packages/libs/tiff/patches/903-cve-2009-2285.patch

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285

--- a/libtiff/tif_lzw.c
+++ b/libtiff/tif_lzw.c
@@ -422,7 +422,7 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
 			NextCode(tif, sp, bp, code, GetNextCode);
 			if (code == CODE_EOI)
 				break;
-			 if (code == CODE_CLEAR) {
+			 if (code >= CODE_CLEAR) {
 				 TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
 				 "LZWDecode: Corrupted LZW table at scanline %d",
 				 tif->tif_row);
@@ -626,7 +626,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
 			if (code == CODE_EOI)
 				break;
-			 if (code == CODE_CLEAR) {
+			 if (code >= CODE_CLEAR) {
 				 TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
 				 "LZWDecode: Corrupted LZW table at scanline %d",
 				 tif->tif_row);
[packages] libtiff: fix multiple buffer overflows (patches from Debian) - CVE-2006-3459 - CVE-2006-3465 - CVE-2008-2327 - CVE-2009-2285 git-svn-id: svn://svn.openwrt.org/openwrt/packages@16751 3c298f89-4303-0410-b956-a3cf2f4a3e73 2009-07-09 14:35:40 +00:00			`http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285`

			`--- a/libtiff/tif_lzw.c`
			`+++ b/libtiff/tif_lzw.c`
			`@@ -422,7 +422,7 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize`
			`NextCode(tif, sp, bp, code, GetNextCode);`
			`if (code == CODE_EOI)`
			`break;`
			`- if (code == CODE_CLEAR) {`
			`+ if (code >= CODE_CLEAR) {`
			`TIFFErrorExt(tif->tif_clientdata, tif->tif_name,`
			`"LZWDecode: Corrupted LZW table at scanline %d",`
			`tif->tif_row);`
			`@@ -626,7 +626,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,`
			`NextCode(tif, sp, bp, code, GetNextCodeCompat);`
			`if (code == CODE_EOI)`
			`break;`
			`- if (code == CODE_CLEAR) {`
			`+ if (code >= CODE_CLEAR) {`
			`TIFFErrorExt(tif->tif_clientdata, tif->tif_name,`
			`"LZWDecode: Corrupted LZW table at scanline %d",`
			`tif->tif_row);`