pool/openexr
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openexr/openexr-CVE-2021-3605.patch
Petr Gajdos 6cc7edd22b - security update 
- added patches
  fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function
  + openexr-CVE-2021-3605.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=67
2021-06-16 12:39:58 +00:00

16 lines
435 B
Diff
Raw Blame History

--- a/OpenEXR/IlmImf/ImfRle.cpp
+++ b/OpenEXR/IlmImf/ImfRle.cpp
@@ -146,6 +146,11 @@ rleUncompress (int inLength, int maxLength, const signed char in[], char out[])
if (0 > (maxLength -= count + 1))
return 0;
+ // check the input buffer is big enough to contain
+ // byte to be duplicated
+ if (inLength < 0)
+ return 0;
+
memset(out, *(char*)in, count+1);
out += count+1;
Reference in New Issue View Git Blame Copy Permalink