From 49b81e99704bd199a24ccce65f974cc2d78cccc4 Mon Sep 17 00:00:00 2001
From: 4ugustus <wangdw.augustus@qq.com>
Date: Tue, 4 Jan 2022 11:01:37 +0000
Subject: [PATCH] fixing global-buffer-overflow in tiffset
---
tools/tiffset.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/tools/tiffset.c b/tools/tiffset.c
index 8c9e23c5..b7badd93 100644
--- a/tools/tiffset.c
+++ b/tools/tiffset.c
@@ -146,9 +146,19 @@ main(int argc, char* argv[])
arg_index++;
if (TIFFFieldDataType(fip) == TIFF_ASCII) {
- if (TIFFSetField(tiff, TIFFFieldTag(fip), argv[arg_index]) != 1)
- fprintf( stderr, "Failed to set %s=%s\n",
- TIFFFieldName(fip), argv[arg_index] );
+ if(TIFFFieldPassCount( fip )) {
+ size_t len;
+ len = (uint32)(strlen(argv[arg_index] + 1));
+ if (TIFFSetField(tiff, TIFFFieldTag(fip),
+ (uint16)len, argv[arg_index]) != 1)
+ fprintf( stderr, "Failed to set %s=%s",
+ TIFFFieldName(fip), argv[arg_index] );
+ } else {
+ if (TIFFSetField(tiff, TIFFFieldTag(fip),
+ argv[arg_index]) != 1)
+ fprintf( stderr, "Failed to set %s=%s",
+ TIFFFieldName(fip), argv[arg_index] );
+ }
} else if (TIFFFieldWriteCount(fip) > 0
|| TIFFFieldWriteCount(fip) == TIFF_VARIABLE) {
int ret = 1;
--
GitLab
distrib
>
Mageia
>
8
>
i586
>
media
>
core-updates_testing-src
>
by-pkgid
>
0a4e82cc20594aa76c552ec815a3f474
>
files
>
35
