summaryrefslogtreecommitdiff
path: root/third_party/libtiff/0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch
AgeCommit message (Collapse)Author
2016-10-10libtiff: Prevent a buffer overflow in function ChopUpSingleUncompressedStrip.stackexploit
The patch (https://codereview.chromium.org/2284063002) for Issue 618267 was insufficient. The integer overflow still could be triggered and could lead to heap buffer overflow. This CL strengthens integer overflow check in function _TIFFCheckRealloc. BUG=chromium:654169 R=ochang@chromium.org, tsepez@chromium.org, dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2405693002
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 01:55:29 +0000