diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2017-12-04 09:01:44 +0300 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2017-12-14 20:17:23 +0300 |
| commit | 37a0e4ddff58c0120cc5cfef104b60d0e180638c (patch) | |
| tree | 1628857a2eb33ab517ba93d6a3ca25e55bd3e628 /import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch | |
| parent | 3c4c45d1e9a2324191a8640b22df1b71f15f3037 (diff) | |
| download | openbmc-37a0e4ddff58c0120cc5cfef104b60d0e180638c.tar.xz | |
Squashed 'import-layers/yocto-poky/' changes from dc8508f6099..67491b0c104
Yocto 2.2.2 (Morty)
Change-Id: Id9a452e28940d9f166957de243d9cb1d8818704e
git-subtree-dir: import-layers/yocto-poky
git-subtree-split: 67491b0c104101bb9f366d697edd23c895be4302
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch')
| -rw-r--r-- | import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch | 107 |
1 files changed, 0 insertions, 107 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch b/import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch deleted file mode 100644 index 41eab91ab..000000000 --- a/import-layers/yocto-poky/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 2f79856097f423eb33796a15fcf700d2ea41bf31 Mon Sep 17 00:00:00 2001 -From: erouault <erouault> -Date: Mon, 11 Jul 2016 21:38:31 +0000 -Subject: [PATCH 2/2] (CVE-2016-5321 / CVE-2016-5323 , bugzilla #2558 / #2559) - -CVE: CVE-2016-5323 -Upstream-Status: Backport -https://github.com/vadz/libtiff/commit/2f79856097f423eb33796a15fcf700d2ea41bf31 - -Signed-off-by: Yi Zhao <yi.zhao@windirver.com> ---- - ChangeLog | 2 +- - tools/tiffcrop.c | 16 ++++++++-------- - 2 files changed, 9 insertions(+), 9 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index 4e0302f..62dc1b5 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -3,7 +3,7 @@ - * tools/tiffcrop.c: Avoid access outside of stack allocated array - on a tiled separate TIFF with more than 8 samples per pixel. - Reported by Kaixiang Zhang of the Cloud Security Team, Qihoo 360 -- (CVE-2016-5321, bugzilla #2558) -+ (CVE-2016-5321 / CVE-2016-5323 , bugzilla #2558 / #2559) - - 2016-07-10 Even Rouault <even.rouault at spatialys.com> - -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index 6fc8fc1..27abc0b 100644 ---- a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -3738,7 +3738,7 @@ combineSeparateSamples8bits (uint8 *in[], uint8 *out, uint32 cols, - - matchbits = maskbits << (8 - src_bit - bps); - /* load up next sample from each plane */ -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - buff1 = ((*src) & matchbits) << (src_bit); -@@ -3837,7 +3837,7 @@ combineSeparateSamples16bits (uint8 *in[], uint8 *out, uint32 cols, - src_bit = bit_offset % 8; - - matchbits = maskbits << (16 - src_bit - bps); -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - if (little_endian) -@@ -3947,7 +3947,7 @@ combineSeparateSamples24bits (uint8 *in[], uint8 *out, uint32 cols, - src_bit = bit_offset % 8; - - matchbits = maskbits << (32 - src_bit - bps); -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - if (little_endian) -@@ -4073,7 +4073,7 @@ combineSeparateSamples32bits (uint8 *in[], uint8 *out, uint32 cols, - src_bit = bit_offset % 8; - - matchbits = maskbits << (64 - src_bit - bps); -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - if (little_endian) -@@ -4263,7 +4263,7 @@ combineSeparateTileSamples8bits (uint8 *in[], uint8 *out, uint32 cols, - - matchbits = maskbits << (8 - src_bit - bps); - /* load up next sample from each plane */ -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - buff1 = ((*src) & matchbits) << (src_bit); -@@ -4362,7 +4362,7 @@ combineSeparateTileSamples16bits (uint8 *in[], uint8 *out, uint32 cols, - src_bit = bit_offset % 8; - - matchbits = maskbits << (16 - src_bit - bps); -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - if (little_endian) -@@ -4471,7 +4471,7 @@ combineSeparateTileSamples24bits (uint8 *in[], uint8 *out, uint32 cols, - src_bit = bit_offset % 8; - - matchbits = maskbits << (32 - src_bit - bps); -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - if (little_endian) -@@ -4597,7 +4597,7 @@ combineSeparateTileSamples32bits (uint8 *in[], uint8 *out, uint32 cols, - src_bit = bit_offset % 8; - - matchbits = maskbits << (64 - src_bit - bps); -- for (s = 0; s < spp; s++) -+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - src = in[s] + src_offset + src_byte; - if (little_endian) --- -2.7.4 - |