[Pkg-php-commits] [php/debian-lenny] CVE-2009-2687: DoS via malformed JPEG images with invalid offset fields
Raphael Geissert
geissert at debian.org
Sat Nov 28 23:52:51 UTC 2009
---
debian/patches/CVE-2009-2687.patch | 15 +++++++++++++++
debian/patches/series | 1 +
2 files changed, 16 insertions(+), 0 deletions(-)
create mode 100644 debian/patches/CVE-2009-2687.patch
diff --git a/debian/patches/CVE-2009-2687.patch b/debian/patches/CVE-2009-2687.patch
new file mode 100644
index 0000000..2c537d7
--- /dev/null
+++ b/debian/patches/CVE-2009-2687.patch
@@ -0,0 +1,15 @@
+Index: php/ext/exif/exif.c
+===================================================================
+--- php.orig/ext/exif/exif.c
++++ php/ext/exif/exif.c
+@@ -3219,6 +3219,10 @@ static void exif_process_TIFF_in_JPEG(im
+ exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Invalid TIFF start (1)");
+ return;
+ }
++ if (offset_of_ifd > length) {
++ exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Invalid IFD start");
++ return;
++ }
+
+ ImageInfo->sections_found |= FOUND_IFD0;
+ /* First directory starts at offset 8. Offsets starts at 0. */
diff --git a/debian/patches/series b/debian/patches/series
index da2243b..d1924b0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -55,3 +55,4 @@ CVE-2008-5658.patch
CVE-2008-5814.patch
CVE-2009-0754.patch
CVE-2009-1271.patch
+CVE-2009-2687.patch
--
1.6.3.3
More information about the Pkg-php-commits
mailing list