helium-3rd-party/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky synced 2026-04-02 02:49:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
poky/meta/recipes-multimedia/libtiff/tiff/CVE-2025-61144.patch
Peter Marko 28f7821cc4 tiff: patch CVE-2025-61144 
Pick patch from merge request mentioned in NVD report.

(From OE-Core rev: de9ef3f41dc00ef53231d76560d8d5face7f9a3e)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-03-20 09:55:32 +00:00

28 lines
1.0 KiB
Diff
Raw Blame History

From 88cf9dbb48f6e172629795ecffae35d5052f68aa Mon Sep 17 00:00:00 2001
From: Lee Howard <faxguy@howardsilvan.com>
Date: Fri, 5 Sep 2025 21:46:03 +0000
Subject: [PATCH] tiffcrop: avoid buffer overflow
Fixes #740
CVE: CVE-2025-61144
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
tools/tiffcrop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index ae414efc..afa1cce5 100644
--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
@@ -3913,7 +3913,7 @@ combineSeparateSamplesBytes (unsigned char *srcbuffs[], unsigned char *out,
{
if ((dumpfile != NULL) && (level == 2))
{
- for (s = 0; s < spp; s++)
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
{
dump_info (dumpfile, format, "combineSeparateSamplesBytes","Input data, Sample %"PRIu16, s);
dump_buffer(dumpfile, format, 1, cols, row, srcbuffs[s] + (row * src_rowsize));
Reference in New Issue View Git Blame Copy Permalink