rpms/libtiff/FC-4 tiffsplit-overflow.patch, NONE, 1.1 libtiff.spec, 1.30, 1.31
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri May 26 03:23:18 UTC 2006
- Previous message (by thread): rpms/gcc/FC-5 gcc41-pr26885.patch, NONE, 1.1 gcc41-pr27758.patch, NONE, 1.1 gcc41-rh192700.patch, NONE, 1.1 gcc41-sw2438.patch, NONE, 1.1 .cvsignore, 1.141, 1.142 gcc41.spec, 1.46, 1.47 sources, 1.143, 1.144 gcc41-pr27620.patch, 1.1, NONE
- Next message (by thread): rpms/libtiff/FC-5 tiffsplit-overflow.patch, NONE, 1.1 libtiff.spec, 1.38, 1.39
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mclasen
Update of /cvs/dist/rpms/libtiff/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv10314
Modified Files:
libtiff.spec
Added Files:
tiffsplit-overflow.patch
Log Message:
fix an overflow
tiffsplit-overflow.patch:
tiffsplit.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
--- NEW FILE tiffsplit-overflow.patch ---
--- tiff-3.8.2/tools/tiffsplit.c.overflow 2006-05-25 22:37:11.000000000 -0400
+++ tiff-3.8.2/tools/tiffsplit.c 2006-05-25 22:42:42.000000000 -0400
@@ -60,14 +60,16 @@
fprintf(stderr, "usage: tiffsplit input.tif [prefix]\n");
return (-3);
}
- if (argc > 2)
- strcpy(fname, argv[2]);
+ if (argc > 2) {
+ strncpy(fname, argv[2], 1024);
+ fname[1024] = '\0';
+ }
in = TIFFOpen(argv[1], "r");
if (in != NULL) {
do {
char path[1024+1];
newfilename();
- strcpy(path, fname);
+ strncpy(path, fname, 1020);
strcat(path, ".tif");
out = TIFFOpen(path, TIFFIsBigEndian(in)?"wb":"wl");
if (out == NULL)
Index: libtiff.spec
===================================================================
RCS file: /cvs/dist/rpms/libtiff/FC-4/libtiff.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- libtiff.spec 26 Apr 2006 18:14:14 -0000 1.30
+++ libtiff.spec 26 May 2006 03:23:16 -0000 1.31
@@ -1,7 +1,7 @@
Summary: A library of functions for manipulating TIFF format image files.
Name: libtiff
Version: 3.7.1
-Release: 6.fc4.1
+Release: 6.fc4.2
License: distributable
Group: System Environment/Libraries
Source0: http://www.libtiff.org/tiff-%{version}.tar.gz
@@ -14,6 +14,7 @@
Patch4: libtiff-3.7.1-persample.patch
Patch5: tiff-3.7.1-multiple.patch
Patch6: tiff-3.6.1-color.patch
+Patch7: tiffsplit-overflow.patch
URL: http://www.libtiff.org/
BuildRoot: %{_tmppath}/%{name}-root
BuildRequires: zlib-devel zlib libjpeg-devel libjpeg
@@ -53,6 +54,7 @@
%patch4 -p1 -b .persample
%patch5 -p1 -b .multiple
%patch6 -p0 -b .color
+%patch7 -p1 -b .overflow
%build
@@ -91,6 +93,9 @@
%{_mandir}/man3/*
%changelog
+* Thu May 25 2006 Matthias Clasen <mclasen at redhat.com>
+- Fix an overflow in tiffsplit (#193167)
+
* Wed Apr 26 2006 Matthias Clasen <mclasen at redhat.com> - 3.7.1-6.fc4.1
- Fix multiple vulnerabilities (#189933, #189974, CVE-2006-2024)
- Previous message (by thread): rpms/gcc/FC-5 gcc41-pr26885.patch, NONE, 1.1 gcc41-pr27758.patch, NONE, 1.1 gcc41-rh192700.patch, NONE, 1.1 gcc41-sw2438.patch, NONE, 1.1 .cvsignore, 1.141, 1.142 gcc41.spec, 1.46, 1.47 sources, 1.143, 1.144 gcc41-pr27620.patch, 1.1, NONE
- Next message (by thread): rpms/libtiff/FC-5 tiffsplit-overflow.patch, NONE, 1.1 libtiff.spec, 1.38, 1.39
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list