31 lines
1.0 KiB
Diff
31 lines
1.0 KiB
Diff
From 32346d49db890969d7de19e8eebff00400280926 Mon Sep 17 00:00:00 2001
|
|
From: Even Rouault <even.rouault@spatialys.com>
|
|
Date: Sat, 9 Sep 2023 15:11:42 +0000
|
|
Subject: [PATCH] (CVE-2023-6228) Merge branch
|
|
'fix_606_tiffcp_check_also_input_compression_codec' into 'master'
|
|
|
|
tiffcp: Fixes #606. Check also codec of input image, not only from output image.
|
|
|
|
Closes #606
|
|
|
|
See merge request libtiff/libtiff!533
|
|
|
|
(cherry picked from commit 668d2c1a52fa48658bbf69615924b42b5a059f9e)
|
|
---
|
|
tools/tiffcp.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/tools/tiffcp.c b/tools/tiffcp.c
|
|
index fb98bd57..81ec6bbd 100644
|
|
--- a/tools/tiffcp.c
|
|
+++ b/tools/tiffcp.c
|
|
@@ -622,6 +622,8 @@ tiffcp(TIFF* in, TIFF* out)
|
|
else
|
|
CopyField(TIFFTAG_COMPRESSION, compression);
|
|
TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
|
|
+ if (!TIFFIsCODECConfigured(input_compression))
|
|
+ return FALSE;
|
|
TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
|
|
if (input_compression == COMPRESSION_JPEG) {
|
|
/* Force conversion to RGB */
|