Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-0561: TIFFFetchStripThing(): avoid calling memcpy() with a null source pointer and... (eecb0712) · Commits · freedesktop-sdk / mirrors / gitlab / libtiff / libtiff

Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.

CVE
Open in Source
#dos#git

Verified Commit eecb0712 authored Feb 06, 2022 by Even Rouault's avatar

Browse files

TIFFFetchStripThing(): avoid calling memcpy() with a null source pointer and…

TIFFFetchStripThing(): avoid calling memcpy() with a null source pointer and size of zero (fixes #362)

  • Changes 1

@@ -5777,8 +5777,9 @@ TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32_t nstrips, uint64_t** l

_TIFFfree(data);

return(0);

}

_TIFFmemcpy(resizeddata,data, (uint32_t)dir->tdir_count * sizeof(uint64_t));

_TIFFmemset(resizeddata+(uint32_t)dir->tdir_count, 0, (nstrips - (uint32_t)dir->tdir_count) * sizeof(uint64_t));

if( dir->tdir_count )

_TIFFmemcpy(resizeddata,data, (uint32_t)dir->tdir_count * sizeof(uint64_t));

_TIFFmemset(resizeddata+(uint32_t)dir->tdir_count, 0, (nstrips - (uint32_t)dir->tdir_count) * sizeof(uint64_t));

_TIFFfree(data);

data=resizeddata;

}

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE