Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
exiv2
CVE-2018-11531.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-11531.patch of Package exiv2
Index: exiv2-0.23/src/preview.cpp =================================================================== --- exiv2-0.23.orig/src/preview.cpp +++ exiv2-0.23/src/preview.cpp @@ -41,6 +41,7 @@ EXIV2_RCSID("@(#) $Id: preview.cpp 2698 #include "preview.hpp" #include "futils.hpp" +#include "enforce.hpp" #include "image.hpp" #include "cr2image.hpp" @@ -809,13 +810,14 @@ namespace { else { // FIXME: the buffer is probably copied twice, it should be optimized DataBuf buf(size_); - Exiv2::byte* pos = buf.pData_; + uint32_t idxBuf = 0; for (int i = 0; i < sizes.count(); i++) { uint32_t offset = dataValue.toLong(i); uint32_t size = sizes.toLong(i); - if (offset + size <= static_cast<uint32_t>(io.size())) - memcpy(pos, base + offset, size); - pos += size; + enforce(idxBuf + size < size_, kerCorruptedMetadata); + if (size!=0 && offset + size <= static_cast<uint32_t>(io.size())) + memcpy(&buf.pData_[idxBuf], base + offset, size); + idxBuf += size; } dataValue.setDataArea(buf.pData_, buf.size_); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor