Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
exiv2.26596
CVE-2021-31291.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-31291.patch of Package exiv2.26596
From 13e5a3e02339b746abcaee6408893ca2fd8e289d Mon Sep 17 00:00:00 2001 From: Pydera <pydera@mailbox.org> Date: Thu, 8 Apr 2021 17:36:16 +0200 Subject: [PATCH] Fix out of buffer access in #1529 --- src/jp2image.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/jp2image.cpp b/src/jp2image.cpp index 1892fd4..01a21f2 100644 --- a/src/jp2image.cpp +++ b/src/jp2image.cpp @@ -737,9 +737,10 @@ namespace Exiv2 #endif box.length = io_->size() - io_->tell() + 8; } - if (box.length == 1) + if (box.length < 8) { - // FIXME. Special case. the real box size is given in another place. + // box is broken, so there is nothing we can do here + throw Error(kerCorruptedMetadata); } // Read whole box : Box header + Box data (not fixed size - can be null).
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor