Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
exiv2
CVE-2021-37618.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-37618.patch of Package exiv2
From dbf472751fc8b87ea7d1de02f54eaf64233a2fb6 Mon Sep 17 00:00:00 2001 From: Kevin Backhouse <kevinbackhouse@github.com> Date: Mon, 5 Jul 2021 10:40:03 +0100 Subject: [PATCH 2/2] Better bounds checking in Jp2Image::printStructure --- src/jp2image.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/jp2image.cpp b/src/jp2image.cpp index 43c93d7..a8c37e8 100644 --- a/src/jp2image.cpp +++ b/src/jp2image.cpp @@ -42,6 +42,7 @@ EXIV2_RCSID("@(#) $Id$") #include "futils.hpp" #include "types.hpp" #include "safe_op.hpp" +#include "enforce.hpp" // + standard includes #include <string> @@ -511,6 +512,7 @@ namespace Exiv2 if(subBox.type == kJp2BoxTypeColorHeader) { long pad = 3 ; // don't know why there are 3 padding bytes + enforce(data.size_ >= pad, kerCorruptedMetadata); if ( bPrint ) { out << " | pad:" ; for ( int i = 0 ; i < 3 ; i++ ) out<< " " << (int) data.pData_[i]; @@ -521,6 +523,7 @@ namespace Exiv2 } DataBuf icc(iccLength); + enforce(iccLength <= data.size_ - pad, kerCorruptedMetadata); if ( bICC ) out.write((const char*)icc.pData_,icc.size_); } lf(out,bLF);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor