Tree - rpms/exempi - CentOS Git server

rpms / exempi

Files

Commit: a3db16dbfd2b567a14f11ef0b7678ea642580d09

Blob Blame History Raw

From 1b08dc2917b5d5972a3f87be3e9b76a4f3398d8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hubert=20Figui=C3=A8re?= <hub@figuiere.net>
Date: Mon, 14 Aug 2017 23:57:51 -0400
Subject: [PATCH 1/5] Bug 102151 - RIFF: fix an infinite loop cause by an
 overflow

---
 source/XMPFiles/FormatSupport/RIFF.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source/XMPFiles/FormatSupport/RIFF.cpp b/source/XMPFiles/FormatSupport/RIFF.cpp
index 3992edd..00f67e5 100644
--- a/source/XMPFiles/FormatSupport/RIFF.cpp
+++ b/source/XMPFiles/FormatSupport/RIFF.cpp
@@ -155,7 +155,8 @@ Chunk::Chunk( ContainerChunk* parent, RIFF_MetaHandler* handler, bool skip, Chun
 
 	this->oldPos = LFA_Tell( file );
 	this->id = LFA_ReadUns32_LE( file );
-	this->oldSize = LFA_ReadUns32_LE( file ) + 8;
+	this->oldSize = LFA_ReadUns32_LE( file );
+	this->oldSize += 8;
 
 	// Make sure the size is within expected bounds.
 	XMP_Int64 chunkEnd = this->oldPos + this->oldSize;
-- 
2.17.2

rpms / exempi

Source Code

Files