external/libtiff/UnpackedTarball_libtiff.mk | 1 +
external/libtiff/ubsan.patch | 11 +++++++++++
2 files changed, 12 insertions(+)
New commits:
commit 91f408fd94cf38b27dcb26ced9cd6c4e1a9d1cd2
Author: Stephan Bergmann <sberg...@redhat.com>
AuthorDate: Mon May 23 15:05:47 2022 +0200
Commit: Stephan Bergmann <sberg...@redhat.com>
CommitDate: Mon May 23 21:59:21 2022 +0200
external/libtiff: Silence invalid-null-argument
...during CppunitTest_vcl_filters_test,
> tif_dirread.c:4176:40: runtime error: null pointer passed as argument 2,
which is declared to never be null
> /usr/include/string.h:44:28: note: nonnull attribute specified here
> #0 in TIFFReadDirectory at
workdir/UnpackedTarball/libtiff/libtiff/tif_dirread.c:4176:17
(instdir/program/libvcllo.so +0xc4dbb6d)
> #1 in ImportTiffGraphicImport(SvStream&, Graphic&) at
vcl/source/filter/itiff/itiff.cxx:238:14 (instdir/program/libvcllo.so
+0xa691680)
> #2 in TiffFilterTest::load(rtl::OUString const&, rtl::OUString const&,
rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int) at
vcl/qa/cppunit/graphicfilter/filters-tiff-test.cxx:70:12
(workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so +0x16dc48)
> #3 in test::FiltersTest::recursiveScan(test::filterStatus, rtl::OUString
const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags,
SotClipboardFormatId, unsigned int, bool) at
unotest/source/cpp/filters-test.cxx:132:20
(workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0xd8d5c)
> #4 in test::FiltersTest::testDir(rtl::OUString const&,
std::basic_string_view<char16_t, std::char_traits<char16_t>>, rtl::OUString
const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at
unotest/source/cpp/filters-test.cxx:160:5
(workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0xdcc71)
> #5 in TiffFilterTest::testCVEs() at
vcl/qa/cppunit/graphicfilter/filters-tiff-test.cxx:76:5
(workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so +0x16e1c5)
Change-Id: I2de4363ff0f5552e89fd0af84b7b88e38b7bb209
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134823
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sberg...@redhat.com>
diff --git a/external/libtiff/UnpackedTarball_libtiff.mk
b/external/libtiff/UnpackedTarball_libtiff.mk
index ee3d4ab6cb27..f874d6d61743 100644
--- a/external/libtiff/UnpackedTarball_libtiff.mk
+++ b/external/libtiff/UnpackedTarball_libtiff.mk
@@ -16,6 +16,7 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,libtiff,0))
$(eval $(call gb_UnpackedTarball_add_patches,libtiff,\
external/libtiff/libtiff.linknolibs.patch \
external/libtiff/libtiff.16bitcielab.patch \
+ external/libtiff/ubsan.patch \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/libtiff/ubsan.patch b/external/libtiff/ubsan.patch
new file mode 100644
index 000000000000..853d069ad795
--- /dev/null
+++ b/external/libtiff/ubsan.patch
@@ -0,0 +1,11 @@
+--- libtiff/tif_dirread.c
++++ libtiff/tif_dirread.c
+@@ -4173,7 +4173,7 @@
+ goto bad;
+ }
+
+- memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo,
old_extrasamples * sizeof(uint16_t));
++ if (old_extrasamples != 0) memcpy(new_sampleinfo,
tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16_t));
+ _TIFFsetShortArray(&tif->tif_dir.td_sampleinfo,
new_sampleinfo, tif->tif_dir.td_extrasamples);
+ _TIFFfree(new_sampleinfo);
+ }
