import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2017-7594-p1.patch - openbmc/openbmc - Gitiles

 rom 8283e4d1b7e53340684d12932880cbcbaf23a8c1 Mon Sep 17 00:00:00 2001
 From: erouault <erouault>
 Date: Thu, 12 Jan 2017 17:43:25 +0000

 * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable
   when read fails.
   Patch by Nicolas Pena.
   Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659

 Upstream-Status: Backport

 CVE: CVE-2017-7594 #patch1
 Signed-off-by: Rajkumar Veer <rveer@mvista.com>
 Index: tiff-4.0.7/ChangeLog
 ===================================================================
 --- tiff-4.0.7.orig/ChangeLog	2017-04-24 16:13:15.000000000 +0530
 +++ tiff-4.0.7/ChangeLog	2017-04-24 16:50:26.465897646 +0530
 @@ -1,3 +1,10 @@
 +2017-01-12 Even Rouault <even.rouault at spatialys.com>
 +
 +	* libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable
 +	when read fails.
 +	Patch by Nicolás Peña.
 +	Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659
 +
  2017-01-11 Even Rouault <even.rouault at spatialys.com>

  	* libtiff/tif_getimage.c: add explicit uint32 cast in putagreytile to
 Index: tiff-4.0.7/libtiff/tif_ojpeg.c
 ===================================================================
 --- tiff-4.0.7.orig/libtiff/tif_ojpeg.c	2017-04-24 16:02:29.817973051 +0530
 +++ tiff-4.0.7/libtiff/tif_ojpeg.c	2017-04-24 16:52:27.349894477 +0530
 @@ -1918,7 +1918,10 @@
  				rb[sizeof(uint32)+5+n]=o[n];
  			p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
  			if (p!=q)
 +                        {
 +                                _TIFFfree(rb);
  				return(0);
 +                        }
  			sp->actable[m]=rb;
  			sp->sos_tda[m]=(sp->sos_tda[m]|m);
  		}
	rom 8283e4d1b7e53340684d12932880cbcbaf23a8c1 Mon Sep 17 00:00:00 2001
	From: erouault <erouault>
	Date: Thu, 12 Jan 2017 17:43:25 +0000

	* libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable
	when read fails.
	Patch by Nicolas Pena.
	Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659

	Upstream-Status: Backport

	CVE: CVE-2017-7594 #patch1
	Signed-off-by: Rajkumar Veer <rveer@mvista.com>
	Index: tiff-4.0.7/ChangeLog
	===================================================================
	--- tiff-4.0.7.orig/ChangeLog 2017-04-24 16:13:15.000000000 +0530
	+++ tiff-4.0.7/ChangeLog 2017-04-24 16:50:26.465897646 +0530
	@@ -1,3 +1,10 @@
	+2017-01-12 Even Rouault <even.rouault at spatialys.com>
	+
	+ * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable
	+ when read fails.
	+ Patch by Nicolás Peña.
	+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659
	+
	2017-01-11 Even Rouault <even.rouault at spatialys.com>

	* libtiff/tif_getimage.c: add explicit uint32 cast in putagreytile to
	Index: tiff-4.0.7/libtiff/tif_ojpeg.c
	===================================================================
	--- tiff-4.0.7.orig/libtiff/tif_ojpeg.c 2017-04-24 16:02:29.817973051 +0530
	+++ tiff-4.0.7/libtiff/tif_ojpeg.c 2017-04-24 16:52:27.349894477 +0530
	@@ -1918,7 +1918,10 @@
	rb[sizeof(uint32)+5+n]=o[n];
	p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
	if (p!=q)
	+ {
	+ _TIFFfree(rb);
	return(0);
	+ }
	sp->actable[m]=rb;
	sp->sos_tda[m]=(sp->sos_tda[m]\|m);
	}