[SCM] exiv2 packaging branch, master, updated. debian/0.25-3.1-3734-gdcbc29a
Maximiliano Curia
maxy at moszumanska.debian.org
Thu Jul 13 17:38:13 UTC 2017
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-extras/exiv2.git;a=commitdiff;h=0b589cf
The following commit has been merged in the master branch:
commit 0b589cf1594c23d5b4db68d98433c740a458ecb8
Author: Andreas Huggel <ahuggel at gmx.net>
Date: Sun Jan 7 11:03:28 2007 +0000
Check size of IPTC dataset before decoding it. Fixes bug #503.
---
src/iptc.cpp | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/iptc.cpp b/src/iptc.cpp
index 422e558..eeb9d42 100644
--- a/src/iptc.cpp
+++ b/src/iptc.cpp
@@ -165,7 +165,16 @@ namespace Exiv2 {
sizeData = getUShort(pRead, bigEndian);
pRead += 2;
}
- readData(dataSet, record, pRead, sizeData);
+ if (pRead + sizeData <= buf + len) {
+ readData(dataSet, record, pRead, sizeData);
+ }
+#ifndef SUPPRESS_WARNINGS
+ else {
+ std::cerr << "Warning: "
+ << "IPTC dataset " << IptcKey(dataSet, record)
+ << " has invalid size " << sizeData << "; skipped.
";
+ }
+#endif
pRead += sizeData;
}
--
exiv2 packaging
More information about the pkg-kde-commits
mailing list