tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

Fixes upstream issue #352 (closed) where a buffer overflow was generated
by an uint underflow in tiffcrop.c computeInputPixelOffsets()
calculating (uint32_t)(0 - 1) around line 5210. In the following
tiffcrop tries to read pixels from the image at an offset far beyond the
file-/buffersize.
The main region checks in computeInputPixelOffsets() are now updated to
avoid uint underflow.
This update fixes also upstream issues #350 (closed) and #351 (closed).
Issue 350 is fixed by checking for not allowed zone input cases like -Z
0:0 in getCropOffsets().
Furthermore upstream issue #335 (moved) (closed) and #336 (closed) (closed) are also
fixed.
CVE: CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

Signed-off-by: Ghassane Ben El Aattar ghassaneb.aattar@huawei.com

@ghassaneben rebase needed here too

added 263 commits

• 0f360887...4c0160e8 - 262 commits from branch eclipse/oniro-core:kirkstone
• df4b8a8c - [PATCH] tiff: Fix upstream issue #352 heap-buffer-overflow by correcting uint32_t underflow.

Compare with previous version

approved this merge request

The patch looks good to me, but the commit subject line is very confusing. You are re-using subject and body from the actual patch for libtiff which do not fit into the context of Oniro.

What I would expect is at least a different subject line for the commit. e.g.

tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

That makes clear what the recipe is we are touching an the purpose of the change.

added 1 commit

• ab99d3d3 - [PATCH] tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

Compare with previous version

changed title from [PATCH] tiff: Fix upstream issue #352 heap-buffer-overflow by correcting uint32_t underflow. to [PATCH] tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

Please drop the [PATCH] prefix. We are not using that in Oniro, its used for a email-based patch workflow.

added 1 commit

• a40d01a8 - tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

Compare with previous version

changed title from [PATCH] tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869 to tiff: backport upstream fix for CVE-2022-2867, CVE-2022-2868, CVE-2022-2869

changed the description

resolved all threads

approved this merge request

enabled automatic add to merge train when the pipeline for 2fa18ed5 succeeds

added this merge request to the merge train at position 2

mentioned in commit 46533ceb

merged