diff options
Diffstat (limited to 'dcraw-CVE-2017-13735.patch')
| -rw-r--r-- | dcraw-CVE-2017-13735.patch | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/dcraw-CVE-2017-13735.patch b/dcraw-CVE-2017-13735.patch new file mode 100644 index 0000000..d867c8d --- /dev/null +++ b/dcraw-CVE-2017-13735.patch @@ -0,0 +1,14 @@ +diff -urNp old/dcraw.c new/dcraw.c +--- old/dcraw.c 2018-07-11 10:33:06.280425391 +0200 ++++ new/dcraw.c 2018-07-11 10:45:52.722922118 +0200 +@@ -2250,6 +2250,10 @@ void CLASS kodak_radc_load_raw() + ((short *)buf)[i] = 2048; + for (row=0; row < height; row+=4) { + FORC3 mul[c] = getbits(6); ++#ifdef LIBRAW_LIBRARY_BUILD ++ if(!mul[0] || !mul[1] || !mul[2]) ++ throw LIBRAW_EXCEPTION_IO_CORRUPT; ++#endif + FORC3 { + val = ((0x1000000/last[c] + 0x7ff) >> 12) * mul[c]; + s = val > 65564 ? 10:12; |