aboutsummaryrefslogtreecommitdiff
path: root/graphics/tiff/files/patch-tif_next.c
diff options
context:
space:
mode:
authorDirk Meyer <dinoex@FreeBSD.org>2008-09-20 07:33:20 +0000
committerDirk Meyer <dinoex@FreeBSD.org>2008-09-20 07:33:20 +0000
commitf025b838e67c696a3de58d6d7d1b4981cb2ffe43 (patch)
treea3d4c336b5bc71be7bf030c374a5d83663476eb6 /graphics/tiff/files/patch-tif_next.c
parentc6fc6694926feecde74cb523b1845e4781aa691e (diff)
- add Security patches
- fix missign macro in manpages - add regression test Security: CVE-2006-2193 Security: CVE-2006-2327 Security: CVE-2006-2656 Security: CVE-2006-3459 Security: CVE-2006-3460 Security: CVE-2006-3461 Security: CVE-2006-3462 Security: CVE-2006-3463 Security: CVE-2006-3464 Security: CVE-2006-3465 Security: CVE-2008-2327 PR: 127434 Submitted by: <bf2006a@yahoo.com> Obtained From: Gentoo,Debian Approved by: portmgr (marcus)
Notes
Notes: svn path=/head/; revision=220438
Diffstat (limited to 'graphics/tiff/files/patch-tif_next.c')
-rw-r--r--graphics/tiff/files/patch-tif_next.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/graphics/tiff/files/patch-tif_next.c b/graphics/tiff/files/patch-tif_next.c
new file mode 100644
index 000000000000..e02f075eacd2
--- /dev/null
+++ b/graphics/tiff/files/patch-tif_next.c
@@ -0,0 +1,22 @@
+CVE-2006-3462
+===================================================================
+--- libtiff/tif_next.c.orig 2008-08-17 13:03:48.978994352 -0400
++++ libtiff/tif_next.c 2008-08-17 13:03:52.894064968 -0400
+@@ -105,11 +105,16 @@
+ * as codes of the form <color><npixels>
+ * until we've filled the scanline.
+ */
++ /*
++ * Ensure the run does not exceed the scanline
++ * bounds, potentially resulting in a security issue.
++ * -- taviso@google.com 14 Jun 2006.
++ */
+ op = row;
+ for (;;) {
+ grey = (n>>6) & 0x3;
+ n &= 0x3f;
+- while (n-- > 0)
++ while (n-- > 0 && npixels < imagewidth)
+ SETPIXEL(op, grey);
+ if (npixels >= (int) imagewidth)
+ break;
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-26 12:00:32 +0000