mirror of
https://git.yoctoproject.org/poky
synced 2026-04-27 03:32:12 +02:00
410d7bf8cb
CVE-2023-6228: An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. References: https://nvd.nist.gov/vuln/detail/CVE-2023-6228 https://gitlab.com/libtiff/libtiff/-/issues/606 (From OE-Core rev: 0730806ae39093b05ce943df1f9f5d0a25a8a673) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
32 lines
1.0 KiB
Diff
32 lines
1.0 KiB
Diff
From 1e7d217a323eac701b134afc4ae39b6bdfdbc96a Mon Sep 17 00:00:00 2001
|
|
From: Su_Laus <sulau@freenet.de>
|
|
Date: Wed, 17 Jan 2024 06:38:24 +0000
|
|
Subject: [PATCH] codec of input image is available, independently from codec
|
|
check of output image and return with error if not.
|
|
|
|
Fixes #606.
|
|
|
|
CVE: CVE-2023-6228
|
|
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a]
|
|
|
|
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
|
|
---
|
|
tools/tiffcp.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
|
|
index 34b6ef2..17c6524 100644
|
|
--- a/tools/tiffcp.c
|
|
+++ b/tools/tiffcp.c
|
|
@@ -724,6 +724,8 @@ tiffcp(TIFF* in, TIFF* out)
|
|
else
|
|
CopyField(TIFFTAG_COMPRESSION, compression);
|
|
TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
|
|
+ if (!TIFFIsCODECConfigured(input_compression))
|
|
+ return FALSE;
|
|
TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
|
|
if (input_compression == COMPRESSION_JPEG) {
|
|
/* Force conversion to RGB */
|
|
--
|
|
2.40.0
|