rpms/libtiff
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5081d87575
libtiff/SOURCES/0017-CVE-2023-26966-tif_luv-Check-and-correct-for-NaN-dat.patch
eabdullin bf4177b4c7 import CS libtiff-4.4.0-10.el9
2023-09-21 19:20:00 +00:00

36 lines
973 B
Diff
Raw Blame History

From 7d0a920d34e9960b2dd2e3583172826b3a4db570 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila@redhat.com>
Date: Tue, 8 Aug 2023 15:32:42 +0200
Subject: [PATCH] (CVE-2023-26966) tif_luv: Check and correct for NaN data in
uv_encode().
Closes #530
See merge request libtiff/libtiff!473
(cherry picked from commit d1f658afa5ab5ed21a9e32e0f790f41b01506cd9)
---
libtiff/tif_luv.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c
index 72ab3668..93c76115 100644
--- a/libtiff/tif_luv.c
+++ b/libtiff/tif_luv.c
@@ -908,7 +908,14 @@ uv_encode(double u, double v, int em) /* encode (u',v') coordinates */
{
register int vi, ui;
- if (v < UV_VSTART)
+ /* check for NaN */
+ if (u != u || v != v)
+ {
+ u = U_NEU;
+ v = V_NEU;
+ }
+
+ if (v < UV_VSTART)
return oog_encode(u, v);
vi = tiff_itrunc((v - UV_VSTART)*(1./UV_SQSIZ), em);
if (vi >= UV_NVS)
Reference in New Issue View Git Blame Copy Permalink