Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
libexif.648
bug-771229_CVE-2012-2837.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bug-771229_CVE-2012-2837.patch of Package libexif.648
Update of /cvsroot/libexif/libexif/libexif/olympus In directory vz-cvs-4.sog:/tmp/cvs-serv19584/libexif/olympus Modified Files: mnote-olympus-entry.c Log Message: Fixed some possible division-by-zeros in Olympus-style makernotes This fixes bug #3434545, a.k.a. CVE-2012-2837 Index: mnote-olympus-entry.c =================================================================== RCS file: /cvsroot/libexif/libexif/libexif/olympus/mnote-olympus-entry.c,v retrieving revision 1.54 retrieving revision 1.55 diff -u -d -r1.54 -r1.55 --- libexif/olympus/mnote-olympus-entry.c 18 Apr 2011 23:46:33 -0000 1.54 +++ libexif/olymps/mnote-olympus-entry.c 12 Jul 2012 17:29:05 -0000 1.55 @@ -76,6 +76,9 @@ } \ } +#define R2L(n) ((n).denominator ? (long)(n).numerator/(n).denominator : 0L) +#define R2D(n) ((n).denominator ? (double)(n).numerator/(n).denominator : 0.0) + static const struct { ExifTag tag; ExifFormat fmt; @@ -372,20 +375,20 @@ CF (entry->format, EXIF_FORMAT_RATIONAL, v, maxlen); CC (entry->components, 4, v, maxlen); vr = exif_get_rational (entry->data, entry->order); - r = (double)vr.numerator / vr.denominator; + r = R2D(vr); vr = exif_get_rational (entry->data+8, entry->order); - b = (double)vr.numerator / vr.denominator; + b = R2D(vr); snprintf (v, maxlen, _("Red Correction %f, blue Correction %f"), r,b); break; case MNOTE_NIKON_TAG_MANUALFOCUSDISTANCE: CF (entry->format, EXIF_FORMAT_RATIONAL, v, maxlen); CC (entry->components, 1, v, maxlen); vr = exif_get_rational (entry->data, entry->order); - if (vr.numerator) { - r = (double)vr.numerator / vr.denominator; - snprintf (v, maxlen, _("%2.2f meters"), r); - } else { + if (!vr.numerator || !vr.denominator) { strncpy (v, _("No manual focus selection"), maxlen); + } else { + r = R2D(vr); + snprintf (v, maxlen, _("%2.2f meters"), r); } break; case MNOTE_NIKON_TAG_SENSORPIXELSIZE: @@ -393,8 +396,8 @@ CC (entry->components, 2, v, maxlen); vr = exif_get_rational (entry->data, entry->order); vr2 = exif_get_rational (entry->data+8, entry->order); - r = (double)vr.numerator / vr.denominator; - b = (double)vr2.numerator / vr2.denominator; + r = R2D(vr); + b = R2D(vr2); snprintf (v, maxlen, "%2.2f x %2.2f um", r, b); break; case MNOTE_NIKON_TAG_BRACKETING: @@ -450,10 +453,10 @@ if (entry->format == EXIF_FORMAT_RATIONAL) { CC (entry->components, 1, v, maxlen); vr = exif_get_rational (entry->data, entry->order); - if (!vr.numerator) { + if (!vr.numerator || !vr.denominator) { strncpy (v, _("None"), maxlen); } else { - r = (double)vr.numerator / vr.denominator; + r = R2D(vr); snprintf (v, maxlen, "%2.2f", r); } break; @@ -568,13 +571,13 @@ double c,d; unsigned long a,b; vr = exif_get_rational (entry->data, entry->order); - a = vr.numerator / vr.denominator; + a = R2L(vr); vr = exif_get_rational (entry->data+8, entry->order); - b = vr.numerator / vr.denominator; + b = R2L(vr); vr = exif_get_rational (entry->data+16, entry->order); - c = (double)vr.numerator / vr.denominator; + c = R2D(vr); vr = exif_get_rational (entry->data+24, entry->order); - d = (double)vr.numerator / vr.denominator; + d = R2D(vr); snprintf (v, maxlen, "%ld-%ldmm 1:%3.1f - %3.1f",a,b,c,d); } break; @@ -682,7 +685,7 @@ CF (entry->format, EXIF_FORMAT_RATIONAL, v, maxlen); CC (entry->components, 1, v, maxlen); vr = exif_get_rational (entry->data, entry->order); - if (vr.numerator == 0) { + if (!vr.numerator || !vr.denominator) { strncpy (v, _("Unknown"), maxlen); } else { @@ -793,7 +796,7 @@ if (!vr.denominator) { strncpy (v, _("Infinite"), maxlen); } else { - r = (double)vr.numerator / vr.denominator; + r = R2D(vr); snprintf (v, maxlen, "%2.3f", r); } break; @@ -803,7 +806,7 @@ if (!vsr.denominator) { strncpy (v, _("Infinite"), maxlen); } else { - r = (double)vsr.numerator / vsr.denominator; + r = R2D(vsr); snprintf (v, maxlen, "%2.3f", r); } break; ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ libexif-cvs mailing list libexif-cvs@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libexif-cvs
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
