!124 fix CVE-2022-48281

From: @zhouwenpei Reviewed-by: @t_feng Signed-off-by: @t_feng
2023-01-30 01:42:20 +00:00 · 2023-01-30 01:42:20 +00:00 · f5c1d1f5a3
commit f5c1d1f5a3
parent 324bd6858d 90192a3d81
2 changed files with 33 additions and 2 deletions
--- a/backport-CVE-2022-48281.patch
+++ b/backport-CVE-2022-48281.patch
@ -0,0 +1,24 @@
+From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001
+From: Su Laus <sulau@freenet.de>
+Date: Sat, 21 Jan 2023 15:58:10 +0000
+Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
+
+---
+ tools/tiffcrop.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index 92f8d09..20b9c23 100644
+--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
+@@ -7638,7 +7638,7 @@ processCropSelections(struct image_data *image, struct crop_mask *crop,
+       crop_buff = (unsigned char *)limitMalloc(cropsize + NUM_BUFF_OVERSIZE_BYTES);
+     else
+       {
+-      prev_cropsize = seg_buffs[0].size;
+      prev_cropsize = seg_buffs[i].size;
+       if (prev_cropsize < cropsize)
+         {
+         next_buff = _TIFFrealloc(crop_buff, cropsize + NUM_BUFF_OVERSIZE_BYTES);
+-- 
+2.33.0
--- a/libtiff.spec
+++ b/libtiff.spec
@ -1,6 +1,6 @@
 Name:           libtiff
 Version:        4.3.0
-Release:        21
+Release:        22
 Summary:        TIFF Library and Utilities
 License:        libtiff
 URL:            https://www.simplesystems.org/libtiff/
@ -30,10 +30,11 @@ Patch6020:      backport-0001-CVE-2022-3570-CVE-2022-3598.patch
 Patch6021:      backport-0002-CVE-2022-3570-CVE-2022-3598.patch
 Patch6022:      backport-0003-CVE-2022-3570-CVE-2022-3598.patch
 Patch6023:      backport-CVE-2022-3599.patch
+Patch6024:      backport-CVE-2022-3970.patch
+Patch6025:      backport-CVE-2022-48281.patch

 Patch9000:	fix-raw2tiff-floating-point-exception.patch

-Patch6024:      backport-CVE-2022-3970.patch

 BuildRequires:  gcc gcc-c++ zlib-devel libjpeg-devel jbigkit-devel
 BuildRequires:  libtool automake autoconf pkgconfig 
@ -154,6 +155,12 @@ find html -name 'Makefile*' | xargs rm
 %exclude %{_datadir}/html/man/tiffgt.1.html

 %changelog
+* Sun Jan 29 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-22
+- Type:cve
+- ID:CVE-2022-48281
+- SUG:NA
+- DESC:fix CVE-2022-48281
+
 * Thu Nov 17 2022 qisen <qisen@huawei.com> - 4.3.0-21
 - Type:cve
 - ID:CVE-2022-3970