openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
16accb6b246789ef1d36dd79b6f9da4d83cc4a76
tqma6-yocto-mirror/sources/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch

32 lines
1.0 KiB
Diff
Raw Normal View History

Complete Yocto mirror with license table for TQMa6UL (2038-compliance) - 264 license table entries with exact download URLs (224/264 resolved) - Complete sources/ directory with all BitBake recipes - Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl) - Full traceability for Softwarefreigabeantrag - GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4 - License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
2026-03-01 20:58:18 +00:00
From 1e7d217a323eac701b134afc4ae39b6bdfdbc96a Mon Sep 17 00:00:00 2001
From: Su_Laus <sulau@freenet.de>
Date: Wed, 17 Jan 2024 06:57:08 +0000
Subject: [PATCH] codec of input image is available, independently from codec
check of output image and return with error if not.
Fixes #606.
CVE: CVE-2023-6228
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a]
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
---
tools/tiffcp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
index aff0626..a4f7f6b 100644
--- a/tools/tiffcp.c
+++ b/tools/tiffcp.c
@@ -846,6 +846,8 @@ static int tiffcp(TIFF *in, TIFF *out)
if (!TIFFIsCODECConfigured(compression))
return FALSE;
TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
+ if (!TIFFIsCODECConfigured(input_compression))
+ return FALSE;
TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
if (input_compression == COMPRESSION_JPEG)
{
--
2.40.0
Reference in New Issue Copy Permalink