[gnome-photos/gnome-3-26] flatpak: Libraw CVE-2017-13735

From: Debarshi Ray <debarshir src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-photos/gnome-3-26] flatpak: Libraw CVE-2017-13735
Date: Fri, 8 Sep 2017 14:27:35 +0000 (UTC)

commit a7c75297916c9fd31ba2eb083aa9d7235a970b6b
Author: Debarshi Ray <debarshir gnome org>
Date:   Fri Sep 8 14:35:44 2017 +0200

    flatpak: Libraw CVE-2017-13735

 flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch |   44 ++++++++++++++++++++
 flatpak/org.gnome.Photos.json                      |    4 ++
 2 files changed, 48 insertions(+), 0 deletions(-)
---
diff --git a/flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch 
b/flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch
new file mode 100644
index 0000000..43bc679
--- /dev/null
+++ b/flatpak/libraw-CVE-2017-13735-radc_divbyzero.patch
@@ -0,0 +1,44 @@
+From 7249187f1c6530d4ba55d2e042815854d55d37d9 Mon Sep 17 00:00:00 2001
+From: Alex Tutubalin <lexa lexa ru>
+Date: Fri, 8 Sep 2017 14:56:32 +0200
+Subject: [PATCH] Fix CVE-2017-13735
+
+https://github.com/LibRaw/LibRaw/issues/96
+---
+ dcraw/dcraw.c             | 4 ++++
+ internal/dcraw_common.cpp | 4 ++++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/dcraw/dcraw.c b/dcraw/dcraw.c
+index 77f3e54c0784..3eb4b039dbce 100644
+--- a/dcraw/dcraw.c
++++ b/dcraw/dcraw.c
+@@ -3436,6 +3436,10 @@ void CLASS kodak_radc_load_raw()
+     checkCancel();
+ #endif
+     FORC3 mul[c] = getbits(6);
++#ifdef LIBRAW_LIBRARY_BUILD
++    if(!mul[0] || !mul[1] || !mul[2])
++      throw LIBRAW_EXCEPTION_IO_CORRUPT;
++#endif
+     FORC3
+     {
+       val = ((0x1000000 / last[c] + 0x7ff) >> 12) * mul[c];
+diff --git a/internal/dcraw_common.cpp b/internal/dcraw_common.cpp
+index 608641a123fd..83a1fbaa9976 100644
+--- a/internal/dcraw_common.cpp
++++ b/internal/dcraw_common.cpp
+@@ -3140,6 +3140,10 @@ void CLASS kodak_radc_load_raw()
+     checkCancel();
+ #endif
+     FORC3 mul[c] = getbits(6);
++#ifdef LIBRAW_LIBRARY_BUILD
++    if(!mul[0] || !mul[1] || !mul[2])
++      throw LIBRAW_EXCEPTION_IO_CORRUPT;
++#endif
+     FORC3
+     {
+       val = ((0x1000000 / last[c] + 0x7ff) >> 12) * mul[c];
+-- 
+2.9.5
+
diff --git a/flatpak/org.gnome.Photos.json b/flatpak/org.gnome.Photos.json
index a102910..edea85a 100644
--- a/flatpak/org.gnome.Photos.json
+++ b/flatpak/org.gnome.Photos.json
@@ -137,6 +137,10 @@
                 {
                     "type": "patch",
                     "path": "libraw-pkgconfig.patch"
+                },
+                {
+                    "type": "patch",
+                    "path": "libraw-CVE-2017-13735-radc_divbyzero.patch"
                 }
             ]
         },

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]