Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
home:dirkmueller:Factory
exiv2
CVE-2022-3953.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2022-3953.patch of Package exiv2
From 771ead87321ae6e39e5c9f6f0855c58cde6648f1 Mon Sep 17 00:00:00 2001 From: Kevin Backhouse <kevinbackhouse@github.com> Date: Wed, 26 Oct 2022 22:07:11 +0100 Subject: [PATCH] Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52731 Stop looping when eof is hit. --- src/quicktimevideo.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Index: exiv2-0.27.5/src/quicktimevideo.cpp =================================================================== --- exiv2-0.27.5.orig/src/quicktimevideo.cpp +++ exiv2-0.27.5/src/quicktimevideo.cpp @@ -1304,11 +1304,11 @@ namespace Exiv2 { DataBuf buf(4+1); io_->read(buf.pData_, 4); io_->read(buf.pData_, 4); - uint64_t noOfEntries; + uint32_t noOfEntries; noOfEntries = returnUnsignedBufValue(buf); - for(unsigned long i = 1; i <= noOfEntries; i++) + for(uint32_t i = 0; i < noOfEntries && continueTraversing_; i++) decodeBlock(); } // QuickTimeVideo::multipleEntriesDecoder
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
