Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP5:Update
jhead.18188
jhead-CVE-2022-41751-3.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File jhead-CVE-2022-41751-3.patch of Package jhead.18188
Index: jhead-3.06.0.1/jhead.c =================================================================== --- jhead-3.06.0.1.orig/jhead.c +++ jhead-3.06.0.1/jhead.c @@ -766,9 +766,9 @@ static int DoAutoRotate(const char * Fil sprintf(RotateCommand,"jpegtran -trim -%s -outfile \"%s\" \"%s\"", Argument, ThumbTempName_out, ThumbTempName_in); - // Disallow characters in the command that could be used to execute arbitrary + // Disallow characters in the filenames that could be used to execute arbitrary // shell commands with system() below. - if (strpbrk(RotateCommand, "\";'&|`$")) { + if (strpbrk(FileName, "\";'&|`$")) { ErrNonfatal("Command has invalid characters.", 0, 0); unlink(ThumbTempName_in); return FALSE;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
