Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
exempi
CVE-2020-18652.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2020-18652.patch of Package exempi
diff -urp exempi-2.4.5.orig/XMPFiles/source/FormatSupport/WEBP_Support.cpp exempi-2.4.5/XMPFiles/source/FormatSupport/WEBP_Support.cpp --- exempi-2.4.5.orig/XMPFiles/source/FormatSupport/WEBP_Support.cpp 2018-02-26 00:47:43.000000000 -0600 +++ exempi-2.4.5/XMPFiles/source/FormatSupport/WEBP_Support.cpp 2023-08-23 14:49:50.184105623 -0500 @@ -120,10 +120,16 @@ VP8XChunk::VP8XChunk(Container* parent) this->data.assign(this->size, 0); XMP_Uns8* bitstream = (XMP_Uns8*)parent->chunks[WEBP_CHUNK_IMAGE][0]->data.data(); + XMP_Uns32 width = 0; + XMP_Uns32 height = 0; // See bug https://bugs.freedesktop.org/show_bug.cgi?id=105247 // bitstream could be NULL. - XMP_Uns32 width = bitstream ? ((bitstream[7] << 8) | bitstream[6]) & 0x3fff : 0; - XMP_Uns32 height = bitstream ? ((bitstream[9] << 8) | bitstream[8]) & 0x3fff : 0; + // See bug https://gitlab.freedesktop.org/libopenraw/exempi/issues/12 + // image chunk data could be too short (must be 10) + if (parent->chunks[WEBP_CHUNK_IMAGE][0]->data.size() >= 10 && bitstream) { + width = ((bitstream[7] << 8) | bitstream[6]) & 0x3fff; + height = ((bitstream[9] << 8) | bitstream[8]) & 0x3fff; + } this->width(width); this->height(height); parent->vp8x = this;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor