packages/libtiff
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2022-0865

Browse Source
This commit is contained in:
yangcheng1203 2022-03-29 15:56:57 +08:00
parent f9157671b4
commit 8d2bbd40eb
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
backport-CVE-2022-0865.patch Normal file
View File

@ -0,0 +1,34 @@
From a1c933dabd0e1c54a412f3f84ae0aa58115c6067 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Thu, 24 Feb 2022 22:26:02 +0100
Subject: [PATCH] tif_jbig.c: fix crash when reading a file with multiple IFD
in memory-mapped mode and when bit reversal is needed (fixes #385)
---
libtiff/tif_jbig.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/libtiff/tif_jbig.c b/libtiff/tif_jbig.c
index 7408633..8bfa4ce 100644
--- a/libtiff/tif_jbig.c
+++ b/libtiff/tif_jbig.c
@@ -209,6 +209,16 @@ int TIFFInitJBIG(TIFF* tif, int scheme)
*/
tif->tif_flags |= TIFF_NOBITREV;
tif->tif_flags &= ~TIFF_MAPPED;
+ /* We may have read from a previous IFD and thus set TIFF_BUFFERMMAP and
+ * cleared TIFF_MYBUFFER. It is necessary to restore them to their initial
+ * value to be consistent with the state of a non-memory mapped file.
+ */
+ if (tif->tif_flags&TIFF_BUFFERMMAP) {
+ tif->tif_rawdata = NULL;
+ tif->tif_rawdatasize = 0;
+ tif->tif_flags &= ~TIFF_BUFFERMMAP;
+ tif->tif_flags |= TIFF_MYBUFFER;
+ }
/* Setup the function pointers for encode, decode, and cleanup. */
tif->tif_setupdecode = JBIGSetupDecode;
--
2.35.1

6
libtiff.spec
View File

@ -1,6 +1,6 @@
Name: libtiff Name: libtiff
Version: 4.3.0 Version: 4.3.0
Release: 7 Release: 8
Summary: TIFF Library and Utilities Summary: TIFF Library and Utilities
License: libtiff License: libtiff
URL: https://www.simplesystems.org/libtiff/ URL: https://www.simplesystems.org/libtiff/
@ -14,6 +14,7 @@ Patch6004: backport-0003-CVE-2022-22844.patch
Patch6005: backport-CVE-2022-0891.patch Patch6005: backport-CVE-2022-0891.patch
Patch6006: backport-CVE-2022-0907.patch Patch6006: backport-CVE-2022-0907.patch
Patch6007: backport-CVE-2022-0908.patch Patch6007: backport-CVE-2022-0908.patch
Patch6008: backport-CVE-2022-0865.patch
BuildRequires: gcc gcc-c++ zlib-devel libjpeg-devel jbigkit-devel BuildRequires: gcc gcc-c++ zlib-devel libjpeg-devel jbigkit-devel
BuildRequires: libtool automake autoconf pkgconfig BuildRequires: libtool automake autoconf pkgconfig
@ -134,6 +135,9 @@ find html -name 'Makefile*' | xargs rm
%exclude %{_datadir}/html/man/tiffgt.1.html %exclude %{_datadir}/html/man/tiffgt.1.html
%changelog %changelog
* Tue Mar 29 2022 yangcheng <yangcheng87@h-partners.com> - 4.3.0-8
- fix CVE-2022-0865
* Mon Mar 28 2022 yangcheng <yangcheng87@h-partners.com> - 4.3.0-7 * Mon Mar 28 2022 yangcheng <yangcheng87@h-partners.com> - 4.3.0-7
- fix CVE-2022-0907 - fix CVE-2022-0907