5b161007a0
(changeset 983bda1f) to prevent a denial of service (crash) via a
crafted image
PR: 200199
Obtained from: 983bda1f0f
Security: CVE-2015-3885
Security: 57325ecf-facc-11e4-968f-b888e347c638
Submitted by: Jason Unovitch <jason unovitch gmail com>
Reported by: Sevan Janiyan <venture37 geeklan co uk>
Approved by: samm os2 kiev ua (maintainer)
MFH: 2015Q2
12 lines
286 B
C++
12 lines
286 B
C++
--- plugins/load-dcraw/dcraw.cc.orig 2015-05-29 01:03:46 UTC
|
|
+++ plugins/load-dcraw/dcraw.cc
|
|
@@ -869,7 +869,8 @@ struct jhead {
|
|
|
|
int CLASS ljpeg_start (struct jhead *jh, int info_only)
|
|
{
|
|
- int c, tag, len;
|
|
+ int c, tag;
|
|
+ ushort len;
|
|
uchar data[0x10000];
|
|
const uchar *dp;
|
|
|