version up : OpenLDAP 2.4.40.
[slapos.git] / component / libtiff / CVE-2012-4564.patch
1 Index: tiff-4.0.3/tools/ppm2tiff.c
2 ===================================================================
3 --- tiff-4.0.3.orig/tools/ppm2tiff.c    2013-06-23 10:36:50.779629492 -0400
4 +++ tiff-4.0.3/tools/ppm2tiff.c 2013-06-23 10:36:50.775629494 -0400
5 @@ -89,6 +89,7 @@
6         int c;
7         extern int optind;
8         extern char* optarg;
9 +       tmsize_t scanline_size;
10  
11         if (argc < 2) {
12             fprintf(stderr, "%s: Too few arguments\n", argv[0]);
13 @@ -237,8 +238,16 @@
14         }
15         if (TIFFScanlineSize(out) > linebytes)
16                 buf = (unsigned char *)_TIFFmalloc(linebytes);
17 -       else
18 -               buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
19 +       else {
20 +               scanline_size = TIFFScanlineSize(out);
21 +               if (scanline_size != 0)
22 +                       buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
23 +               else {
24 +                       fprintf(stderr, "%s: scanline size overflow\n",infile);
25 +                       (void) TIFFClose(out);
26 +                       exit(-2);
27 +                       }
28 +               }
29         if (resolution > 0) {
30                 TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
31                 TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);