Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
php72.14672
php-CVE-2019-9638,9639.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2019-9638,9639.patch of Package php72.14672
Index: php-7.2.5/ext/exif/exif.c =================================================================== --- php-7.2.5.orig/ext/exif/exif.c 2019-03-19 11:47:31.254886961 +0100 +++ php-7.2.5/ext/exif/exif.c 2019-03-19 11:49:09.123455967 +0100 @@ -3149,7 +3149,7 @@ static int exif_process_IFD_in_MAKERNOTE break; } - if (maker_note->offset >= value_len) { + if (value_len < 2 || maker_note->offset >= value_len - 1) { /* Do not go past the value end */ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "IFD data too short: 0x%04X offset 0x%04X", value_len, maker_note->offset); return FALSE; @@ -3204,6 +3204,7 @@ static int exif_process_IFD_in_MAKERNOTE #endif default: case MN_OFFSET_NORMAL: + data_len = value_len; break; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor