summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch')
-rw-r--r--gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch31
1 files changed, 0 insertions, 31 deletions
diff --git a/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch b/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch
deleted file mode 100644
index 35f2bf5963..0000000000
--- a/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix integer overflow which can potentially lead to RCE.
-
-https://www.openwall.com/lists/oss-security/2019/11/11/1
-https://nvd.nist.gov/vuln/detail/CVE-2019-2201
-
-The problem was partially fixed in 2.0.3. This patch is a follow-up.
-https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
-https://github.com/libjpeg-turbo/libjpeg-turbo/commit/c30b1e72dac76343ef9029833d1561de07d29bad
-
-diff --git a/tjbench.c b/tjbench.c
-index a7d397318..13a5bde62 100644
---- a/tjbench.c
-+++ b/tjbench.c
-@@ -171,7 +171,7 @@ static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf,
- }
- /* Set the destination buffer to gray so we know whether the decompressor
- attempted to write to it */
-- memset(dstBuf, 127, pitch * scaledh);
-+ memset(dstBuf, 127, (size_t)pitch * scaledh);
-
- if (doYUV) {
- int width = doTile ? tilew : scaledw;
-@@ -193,7 +193,7 @@ static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf,
- double start = getTime();
-
- for (row = 0, dstPtr = dstBuf; row < ntilesh;
-- row++, dstPtr += pitch * tileh) {
-+ row++, dstPtr += (size_t)pitch * tileh) {
- for (col = 0, dstPtr2 = dstPtr; col < ntilesw;
- col++, tile++, dstPtr2 += ps * tilew) {
- int width = doTile ? min(tilew, w - col * tilew) : scaledw;