diff options
author | Tom Lane <tgl@sss.pgh.pa.us> | 2012-07-18 15:08:09 +0000 |
---|---|---|
committer | Tom Lane <tgl@sss.pgh.pa.us> | 2012-07-18 15:08:09 +0000 |
commit | fe55c9d386a4fd0ac76b65487999b0ac69112d9a (patch) | |
tree | 765635b6d03821eb638403cae7aa80c141b883bd | |
parent | a1d5b1d4a662044b89cb1ff23ba21aa8856151da (diff) | |
download | libtiff-git-fe55c9d386a4fd0ac76b65487999b0ac69112d9a.tar.gz |
In tiff2pdf.c, fail when TIFFSetDirectory() fails.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | tools/tiff2pdf.c | 3 |
2 files changed, 8 insertions, 1 deletions
@@ -1,3 +1,9 @@ +2012-07-18 Tom Lane <tgl@sss.pgh.pa.us> + + * tools/tiff2pdf.c: Fail when TIFFSetDirectory() fails. This + prevents core dumps or perhaps even arbitrary code execution when + processing a corrupt input file (CVE-2012-3401). + 2012-06-15 Tom Lane <tgl@sss.pgh.pa.us> * libtiff/tif_strip.c, libtiff/tif_tile.c: Back-patch the 4.0 diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c index 1c923477..e2afe103 100644 --- a/tools/tiff2pdf.c +++ b/tools/tiff2pdf.c @@ -1,4 +1,4 @@ -/* $Id: tiff2pdf.c,v 1.37.2.20 2012-06-15 21:45:04 tgl Exp $ +/* $Id: tiff2pdf.c,v 1.37.2.21 2012-07-18 15:08:09 tgl Exp $ * * tiff2pdf - converts a TIFF image to a PDF document * @@ -1063,6 +1063,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ "Can't set directory %u of input file %s", i, TIFFFileName(input)); + t2p->t2p_error = T2P_ERR_ERROR; return; } if(TIFFGetField(input, TIFFTAG_PAGENUMBER, &pagen, &paged)){ |