| From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001 |
| From: Su Laus <sulau@freenet.de> |
| Date: Sat, 21 Jan 2023 15:58:10 +0000 |
| Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488. |
| |
| |
| Upstream-Status: Backport [import from debian http://security.debian.org/debian-security/pool/updates/main/t/tiff/tiff_4.2.0-1+deb11u4.debian.tar.xz] |
| CVE: CVE-2022-48281 |
| Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> |
| --- |
| tools/tiffcrop.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| Index: tiff-4.2.0/tools/tiffcrop.c |
| =================================================================== |
| --- tiff-4.2.0.orig/tools/tiffcrop.c |
| +++ tiff-4.2.0/tools/tiffcrop.c |
| @@ -7516,7 +7516,7 @@ processCropSelections(struct image_data |
| crop_buff = (unsigned char *)limitMalloc(cropsize + NUM_BUFF_OVERSIZE_BYTES); |
| else |
| { |
| - prev_cropsize = seg_buffs[0].size; |
| + prev_cropsize = seg_buffs[1].size; |
| if (prev_cropsize < cropsize) |
| { |
| next_buff = _TIFFrealloc(crop_buff, cropsize + NUM_BUFF_OVERSIZE_BYTES); |