Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
php7.11984
php-CVE-2019-9638,9639.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2019-9638,9639.patch of Package php7.11984
Index: php-7.0.7/ext/exif/exif.c =================================================================== --- php-7.0.7.orig/ext/exif/exif.c 2019-03-19 14:13:08.617899764 +0100 +++ php-7.0.7/ext/exif/exif.c 2019-03-19 14:15:02.922567478 +0100 @@ -2729,7 +2729,7 @@ static int exif_process_IFD_in_MAKERNOTE break; } - if (maker_note->offset >= value_len) { + if (value_len < 2 || maker_note->offset >= value_len - 1) { /* Do not go past the value end */ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "IFD data too short: 0x%04X offset 0x%04X", value_len, maker_note->offset); return FALSE; @@ -2782,6 +2782,7 @@ static int exif_process_IFD_in_MAKERNOTE break; default: case MN_OFFSET_NORMAL: + data_len = value_len; break; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor