diff options
Diffstat (limited to 'media-libs/tiff/files/tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch')
-rw-r--r-- | media-libs/tiff/files/tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch deleted file mode 100644 index a45ee342f779..000000000000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch +++ /dev/null @@ -1,33 +0,0 @@ -https://codereview.chromium.org/2284063002 -https://crbug.com/618267 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: tracy_jiang <tracy_jiang@foxitsoftware.com> -Date: Mon Aug 29 13:42:56 2016 -0700 - -Fix for #618267. Adding a method to determine if multiplication has -overflow. - ---- a/libtiff/tif_aux.c -+++ b/libtiff/tif_aux.c -@@ -69,7 +69,7 @@ _TIFFCheckRealloc(TIFF* tif, void* buffer, - /* - * XXX: Check for integer overflow. - */ -- if (nmemb && elem_size && bytes / elem_size == nmemb) -+ if (nmemb && elem_size && !_TIFFIfMultiplicationOverflow(nmemb, elem_size)) - cp = _TIFFrealloc(buffer, bytes); - - if (cp == NULL) { ---- a/libtiff/tiffiop.h -+++ b/libtiff/tiffiop.h -@@ -315,6 +315,9 @@ typedef size_t TIFFIOSize_t; - #define _TIFF_off_t off_t - #endif - -+#include <limits.h> -+#define _TIFFIfMultiplicationOverflow(op1, op2) ((op1) > SSIZE_MAX / (op2)) -+ - #if defined(__cplusplus) - extern "C" { - #endif |