Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Staging:A
libraw
libraw-CVE-2018-10528.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libraw-CVE-2018-10528.patch of Package libraw
Index: LibRaw-0.18.9/src/libraw_cxx.cpp =================================================================== --- LibRaw-0.18.9.orig/src/libraw_cxx.cpp 2018-04-30 11:13:15.126021499 +0200 +++ LibRaw-0.18.9/src/libraw_cxx.cpp 2018-04-30 11:16:43.677077398 +0200 @@ -5484,17 +5484,18 @@ void x3f_clear(void *p) x3f_delete((x3f_t*)p); } -static char *utf2char(utf16_t *str, char *buffer) +void utf2char(utf16_t *str, char *buffer, unsigned bufsz) { + if(bufsz<1) return; + buffer[bufsz-1] = 0; char *b = buffer; - while (*str != 0x00) { + while (*str != 0x00 && --bufsz>0) { char *chr = (char *)str; *b++ = *chr; str++; } *b = 0; - return buffer; } static void *lr_memmem(const void *l, size_t l_len, const void *s, size_t s_len) @@ -5555,8 +5556,8 @@ void LibRaw::parse_x3f() x3f_property_t *P = PL->property_table.element; for (i=0; i<PL->num_properties; i++) { char name[100], value[100]; - utf2char(P[i].name,name); - utf2char(P[i].value,value); + utf2char(P[i].name,name,sizeof(name)); + utf2char(P[i].value,value,sizeof(value)); if (!strcmp (name, "ISO")) imgdata.other.iso_speed = atoi(value); if (!strcmp (name, "CAMMANUF"))
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor