1 files changed, 0 insertions, 40 deletions

diff --git a/main/tiff/libtiff-CVE-2012-4447.patch b/main/tiff/libtiff-CVE-2012-4447.patch
deleted file mode 100644
index ebf9a00e1b..0000000000
--- a/main/tiff/libtiff-CVE-2012-4447.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-Upstream patch for CVE-2012-4447.
-
-
-diff -Naur tiff-4.0.3.orig/libtiff/tif_pixarlog.c tiff-4.0.3/libtiff/tif_pixarlog.c
---- tiff-4.0.3.orig/libtiff/tif_pixarlog.c	2012-07-04 15:26:31.000000000 -0400
-+++ tiff-4.0.3/libtiff/tif_pixarlog.c	2012-12-12 16:43:18.931315699 -0500
-@@ -644,6 +644,20 @@
- 	return bytes;
- }
- 
-+static tmsize_t
-+add_ms(tmsize_t m1, tmsize_t m2)
-+{
-+	tmsize_t bytes = m1 + m2;
-+
-+	/* if either input is zero, assume overflow already occurred */
-+	if (m1 == 0 || m2 == 0)
-+		bytes = 0;
-+	else if (bytes <= m1 || bytes <= m2)
-+		bytes = 0;
-+
-+	return bytes;
-+}
-+
- static int
- PixarLogFixupTags(TIFF* tif)
- {
-@@ -671,9 +685,11 @@
- 	    td->td_samplesperpixel : 1);
- 	tbuf_size = multiply_ms(multiply_ms(multiply_ms(sp->stride, td->td_imagewidth),
- 				      td->td_rowsperstrip), sizeof(uint16));
-+	/* add one more stride in case input ends mid-stride */
-+	tbuf_size = add_ms(tbuf_size, sizeof(uint16) * sp->stride);
- 	if (tbuf_size == 0)
- 		return (0);   /* TODO: this is an error return without error report through TIFFErrorExt */
--	sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size+sizeof(uint16)*sp->stride);
-+	sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size);
- 	if (sp->tbuf == NULL)
- 		return (0);
- 	if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN)