rpms / exiv2

Clone
Source Code
GIT

Blame SOURCES/exiv2-CVE-2021-29473.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   e4b251947d653200a60e1dcf3ea629758abf9c5c
  2.   SOURCES
  3.   exiv2-CVE-2021-29473.patch
Blob History Raw
8ca4c1 
From e6a0982f7cd9282052b6e3485a458d60629ffa0b Mon Sep 17 00:00:00 2001
8ca4c1 
From: Kevin Backhouse <kevinbackhouse@github.com>
8ca4c1 
Date: Fri, 23 Apr 2021 11:44:44 +0100
8ca4c1 
Subject: [PATCH 2/2] Add bounds check in Jp2Image::doWriteMetadata().
8ca4c1
8ca4c1 
---
8ca4c1 
 src/jp2image.cpp | 1 +
8ca4c1 
 1 file changed, 1 insertion(+)
8ca4c1
8ca4c1 
diff --git a/src/jp2image.cpp b/src/jp2image.cpp
8ca4c1 
index 1694fed27..ca8c9ddbb 100644
8ca4c1 
--- a/src/jp2image.cpp
8ca4c1 
+++ b/src/jp2image.cpp
8ca4c1 
@@ -908,6 +908,7 @@ static void boxes_check(size_t b,size_t m)
8ca4c1
8ca4c1 
                 case kJp2BoxTypeUuid:
8ca4c1 
                 {
8ca4c1 
+                    enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata);
8ca4c1 
                     if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, 16) == 0)
8ca4c1 
                     {
8ca4c1 
 #ifdef EXIV2_DEBUG_MESSAGES

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation