fix CVE-2022-0908

backport-CVE-2022-0908.patch

@@ -0,0 +1,29 @@
+From a95b799f65064e4ba2e2dfc206808f86faf93e85 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Thu, 17 Feb 2022 15:28:43 +0100
+Subject: [PATCH] TIFFFetchNormalTag(): avoid calling memcpy() with a null
+ source pointer and size of zero (fixes #383)
+
+---
+ libtiff/tif_dirread.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index d654a1c..a31109a 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -5080,7 +5080,10 @@ TIFFFetchNormalTag(TIFF* tif, TIFFDirEntry* dp, int recover)
+ 								_TIFFfree(data);
+ 							return(0);
+ 						}
+-						_TIFFmemcpy(o,data,(uint32_t)dp->tdir_count);
++						if (dp->tdir_count > 0 )
++						{
++							_TIFFmemcpy(o,data,(uint32_t)dp->tdir_count);
++						}
+ 						o[(uint32_t)dp->tdir_count]=0;
+ 						if (data!=0)
+ 							_TIFFfree(data);
+-- 
+2.27.0
+

libtiff.spec

@@ -1,6 +1,6 @@
 Name:           libtiff
 Version:        4.3.0
-Release:        5
+Release:        6
 Summary:        TIFF Library and Utilities
 License:        libtiff
 URL:            https://www.simplesystems.org/libtiff/
@@ -12,6 +12,7 @@ Patch6002:	backport-0001-CVE-2022-22844.patch
 Patch6003:	backport-0002-CVE-2022-22844.patch
 Patch6004:	backport-0003-CVE-2022-22844.patch
 Patch6005:	backport-CVE-2022-0891.patch
+Patch6006:      backport-CVE-2022-0908.patch
 
 BuildRequires:  gcc gcc-c++ zlib-devel libjpeg-devel jbigkit-devel
 BuildRequires:  libtool automake autoconf pkgconfig 
@@ -132,6 +133,12 @@ find html -name 'Makefile*' | xargs rm
 %exclude %{_datadir}/html/man/tiffgt.1.html
 
 %changelog
+* Tue Mar 22 2022 yangcheng <yangcheng87@h-partners.com> - 4.3.0-6
+- Type:cve
+- ID:CVE-2022-0908
+- SUG:NA
+- DESC:fix CVE-2022-0908
+
 * Thu Mar 17 2022 wangkerong <wangkerong@h-partners.com> - 4.3.0-5
 - Type:cve
 - ID:CVE-2022-0891