[Pkg-ocaml-maint-commits] [SCM] camlimages packaging branch, master, updated. debian/3.0.1-4-1-gfaae40b

Mehdi Dogguy mehdi at debian.org
Sun Nov 1 13:17:34 UTC 2009 

The following commit has been merged in the master branch:
commit faae40bae51896796176d68273912e773f250bbf
Author: Mehdi Dogguy <mehdi at debian.org>
Date:   Sun Nov 1 13:55:08 2009 +0100

    Add a patch to fix integer overflows in tiffread.c Fixes: CVE-2009-3296

diff --git a/debian/changelog b/debian/changelog
index b515f5e..8a20e0f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+camlimages (1:3.0.1-5) unstable; urgency=low
+
+  * Add a patch to fix integer overflows in tiffread.c
+    Fixes: CVE-2009-3296
+
+ -- Mehdi Dogguy <mehdi at debian.org>  Sun, 01 Nov 2009 14:04:33 +0100
+
 camlimages (1:3.0.1-4) unstable; urgency=low
 
   * Update e-mail address
diff --git a/debian/patches/00list b/debian/patches/00list
index ff2eb4c..90e697a 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -1,3 +1,4 @@
 fix_3_0_1_release
 fix_integer_overflows
 fix_more_integer_overflows
+tiffread
diff --git a/debian/patches/tiffread.dpatch b/debian/patches/tiffread.dpatch
new file mode 100755
index 0000000..78b2bca
--- /dev/null
+++ b/debian/patches/tiffread.dpatch
@@ -0,0 +1,30 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## tiffread.dpatch by Mehdi Dogguy <mehdi at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix integer overflows in tiffread.c (CVE-2009-3296)
+
+ at DPATCH@
+diff -urNad camlimages~/src/tiffread.c camlimages/src/tiffread.c
+--- camlimages~/src/tiffread.c	2009-10-31 21:47:57.000000000 +0100
++++ camlimages/src/tiffread.c	2009-11-01 13:51:58.000000000 +0100
+@@ -21,6 +21,8 @@
+ #include <caml/memory.h>
+ #include <caml/fail.h>
+ 
++#include "oversized.h"
++
+ /* These are defined in caml/config.h */
+ #define int16 int16tiff
+ #define uint16 uint16tiff
+@@ -64,6 +66,10 @@
+     TIFFGetField(tif, TIFFTAG_YRESOLUTION, &yres);
+     TIFFGetField(tif, TIFFTAG_PHOTOMETRIC, &photometric);
+ 
++    if (oversized (imagewidth, imagelength)) {
++      failwith_oversized("tiff");
++    }
++
+     if( imagesample == 3 && photometric == PHOTOMETRIC_RGB ){
+       if( imagebits != 8 ){
+ 	failwith("Sorry, tiff rgb file must be 24bit-color");

-- 
camlimages packaging

More information about the Pkg-ocaml-maint-commits mailing list