Hi, It is patch for CVE-2010-2065, taken from upstream bugzilla. Please consider to apply it. -- Regards, Hideki Yamane henrich @ debian.or.jp/org http://wiki.debian.org/HidekiYamane
taken from http://bugzilla.maptools.org/show_bug.cgi?id=2207
Index: tiff-3.9.4/libtiff/tif_getimage.c
===================================================================
--- tiff-3.9.4.orig/libtiff/tif_getimage.c 2010-08-13 14:06:16.999247831 +0900
+++ tiff-3.9.4/libtiff/tif_getimage.c 2010-08-13 14:13:06.159248387 +0900
@@ -1846,6 +1846,7 @@
DECLAREContigPutFunc(putcontig8bitYCbCr22tile)
{
uint32* cp2;
+ int32 incr = 2*toskew+w;
(void) y;
fromskew = (fromskew / 2) * 6;
cp2 = cp+w+toskew;
@@ -1872,8 +1873,8 @@
cp2 ++ ;
pp += 6;
}
- cp += toskew*2+w;
- cp2 += toskew*2+w;
+ cp += incr;
+ cp2 += incr;
pp += fromskew;
h-=2;
}
@@ -1939,6 +1940,7 @@
DECLAREContigPutFunc(putcontig8bitYCbCr12tile)
{
uint32* cp2;
+ int32 incr = 2*toskew+w;
(void) y;
fromskew = (fromskew / 2) * 4;
cp2 = cp+w+toskew;
@@ -1953,8 +1955,8 @@
cp2 ++;
pp += 4;
} while (--x);
- cp += toskew*2+w;
- cp2 += toskew*2+w;
+ cp += incr;
+ cp2 += incr;
pp += fromskew;
h-=2;
}
Attachment:
pgprNvhJoqIqC.pgp
Description: PGP signature