From 8b67b19d7e6dfb8984cc9c92ef59a81cb4edaa77 Mon Sep 17 00:00:00 2001
From: stackexploit <stackexploit@gmail.com>
Date: Wed, 26 Oct 2016 22:40:34 -0700
Subject: libtiff: Prevent a buffer overflow in function PixarLogDecode.

Fix potential buffer write overrun in PixarLogDecode() on corrupted/unexpected
images. The issue has been fixed in upstream (libtiff revision 1.44,
author: erouault, commitid: 2SqWSFG5a8Ewffcz, date: 2016-06-28 23:12:19 +0800).

This CL applies the official patch to tif_pixarlog.c.

BUG=chromium:654172
R=dsinclair@chromium.org, thestig@chromium.org

Review-Url: https://codereview.chromium.org/2453253003
---
 third_party/libtiff/README.pdfium | 1 +
 1 file changed, 1 insertion(+)

(limited to 'third_party/libtiff/README.pdfium')

diff --git a/third_party/libtiff/README.pdfium b/third_party/libtiff/README.pdfium
index 66049c4e98..e0b4192e75 100644
--- a/third_party/libtiff/README.pdfium
+++ b/third_party/libtiff/README.pdfium
@@ -18,3 +18,4 @@ Local Modifications:
 0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch: Fix a heap buffer overflow
 0007-uninitialized-value.patch: Fix potentially uninitialized dircount value
 0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch: Fix a heap buffer overflow
+0009-HeapBufferOverflow-PixarLogDecode.patch: Fix a heap buffer overflow
-- 
cgit v1.2.3