[gnome-photos/gnome-3-24] flatpak: Libraw CVE-2017-13735

From: Debarshi Ray <debarshir src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-photos/gnome-3-24] flatpak: Libraw CVE-2017-13735
Date: Fri, 8 Sep 2017 12:36:28 +0000 (UTC)

commit d1b594a1024fe1e21ccf19ddcc36fb040f488dd6
Author: Debarshi Ray <debarshir gnome org>
Date:   Fri Sep 8 14:35:44 2017 +0200

    flatpak: Libraw CVE-2017-13735
    
    Original patch from Gwyn Ciesla for Fedora.

 flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch |   26 ++++++++++++++++++++
 flatpak/org.gnome.Photos.json                      |    4 +++
 2 files changed, 30 insertions(+), 0 deletions(-)
---
diff --git a/flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch 
b/flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch
new file mode 100644
index 0000000..1ee615c
--- /dev/null
+++ b/flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch
@@ -0,0 +1,26 @@
+--- a/internal/dcraw_common.cpp~       2017-03-04 12:35:59.000000000 -0600
++++ b/internal/dcraw_common.cpp        2017-09-06 10:47:04.613293577 -0500
+@@ -2716,6 +2716,10 @@
+     checkCancel();
+ #endif
+     FORC3 mul[c] = getbits(6);
++#ifdef LIBRAW_LIBRARY_BUILD
++    if(!mul[0] || !mul[1] || !mul[2])
++      throw LIBRAW_EXCEPTION_IO_CORRUPT;
++#endif
+     FORC3 {
+       val = ((0x1000000/last[c] + 0x7ff) >> 12) * mul[c];
+       s = val > 65564 ? 10:12;
+--- a/dcraw/dcraw.c~   2017-09-06 10:48:15.000000000 -0500
++++ b/dcraw/dcraw.c    2017-09-06 10:49:23.103787467 -0500
+@@ -2228,6 +2228,10 @@
+     ((short *)buf)[i] = 2048;
+   for (row=0; row < height; row+=4) {
+     FORC3 mul[c] = getbits(6);
++#ifdef LIBRAW_LIBRARY_BUILD
++    if(!mul[0] || !mul[1] || !mul[2])
++      throw LIBRAW_EXCEPTION_IO_CORRUPT;
++#endif
+     FORC3 {
+       val = ((0x1000000/last[c] + 0x7ff) >> 12) * mul[c];
+       s = val > 65564 ? 10:12;
diff --git a/flatpak/org.gnome.Photos.json b/flatpak/org.gnome.Photos.json
index 5f3d2f1..0bc31c4 100644
--- a/flatpak/org.gnome.Photos.json
+++ b/flatpak/org.gnome.Photos.json
@@ -136,6 +136,10 @@
                 {
                     "type": "patch",
                     "path": "libraw-pkgconfig.patch"
+                },
+                {
+                    "type": "patch",
+                    "path": "libraw-CVE-2017-13735-radc_divbyzero.patch"
                 }
             ]
         },

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]