external/libtiff/0001-ofz-54685-Timeout.patch

   1 From caab95ab518aafbc985974098ad806f769c462ea Mon Sep 17 00:00:00 2001
   2 From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
   3 Date: Fri, 20 Jan 2023 10:41:34 +0000
   4 Subject: [PATCH] ofz#54685 Timeout
   5
   6 ---
   7  libtiff/tif_ojpeg.c | 29 +++++++++++++++++++++++++++++
   8  1 file changed, 29 insertions(+)
   9
  10 diff --git a/libtiff/tif_ojpeg.c b/libtiff/tif_ojpeg.c
  11 index 0c915de2..27b84611 100644
  12 --- a/libtiff/tif_ojpeg.c
  13 +++ b/libtiff/tif_ojpeg.c
  14 @@ -1312,6 +1312,34 @@ static int OJPEGReadSecondarySos(TIFF *tif, uint16_t s)
  15      return (1);
  16  }
  17
  18 +// see also vcl/source/filter/jpeg/jpegc.cxx
  19 +static void emitMessage(j_common_ptr cinfo, int msg_level)
  20 +{
  21 +    if (msg_level < 0)
  22 +    {
  23 +        // https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
  24 +        // try to retain some degree of recoverability up to some reasonable
  25 +        // limit (initially using ImageMagick's current limit of 1000), then
  26 +        // bail.
  27 +        const int WarningLimit = 1000;
  28 +#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
  29 +        // ofz#50452 due to Timeouts, just abandon fuzzing on any
  30 +        // JWRN_NOT_SEQUENTIAL
  31 +        if (cinfo->err->msg_code == JWRN_NOT_SEQUENTIAL)
  32 +        {
  33 +            cinfo->err->error_exit(cinfo);
  34 +            return;
  35 +        }
  36 +#endif
  37 +        if (++cinfo->err->num_warnings > WarningLimit)
  38 +            cinfo->err->error_exit(cinfo);
  39 +        else
  40 +            cinfo->err->output_message(cinfo);
  41 +    }
  42 +    else if (cinfo->err->trace_level >= msg_level)
  43 +        cinfo->err->output_message(cinfo);
  44 +}
  45 +
  46  static int OJPEGWriteHeaderInfo(TIFF *tif)
  47  {
  48      static const char module[] = "OJPEGWriteHeaderInfo";
  49 @@ -1327,6 +1355,7 @@ static int OJPEGWriteHeaderInfo(TIFF *tif)
  50      sp->libjpeg_jpeg_error_mgr.output_message =
  51          OJPEGLibjpegJpegErrorMgrOutputMessage;
  52      sp->libjpeg_jpeg_error_mgr.error_exit = OJPEGLibjpegJpegErrorMgrErrorExit;
  53 +    sp->libjpeg_jpeg_error_mgr.emit_message = emitMessage;
  54      sp->libjpeg_jpeg_decompress_struct.err = &(sp->libjpeg_jpeg_error_mgr);
  55      sp->libjpeg_jpeg_decompress_struct.client_data = (void *)tif;
  56      if (jpeg_create_decompress_encap(
  57 --
  58 2.39.0
  59