libs/tiff/patches/021-CVE-2019-6128.patch

   1 From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001
   2 From: Scott Gayou <github.scott@gmail.com>
   3 Date: Wed, 23 Jan 2019 15:03:53 -0500
   4 Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128.
   5
   6 pal2rgb failed to free memory on a few errors. This was reported
   7 here: http://bugzilla.maptools.org/show_bug.cgi?id=2836.
   8 ---
   9  tools/pal2rgb.c | 7 ++++++-
  10  1 file changed, 6 insertions(+), 1 deletion(-)
  11
  12 diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
  13 index 01d8502e..9492f1cf 100644
  14 --- a/tools/pal2rgb.c
  15 +++ b/tools/pal2rgb.c
  16 @@ -118,12 +118,14 @@ main(int argc, char* argv[])
  17             shortv != PHOTOMETRIC_PALETTE) {
  18                 fprintf(stderr, "%s: Expecting a palette image.\n",
  19                     argv[optind]);
  20 +               (void) TIFFClose(in);
  21                 return (-1);
  22         }
  23         if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) {
  24                 fprintf(stderr,
  25                     "%s: No colormap (not a valid palette image).\n",
  26                     argv[optind]);
  27 +               (void) TIFFClose(in);
  28                 return (-1);
  29         }
  30         bitspersample = 0;
  31 @@ -131,11 +133,14 @@ main(int argc, char* argv[])
  32         if (bitspersample != 8) {
  33                 fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n",
  34                     argv[optind]);
  35 +               (void) TIFFClose(in);
  36                 return (-1);
  37         }
  38         out = TIFFOpen(argv[optind+1], "w");
  39 -       if (out == NULL)
  40 +       if (out == NULL) {
  41 +               (void) TIFFClose(in);
  42                 return (-2);
  43 +       }
  44         cpTags(in, out);
  45         TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth);
  46         TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength);
  47 --
  48 2.18.1
  49