diff --git a/ChangeLog b/ChangeLog index 449555d2..6fbd83fe 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2013-08-13 Frank Warmerdam + * tools/gif2tiff.c: Be more careful about corrupt or + hostile input files (#2450, CVE-2013-4231) + * tools/tiff2pdf.c: terminate after failure of allocating ycbcr buffer (bug #2449, CVE-2013-4232) diff --git a/tools/gif2tiff.c b/tools/gif2tiff.c index 17f7a19e..4093411d 100644 --- a/tools/gif2tiff.c +++ b/tools/gif2tiff.c @@ -1,4 +1,4 @@ -/* $Id: gif2tiff.c,v 1.12 2010-12-15 00:22:44 faxguy Exp $ */ +/* $Id: gif2tiff.c,v 1.13 2013-08-14 05:18:53 fwarmerdam Exp $ */ /* * Copyright (c) 1990-1997 Sam Leffler @@ -333,6 +333,8 @@ readraster(void) int status = 1; datasize = getc(infile); + if (datasize > 12) + return 0; clear = 1 << datasize; eoi = clear + 1; avail = clear + 2;