pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/tiff tiff: fix for CVE-2018-8905



details:   https://anonhg.NetBSD.org/pkgsrc/rev/20f71f29772d
branches:  trunk
changeset: 309678:20f71f29772d
user:      tez <tez%pkgsrc.org@localhost>
date:      Thu Jun 21 23:11:04 2018 +0000

description:
tiff: fix for CVE-2018-8905

from https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d

diffstat:

 graphics/tiff/Makefile                    |   4 +-
 graphics/tiff/distinfo                    |   3 +-
 graphics/tiff/patches/patch-CVE-2018-8905 |  40 +++++++++++++++++++++++++++++++
 3 files changed, 44 insertions(+), 3 deletions(-)

diffs (72 lines):

diff -r 7cda5a82dfd4 -r 20f71f29772d graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Thu Jun 21 23:10:50 2018 +0000
+++ b/graphics/tiff/Makefile    Thu Jun 21 23:11:04 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.140 2018/01/16 23:52:06 tez Exp $
+# $NetBSD: Makefile,v 1.141 2018/06/21 23:11:04 tez Exp $
 
 DISTNAME=      tiff-4.0.9
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://download.osgeo.org/libtiff/
 
diff -r 7cda5a82dfd4 -r 20f71f29772d graphics/tiff/distinfo
--- a/graphics/tiff/distinfo    Thu Jun 21 23:10:50 2018 +0000
+++ b/graphics/tiff/distinfo    Thu Jun 21 23:11:04 2018 +0000
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.89 2018/01/16 23:52:06 tez Exp $
+$NetBSD: distinfo,v 1.90 2018/06/21 23:11:04 tez Exp $
 
 SHA1 (tiff-4.0.9.tar.gz) = 87d4543579176cc568668617c22baceccd568296
 RMD160 (tiff-4.0.9.tar.gz) = ab5b3b7297e79344775b1e70c4d54c90c06836a3
 SHA512 (tiff-4.0.9.tar.gz) = 04f3d5eefccf9c1a0393659fe27f3dddd31108c401ba0dc587bca152a1c1f6bc844ba41622ff5572da8cc278593eff8c402b44e7af0a0090e91d326c2d79f6cd
 Size (tiff-4.0.9.tar.gz) = 2305681 bytes
 SHA1 (patch-CVE-2017-9935) = d33f3311e5bb96bf415f894237ab4dfcfafd2610
+SHA1 (patch-CVE-2018-8905) = 3a7081957ff2f4d6e777df5a9609ba89eecd8fbc
 SHA1 (patch-configure) = a0032133f06b6ac92bbf52349fabe83f74ea14a6
 SHA1 (patch-tools_pal2rgb.c) = f91652e8013940c162add870ceb9845e2730bc2c
diff -r 7cda5a82dfd4 -r 20f71f29772d graphics/tiff/patches/patch-CVE-2018-8905
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/tiff/patches/patch-CVE-2018-8905 Thu Jun 21 23:11:04 2018 +0000
@@ -0,0 +1,40 @@
+$NetBSD: patch-CVE-2018-8905,v 1.1 2018/06/21 23:11:04 tez Exp $
+
+fix CVE-2018-8905 from https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d
+
+
+--- libtiff/tif_lzw.c.orig     2017-07-11 13:27:35.000000000 +0000
++++ libtiff/tif_lzw.c
+@@ -604,6 +604,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t
+       char *tp;
+       unsigned char *bp;
+       int code, nbits;
++      int len;
+       long nextbits, nextdata, nbitsmask;
+       code_t *codep, *free_entp, *maxcodep, *oldcodep;
+ 
+@@ -755,13 +756,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t
+                               }  while (--occ);
+                               break;
+                       }
+-                      assert(occ >= codep->length);
+-                      op += codep->length;
+-                      occ -= codep->length;
+-                      tp = op;
++                      len = codep->length;
++                      tp = op + len;
+                       do {
+-                              *--tp = codep->value;
+-                      } while( (codep = codep->next) != NULL );
++                              int t;
++                              --tp;
++                              t = codep->value;
++                              codep = codep->next;
++                              *tp = (char)t;
++                      } while (codep && tp > op);
++                      assert(occ >= len);
++                      op += len;
++                      occ -= len;
+               } else {
+                       *op++ = (char)code;
+                       occ--;



Home | Main Index | Thread Index | Old Index