1 files changed, 0 insertions, 26 deletions

diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch
deleted file mode 100644
index 35f59b9bffd9..000000000000
--- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-https://codereview.chromium.org/2405693002
-https://crbug.com/654169
-https://pdfium.googlesource.com/pdfium/+/master/libtiff/
-
-Author: stackexploit <stackexploit@gmail.com>
-Date:   Mon Oct 10 10:58:25 2016 -0700
-
-libtiff: Prevent a buffer overflow in function ChopUpSingleUncompressedStrip.
-
-The patch (https://codereview.chromium.org/2284063002) for Issue 618267
-was insufficient. The integer overflow still could be triggered and could
-lead to heap buffer overflow.
-
-This CL strengthens integer overflow check in function _TIFFCheckRealloc.
-
---- a/libtiff/tif_aux.c
-+++ b/libtiff/tif_aux.c
-@@ -69,7 +69,7 @@ _TIFFCheckRealloc(TIFF* tif, void* buffer,
- 	/*
- 	 * XXX: Check for integer overflow.
- 	 */
--	if (nmemb && elem_size && !_TIFFIfMultiplicationOverflow(nmemb, elem_size))
-+	if (nmemb > 0 && elem_size > 0 && !_TIFFIfMultiplicationOverflow(nmemb, elem_size))
- 		cp = _TIFFrealloc(buffer, bytes);
- 
- 	if (cp == NULL) {