From edd0d92579eff1b622d8fa8009e964bf51491eb9 Mon Sep 17 00:00:00 2001
From: Josef Ridky <jridky@redhat.com>
Date: Wed, 11 Jul 2018 10:53:36 +0200
Subject: [PATCH] Fix CVE-2017-13735

---
 dcraw-CVE-2017-13735.patch | 14 ++++++++++++++
 dcraw.spec                 |  6 +++++-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 dcraw-CVE-2017-13735.patch

diff --git a/dcraw-CVE-2017-13735.patch b/dcraw-CVE-2017-13735.patch
new file mode 100644
index 0000000..d867c8d
--- /dev/null
+++ b/dcraw-CVE-2017-13735.patch
@@ -0,0 +1,14 @@
+diff -urNp old/dcraw.c new/dcraw.c
+--- old/dcraw.c	2018-07-11 10:33:06.280425391 +0200
++++ new/dcraw.c	2018-07-11 10:45:52.722922118 +0200
+@@ -2250,6 +2250,10 @@ void CLASS kodak_radc_load_raw()
+     ((short *)buf)[i] = 2048;
+   for (row=0; row < height; row+=4) {
+     FORC3 mul[c] = getbits(6);
++#ifdef LIBRAW_LIBRARY_BUILD
++    if(!mul[0] || !mul[1] || !mul[2])
++      throw LIBRAW_EXCEPTION_IO_CORRUPT;
++#endif
+     FORC3 {
+       val = ((0x1000000/last[c] + 0x7ff) >> 12) * mul[c];
+       s = val > 65564 ? 10:12;
diff --git a/dcraw.spec b/dcraw.spec
index 36566b0..8a771bc 100644
--- a/dcraw.spec
+++ b/dcraw.spec
@@ -1,12 +1,13 @@
 Summary: Tool for decoding raw image data from digital cameras
 Name: dcraw
 Version: 9.28.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+
 URL: http://cybercom.net/~dcoffin/dcraw
 Source0: http://cybercom.net/~dcoffin/dcraw/archive/dcraw-%{version}.tar.gz
 Patch0: dcraw-9.21-lcms2-error-reporting.patch
 Patch1: dcraw-CVE-2018-5801.patch
+Patch2: dcraw-CVE-2017-13735.patch
 BuildRequires: gcc
 BuildRequires: gettext
 BuildRequires: libjpeg-devel
@@ -65,6 +66,9 @@ done
 %{_mandir}/man1/*
 
 %changelog
+* Wed Jul 11 2018 Josef Ridky <jridky@redhat.com> - 9.28.0-2
+- Fix CVE-2017-13735 (#1488932)
+
 * Thu Jun 14 2018 Josef Ridky <jridky@redhat.com> - 9.28.0-1
 - New upstream release 9.28.0 (#1585348)
 - Fix CVE-2018-5801 (#1557160)