bb3536112b
CVE-2013-1960 - Heap-based buffer overflow CVE-2013-1961 - Stack-based buffer overflow ok sthen@
20 lines
822 B
Plaintext
20 lines
822 B
Plaintext
$OpenBSD: patch-tools_rgb2ycbcr_c,v 1.3 2013/05/03 11:00:39 jasper Exp $
|
|
|
|
Security fix for CVE-2013-1961 libtiff (tiff2pdf): Stack-based buffer overflow
|
|
with malformed image-length and resolution
|
|
|
|
Patch from https://bugzilla.redhat.com/show_bug.cgi?id=952131
|
|
|
|
--- tools/rgb2ycbcr.c.orig Tue May 31 19:03:16 2011
|
|
+++ tools/rgb2ycbcr.c Fri May 3 12:05:14 2013
|
|
@@ -332,7 +332,8 @@ tiffcvt(TIFF* in, TIFF* out)
|
|
TIFFSetField(out, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG);
|
|
{ char buf[2048];
|
|
char *cp = strrchr(TIFFFileName(in), '/');
|
|
- sprintf(buf, "YCbCr conversion of %s", cp ? cp+1 : TIFFFileName(in));
|
|
+ snprintf(buf, sizeof(buf), "YCbCr conversion of %s",
|
|
+ cp ? cp+1 : TIFFFileName(in));
|
|
TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, buf);
|
|
}
|
|
TIFFSetField(out, TIFFTAG_SOFTWARE, TIFFGetVersion());
|