summaryrefslogtreecommitdiffstats
path: root/graphics/ufraw/patches/CVE-2015-8366.patch
diff options
context:
space:
mode:
Diffstat (limited to 'graphics/ufraw/patches/CVE-2015-8366.patch')
-rw-r--r--graphics/ufraw/patches/CVE-2015-8366.patch17
1 files changed, 17 insertions, 0 deletions
diff --git a/graphics/ufraw/patches/CVE-2015-8366.patch b/graphics/ufraw/patches/CVE-2015-8366.patch
new file mode 100644
index 0000000000..9d59ca413f
--- /dev/null
+++ b/graphics/ufraw/patches/CVE-2015-8366.patch
@@ -0,0 +1,17 @@
+Fix a buffer overflow bug. See
+https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
+
+--- a/dcraw.cc
++++ b/dcraw.cc
+@@ -3013,7 +3013,10 @@
+ diff = diff ? -diff : 0x80;
+ if (ftell(ifp) + 12 >= (int) seg[1][1])
+ diff = 0;
+- raw_image[pix] = pred[pix & 1] += diff;
++ if(pix>=raw_width*raw_height)
++ derror();
++ else
++ raw_image[pix] = pred[pix & 1] += diff;
+ if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2;
+ }
+ maximum = 0xff;