aboutsummaryrefslogtreecommitdiffstats
path: root/main/lcms2/CVE-2018-16435.patch
blob: 775225c98845bf4e859a4a9a07c2723e67e407dd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
From 768f70ca405cd3159d990e962d54456773bb8cf8 Mon Sep 17 00:00:00 2001
From: Marti Maria <info@littlecms.com>
Date: Wed, 15 Aug 2018 20:07:56 +0200
Subject: [PATCH] Upgrade Visual studio 2017 15.8

- Upgrade to 15.8
- Add check on CGATS memory allocation (thanks to Quang Nguyen for
pointing out this)
---
 Projects/VC2017/jpegicc/jpegicc.vcxproj           |  1 +
 Projects/VC2017/lcms2_DLL/lcms2_DLL.vcxproj       |  2 +-
 Projects/VC2017/lcms2_static/lcms2_static.vcxproj |  2 +-
 Projects/VC2017/linkicc/linkicc.vcxproj           |  2 +-
 Projects/VC2017/psicc/psicc.vcxproj               |  2 +-
 Projects/VC2017/testbed/testbed.vcxproj           |  2 +-
 Projects/VC2017/tiffdiff/tiffdiff.vcxproj         |  2 +-
 Projects/VC2017/tifficc/tifficc.vcxproj           |  2 +-
 Projects/VC2017/transicc/transicc.vcxproj         |  1 +
 src/cmscgats.c                                    | 14 ++++++++++----
 10 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/Projects/VC2017/jpegicc/jpegicc.vcxproj b/Projects/VC2017/jpegicc/jpegicc.vcxproj
index ab26a53..39cfd00 100644
--- a/Projects/VC2017/jpegicc/jpegicc.vcxproj
+++ b/Projects/VC2017/jpegicc/jpegicc.vcxproj
@@ -22,6 +22,7 @@
     <ProjectGuid>{62812507-F926-4968-96A9-17678460AD90}</ProjectGuid>
     <RootNamespace>jpegicc</RootNamespace>
     <Keyword>Win32Proj</Keyword>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/lcms2_DLL/lcms2_DLL.vcxproj b/Projects/VC2017/lcms2_DLL/lcms2_DLL.vcxproj
index 4c8aa3f..d1bf3eb 100644
--- a/Projects/VC2017/lcms2_DLL/lcms2_DLL.vcxproj
+++ b/Projects/VC2017/lcms2_DLL/lcms2_DLL.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{8C51BE48-ADB8-4089-A9EC-F6BF993A0548}</ProjectGuid>
     <RootNamespace>lcms2_DLL</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/lcms2_static/lcms2_static.vcxproj b/Projects/VC2017/lcms2_static/lcms2_static.vcxproj
index 2a9988a..9fc05ce 100644
--- a/Projects/VC2017/lcms2_static/lcms2_static.vcxproj
+++ b/Projects/VC2017/lcms2_static/lcms2_static.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{71DEDE59-3F1E-486B-A899-4283000F76B5}</ProjectGuid>
     <RootNamespace>lcms2_static</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/linkicc/linkicc.vcxproj b/Projects/VC2017/linkicc/linkicc.vcxproj
index 30c2b4e..51586dd 100644
--- a/Projects/VC2017/linkicc/linkicc.vcxproj
+++ b/Projects/VC2017/linkicc/linkicc.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{FBFBE1DC-DB84-4BA1-9552-B4780F457849}</ProjectGuid>
     <RootNamespace>linkicc</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/psicc/psicc.vcxproj b/Projects/VC2017/psicc/psicc.vcxproj
index 9dcf89a..8f26e12 100644
--- a/Projects/VC2017/psicc/psicc.vcxproj
+++ b/Projects/VC2017/psicc/psicc.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{EF6A8851-65FE-46F5-B9EF-14F0B671F693}</ProjectGuid>
     <RootNamespace>psicc</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/testbed/testbed.vcxproj b/Projects/VC2017/testbed/testbed.vcxproj
index 0af3762..3f6aea3 100644
--- a/Projects/VC2017/testbed/testbed.vcxproj
+++ b/Projects/VC2017/testbed/testbed.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{928A3A2B-46EF-4279-959C-513B3652FF0E}</ProjectGuid>
     <RootNamespace>testbed</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/tiffdiff/tiffdiff.vcxproj b/Projects/VC2017/tiffdiff/tiffdiff.vcxproj
index 7edfe28..3a6d837 100644
--- a/Projects/VC2017/tiffdiff/tiffdiff.vcxproj
+++ b/Projects/VC2017/tiffdiff/tiffdiff.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{75B91835-CCD7-48BE-A606-A9C997D5DBEE}</ProjectGuid>
     <RootNamespace>tiffdiff</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/tifficc/tifficc.vcxproj b/Projects/VC2017/tifficc/tifficc.vcxproj
index cd9f04c..5ef954f 100644
--- a/Projects/VC2017/tifficc/tifficc.vcxproj
+++ b/Projects/VC2017/tifficc/tifficc.vcxproj
@@ -22,7 +22,7 @@
     <ProjectGuid>{2256DE16-ED92-4A6F-9C54-F65BB61E64A2}</ProjectGuid>
     <RootNamespace>tifficc</RootNamespace>
     <Keyword>Win32Proj</Keyword>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/Projects/VC2017/transicc/transicc.vcxproj b/Projects/VC2017/transicc/transicc.vcxproj
index d9b77c6..b3173d8 100644
--- a/Projects/VC2017/transicc/transicc.vcxproj
+++ b/Projects/VC2017/transicc/transicc.vcxproj
@@ -22,6 +22,7 @@
     <ProjectGuid>{9EE22D66-C849-474C-9ED5-C3E141DAB160}</ProjectGuid>
     <RootNamespace>transicc</RootNamespace>
     <Keyword>Win32Proj</Keyword>
+    <WindowsTargetPlatformVersion>10.0.17134.0</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
diff --git a/src/cmscgats.c b/src/cmscgats.c
index 1a87613..8c3e96d 100644
--- a/src/cmscgats.c
+++ b/src/cmscgats.c
@@ -1,7 +1,7 @@
 //---------------------------------------------------------------------------------
 //
 //  Little Color Management System
-//  Copyright (c) 1998-2017 Marti Maria Saguer
+//  Copyright (c) 1998-2018 Marti Maria Saguer
 //
 // Permission is hereby granted, free of charge, to any person obtaining
 // a copy of this software and associated documentation files (the "Software"),
@@ -1506,10 +1506,16 @@ void AllocateDataSet(cmsIT8* it8)
     t-> nSamples   = atoi(cmsIT8GetProperty(it8, "NUMBER_OF_FIELDS"));
     t-> nPatches   = atoi(cmsIT8GetProperty(it8, "NUMBER_OF_SETS"));
 
-    t-> Data = (char**)AllocChunk (it8, ((cmsUInt32Number) t->nSamples + 1) * ((cmsUInt32Number) t->nPatches + 1) *sizeof (char*));
-    if (t->Data == NULL) {
+    if (t -> nSamples < 0 || t->nSamples > 0x7ffe || t->nPatches < 0 || t->nPatches > 0x7ffe)
+    {
+        SynError(it8, "AllocateDataSet: too much data");
+    }
+    else {
+        t->Data = (char**)AllocChunk(it8, ((cmsUInt32Number)t->nSamples + 1) * ((cmsUInt32Number)t->nPatches + 1) * sizeof(char*));
+        if (t->Data == NULL) {
 
-        SynError(it8, "AllocateDataSet: Unable to allocate data array");
+            SynError(it8, "AllocateDataSet: Unable to allocate data array");
+        }
     }
 
 }