1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
From: "Matteo F. Vescovi" <mfv@debian.org>
Date: Tue, 26 May 2015 14:04:20 +0200
Subject: Fix_CVE-2015-3885
"Input sanitization flaw leading to buffer overflow"
Signed-off-by: Matteo F. Vescovi <mfv@debian.org>
---
dcraw/dcraw.c | 3 ++-
internal/dcraw_common.cpp | 15 ++++++++++++++-
internal/dcraw_fileio.cpp | 4 ++++
3 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/dcraw/dcraw.c b/dcraw/dcraw.c
index 9e621ed..4f72aee 100644
--- a/dcraw/dcraw.c
+++ b/dcraw/dcraw.c
@@ -768,7 +768,8 @@ struct jhead {
int CLASS ljpeg_start (struct jhead *jh, int info_only)
{
- int c, tag, len;
+ int c, tag;
+ ushort len;
uchar data[0x10000];
const uchar *dp;
diff --git a/internal/dcraw_common.cpp b/internal/dcraw_common.cpp
index d01185d..ac55074 100644
--- a/internal/dcraw_common.cpp
+++ b/internal/dcraw_common.cpp
@@ -21,6 +21,7 @@ it under the terms of the one of three licenses as you choose:
for more information
*/
+#line 261 "dcraw/dcraw.c"
#include <math.h>
#define CLASS LibRaw::
#include "libraw/libraw_types.h"
@@ -29,6 +30,7 @@ it under the terms of the one of three licenses as you choose:
#include "libraw/libraw.h"
#include "internal/defines.h"
#include "internal/var_defines.h"
+#line 272 "dcraw/dcraw.c"
int CLASS fcol (int row, int col)
{
static const char filter[16][16] =
@@ -75,6 +77,7 @@ char *my_strcasestr (char *haystack, const char *needle)
}
#define strcasestr my_strcasestr
#endif
+#line 340 "dcraw/dcraw.c"
ushort CLASS sget2 (uchar *s)
{
if (order == 0x4949) /* "II" means little-endian */
@@ -564,10 +567,12 @@ void CLASS canon_load_raw()
#endif
FORC(2) free (huff[c]);
}
+#line 841 "dcraw/dcraw.c"
int CLASS ljpeg_start (struct jhead *jh, int info_only)
{
- int c, tag, len;
+ int c, tag;
+ ushort len;
uchar data[0x10000];
const uchar *dp;
@@ -1153,6 +1158,7 @@ int CLASS minolta_z2()
if (tail[i]) nz++;
return nz > 20;
}
+#line 1436 "dcraw/dcraw.c"
void CLASS ppm_thumb()
{
char *thumb;
@@ -2976,6 +2982,7 @@ void CLASS redcine_load_raw()
#endif
#endif
}
+#line 3983 "dcraw/dcraw.c"
void CLASS crop_masked_pixels()
{
int row, col;
@@ -3081,6 +3088,7 @@ void CLASS remove_zeroes()
RUN_CALLBACK(LIBRAW_PROGRESS_REMOVE_ZEROES,1,2);
#endif
}
+#line 4254 "dcraw/dcraw.c"
void CLASS gamma_curve (double pwr, double ts, int mode, int imax)
{
int i;
@@ -4790,6 +4798,7 @@ void CLASS parse_thumb_note (int base, unsigned toff, unsigned tlen)
fseek (ifp, save, SEEK_SET);
}
}
+#line 5968 "dcraw/dcraw.c"
void CLASS parse_makernote (int base, int uptag)
{
static const uchar xlat[2][256] = {
@@ -5349,6 +5358,7 @@ void CLASS parse_kodak_ifd (int base)
fseek (ifp, save, SEEK_SET);
}
}
+#line 6533 "dcraw/dcraw.c"
int CLASS parse_tiff_ifd (int base)
{
unsigned entries, tag, type, len, plen=16, save;
@@ -6644,6 +6654,7 @@ void CLASS parse_redcine()
data_offset = get4();
}
}
+#line 7936 "dcraw/dcraw.c"
/*
All matrices are from Adobe DNG Converter unless otherwise noted.
@@ -8919,6 +8930,7 @@ notraw:
}
+#line 10303 "dcraw/dcraw.c"
void CLASS convert_to_rgb()
{
#ifndef LIBRAW_LIBRARY_BUILD
@@ -9149,6 +9161,7 @@ int CLASS flip_index (int row, int col)
if (flip & 1) col = iwidth - 1 - col;
return row * iwidth + col;
}
+#line 10559 "dcraw/dcraw.c"
void CLASS tiff_set (ushort *ntag,
ushort tag, ushort type, int count, int val)
{
diff --git a/internal/dcraw_fileio.cpp b/internal/dcraw_fileio.cpp
index 874cd1b..06933de 100644
--- a/internal/dcraw_fileio.cpp
+++ b/internal/dcraw_fileio.cpp
@@ -21,6 +21,7 @@ it under the terms of the one of three licenses as you choose:
for more information
*/
+#line 4091 "dcraw/dcraw.c"
#include <math.h>
#define CLASS LibRaw::
#include "libraw/libraw_types.h"
@@ -28,6 +29,7 @@ it under the terms of the one of three licenses as you choose:
#include "libraw/libraw.h"
#include "internal/defines.h"
#include "internal/var_defines.h"
+#line 4102 "dcraw/dcraw.c"
/*
Seach from the current directory up to the root looking for
a ".badpixels" file, and fix those pixels now.
@@ -52,6 +54,7 @@ void CLASS bad_pixels (const char *cfname)
#endif
if (cfname)
fp = fopen (cfname, "r");
+#line 4152 "dcraw/dcraw.c"
if (!fp)
{
#ifdef LIBRAW_LIBRARY_BUILD
@@ -151,6 +154,7 @@ void CLASS subtract (const char *fname)
RUN_CALLBACK(LIBRAW_PROGRESS_DARK_FRAME,1,2);
#endif
}
+#line 10214 "dcraw/dcraw.c"
#ifndef NO_LCMS
void CLASS apply_profile (const char *input, const char *output)
{
|
