python-pillow/SOURCES/CVE-2021-25290.patch

From c558baf01a97aed376a67ff4641f1c3c864ae3f0 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Thu, 8 Apr 2021 17:55:26 +0200
Subject: [PATCH 1/4] CVE-2021-25290

---
 src/libImaging/TiffDecode.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/libImaging/TiffDecode.c b/src/libImaging/TiffDecode.c
index f292da3..d17b557 100644
--- a/src/libImaging/TiffDecode.c
+++ b/src/libImaging/TiffDecode.c
@@ -36,6 +36,11 @@ tsize_t _tiffReadProc(thandle_t hdata, tdata_t buf, tsize_t size) {
 	TRACE(("_tiffReadProc: %d \n", (int)size));
 	dump_state(state);
 
+    if (state->loc > state->eof) {
+        TIFFError("_tiffReadProc", "Invalid Read at loc %d, eof: %d", state->loc, state->eof);
+        return 0;
+    }
+
 	to_read = min(size, min(state->size, (tsize_t)state->eof) - (tsize_t)state->loc);
 	TRACE(("to_read: %d\n", (int)to_read));
 
-- 
2.30.2
import python-pillow-5.1.1-16.el8 2021-11-09 09:45:46 +00:00			`From c558baf01a97aed376a67ff4641f1c3c864ae3f0 Mon Sep 17 00:00:00 2001`
			`From: Lumir Balhar <lbalhar@redhat.com>`
			`Date: Thu, 8 Apr 2021 17:55:26 +0200`
			`Subject: [PATCH 1/4] CVE-2021-25290`

			`---`
			`src/libImaging/TiffDecode.c \| 5 +++++`
			`1 file changed, 5 insertions(+)`

			`diff --git a/src/libImaging/TiffDecode.c b/src/libImaging/TiffDecode.c`
			`index f292da3..d17b557 100644`
			`--- a/src/libImaging/TiffDecode.c`
			`+++ b/src/libImaging/TiffDecode.c`
			`@@ -36,6 +36,11 @@ tsize_t _tiffReadProc(thandle_t hdata, tdata_t buf, tsize_t size) {`
			`TRACE(("_tiffReadProc: %d \n", (int)size));`
			`dump_state(state);`

			`+ if (state->loc > state->eof) {`
			`+ TIFFError("_tiffReadProc", "Invalid Read at loc %d, eof: %d", state->loc, state->eof);`
			`+ return 0;`
			`+ }`
			`+`
			`to_read = min(size, min(state->size, (tsize_t)state->eof) - (tsize_t)state->loc);`
			`TRACE(("to_read: %d\n", (int)to_read));`

			`--`
			`2.30.2`