31 lines
1.0 KiB
Diff
31 lines
1.0 KiB
Diff
From fb2bd72a49496d10c4860102b7c26b9bc8adff70 Mon Sep 17 00:00:00 2001
|
|
From: 4ugustus <wangdw.augustus@qq.com>
|
|
Date: Tue, 8 Mar 2022 16:22:04 +0000
|
|
Subject: [PATCH] (CVE-2022-0909) fix the FPE in tiffcrop (#393)
|
|
|
|
(cherry picked from commit 32ea0722ee68f503b7a3f9b2d557acb293fc8cde)
|
|
---
|
|
libtiff/tif_dir.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
|
|
index c36a5f3f..f126f2aa 100644
|
|
--- a/libtiff/tif_dir.c
|
|
+++ b/libtiff/tif_dir.c
|
|
@@ -320,13 +320,13 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
|
|
break;
|
|
case TIFFTAG_XRESOLUTION:
|
|
dblval = va_arg(ap, double);
|
|
- if( dblval < 0 )
|
|
+ if( dblval != dblval || dblval < 0 )
|
|
goto badvaluedouble;
|
|
td->td_xresolution = TIFFClampDoubleToFloat( dblval );
|
|
break;
|
|
case TIFFTAG_YRESOLUTION:
|
|
dblval = va_arg(ap, double);
|
|
- if( dblval < 0 )
|
|
+ if( dblval != dblval || dblval < 0 )
|
|
goto badvaluedouble;
|
|
td->td_yresolution = TIFFClampDoubleToFloat( dblval );
|
|
break;
|