon, 11 Feb 2019 21:42:03 +0100
+Subject: [PATCH 2/2] tiffcp.c: use INT_MAX
+
+Signed-off-by: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
+Refresh this patch as it can't be applyed when using PATCHTOOL = "patch".
 ---
- tools/tiffcp.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
+ tools/tiffcp.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
 
 diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index 2f406e2d..f0ee2c02 100644
+index 2f406e2..8c81aa4 100644
 --- a/tools/tiffcp.c
 +++ b/tools/tiffcp.c
-@@ -1408,7 +1408,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+@@ -41,6 +41,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <limits.h>
+ 
+ #include <ctype.h>
+ 
+@@ -1408,7 +1409,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
  	int status = 1;
  	uint32 imagew = TIFFRasterScanlineSize(in);
  	uint32 tilew = TIFFTileRowSize(in);
@@ -25,11 +40,11 @@ index 2f406e2d..f0ee2c02 100644
  	tsize_t tilesize = TIFFTileSize(in);
  	tdata_t tilebuf;
  	uint8* bufp = (uint8*) buf;
-@@ -1416,6 +1416,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+@@ -1416,6 +1417,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
  	uint32 row;
  	uint16 bps = 0, bytes_per_sample;
  
-+	if (spp > (0x7fffffff / tilew))
++	if (spp > (INT_MAX / tilew))
 +	{
 +		TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
 +		return 0;
@@ -39,39 +54,5 @@ index 2f406e2d..f0ee2c02 100644
  	if (tilebuf == 0)
  		return 0;
 -- 
-2.20.1
-
-
-From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp at free.fr>
-Date: Mon, 11 Feb 2019 21:42:03 +0100
-Subject: [PATCH 2/2] tiffcp.c: use INT_MAX
-
----
- tools/tiffcp.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index f0ee2c02..8c81aa4f 100644
---- a/tools/tiffcp.c
-+++ b/tools/tiffcp.c
-@@ -41,6 +41,7 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-+#include <limits.h>
- 
- #include <ctype.h>
- 
-@@ -1416,7 +1417,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- 	uint32 row;
- 	uint16 bps = 0, bytes_per_sample;
- 
--	if (spp > (0x7fffffff / tilew))
-+	if (spp > (INT_MAX / tilew))
- 	{
- 		TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
- 		return 0;
--- 
-2.20.1
+2.7.4
 
-- 
2.7.4





More information about the Openembedded-core mailing list