main/tiff/tiff-4.0.3-CVE-2013-4231.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

http://pkgs.fedoraproject.org/cgit/libtiff.git/plain/libtiff-CVE-2013-4231.patch
http://bugs.gentoo.org/480466

--- a/tools/gif2tiff.c
+++ b/tools/gif2tiff.c
@@ -333,6 +333,10 @@ readraster(void)
     int status = 1;
 
     datasize = getc(infile);
+
+    if (datasize > 12)
+        return 0;
+
     clear = 1 << datasize;
     eoi = clear + 1;
     avail = clear + 2;