From b99517535db6393ec5d124b395206ef6198cc244930dfb6fcadce16bec7e1e59 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Tue, 23 May 2017 09:16:14 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/graphics/libraw?expand=0&rev=94 --- libraw-CVE-2017-6887,6886.patch | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/libraw-CVE-2017-6887,6886.patch b/libraw-CVE-2017-6887,6886.patch index 1c23a6a..1670a17 100644 --- a/libraw-CVE-2017-6887,6886.patch +++ b/libraw-CVE-2017-6887,6886.patch @@ -11,24 +11,22 @@ Subject: [PATCH] Secunia SA75000 advisory: several buffer overruns Index: LibRaw-0.18.2/dcraw/dcraw.c =================================================================== --- LibRaw-0.18.2.orig/dcraw/dcraw.c 2017-05-23 10:30:39.264790336 +0200 -+++ LibRaw-0.18.2/dcraw/dcraw.c 2017-05-23 10:33:01.327208294 +0200 -@@ -5841,8 +5841,14 @@ int CLASS parse_tiff_ifd (int base) ++++ LibRaw-0.18.2/dcraw/dcraw.c 2017-05-23 11:15:45.574900958 +0200 +@@ -5841,7 +5841,12 @@ int CLASS parse_tiff_ifd (int base) if (!strcmp(model,"DSLR-A100") && tiff_ifd[ifd].width == 3872) { load_raw = &CLASS sony_arw_load_raw; data_offset = get4()+base; - ifd++; break; + ifd++; +#ifdef LIBRAW_LIBRARY_BUILD -+ if (ifd >= sizeof tiff_ifd / sizeof tiff_ifd[0]) -+ throw LIBRAW_EXCEPTION_IO_CORRUPT; ++ if (ifd >= sizeof tiff_ifd / sizeof tiff_ifd[0]) ++ throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif ++ break; } -+ /* not sure what is meant by that :) */ -+ break; while (len--) { i = ftell(ifp); - fseek (ifp, get4()+base, SEEK_SET); -@@ -6005,6 +6011,8 @@ int CLASS parse_tiff_ifd (int base) +@@ -6005,6 +6010,8 @@ int CLASS parse_tiff_ifd (int base) break; case 50454: /* Sinar tag */ case 50455: