Commit ad5cc837 authored by Debarshi Ray's avatar Debarshi Ray
Browse files

flatpak: Libraw CVE-2017-13735

parent 0753e8fe
From 7249187f1c6530d4ba55d2e042815854d55d37d9 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Fri, 8 Sep 2017 14:56:32 +0200
Subject: [PATCH] Fix CVE-2017-13735
https://github.com/LibRaw/LibRaw/issues/96
---
dcraw/dcraw.c | 4 ++++
internal/dcraw_common.cpp | 4 ++++
2 files changed, 8 insertions(+)
diff --git a/dcraw/dcraw.c b/dcraw/dcraw.c
index 77f3e54c0784..3eb4b039dbce 100644
--- a/dcraw/dcraw.c
+++ b/dcraw/dcraw.c
@@ -3436,6 +3436,10 @@ void CLASS kodak_radc_load_raw()
checkCancel();
#endif
FORC3 mul[c] = getbits(6);
+#ifdef LIBRAW_LIBRARY_BUILD
+ if(!mul[0] || !mul[1] || !mul[2])
+ throw LIBRAW_EXCEPTION_IO_CORRUPT;
+#endif
FORC3
{
val = ((0x1000000 / last[c] + 0x7ff) >> 12) * mul[c];
diff --git a/internal/dcraw_common.cpp b/internal/dcraw_common.cpp
index 608641a123fd..83a1fbaa9976 100644
--- a/internal/dcraw_common.cpp
+++ b/internal/dcraw_common.cpp
@@ -3140,6 +3140,10 @@ void CLASS kodak_radc_load_raw()
checkCancel();
#endif
FORC3 mul[c] = getbits(6);
+#ifdef LIBRAW_LIBRARY_BUILD
+ if(!mul[0] || !mul[1] || !mul[2])
+ throw LIBRAW_EXCEPTION_IO_CORRUPT;
+#endif
FORC3
{
val = ((0x1000000 / last[c] + 0x7ff) >> 12) * mul[c];
--
2.9.5
......@@ -137,6 +137,10 @@
{
"type": "patch",
"path": "libraw-pkgconfig.patch"
},
{
"type": "patch",
"path": "libraw-CVE-2017-13735-radc_divbyzero.patch"
}
]
},
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment