[SCM] exiv2 packaging branch, master, updated. debian/0.25-3.1-3734-gdcbc29a

Maximiliano Curia maxy at moszumanska.debian.org
Thu Jul 13 17:39:10 UTC 2017 

Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-extras/exiv2.git;a=commitdiff;h=b75fc59

The following commit has been merged in the master branch:
commit b75fc593f07532192bc98e4bc83ef531c24f74b5
Author: Andreas Huggel <ahuggel at gmx.net>
Date:   Tue Jan 8 15:44:14 2008 +0000

    #537: Check PNG chunk length.
---
 src/pngchunk.cpp | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
index 000fef0..696c6e3 100644
--- a/src/pngchunk.cpp
+++ b/src/pngchunk.cpp
@@ -71,6 +71,13 @@ PNG tags              : http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/PN
 */
 
 // *****************************************************************************
+// local declarations
+namespace {
+    // Return the checked length of a PNG chunk
+    long chunkLength(const Exiv2::byte* pData, long index);
+}
+
+// *****************************************************************************
 // class member definitions
 namespace Exiv2 {
 
@@ -83,7 +90,7 @@ namespace Exiv2 {
 
         // look for a tEXt chunk
         long index = 8;
-        index += getLong(&pData[index], bigEndian) + PNG_CHUNK_HEADER_SIZE;
+        index += chunkLength(pData, index) + PNG_CHUNK_HEADER_SIZE;
 
         while(index < size-PNG_CHUNK_HEADER_SIZE)
         {
@@ -95,7 +102,7 @@ namespace Exiv2 {
                 if (!strncmp((char*)PNG_CHUNK_TYPE(pData, index), "IEND", 4))
                     throw Error(14);
 
-                index += getLong(&pData[index], bigEndian) + PNG_CHUNK_HEADER_SIZE;
+                index += chunkLength(pData, index) + PNG_CHUNK_HEADER_SIZE;
             }
 
             if (index < size-PNG_CHUNK_HEADER_SIZE)
@@ -123,7 +130,7 @@ namespace Exiv2 {
 
                 parseChunkContent(pImage, key, arr);
 
-                index += getLong(&pData[index], bigEndian) + PNG_CHUNK_HEADER_SIZE;
+                index += chunkLength(pData, index) + PNG_CHUNK_HEADER_SIZE;
             }
         }
 
@@ -692,3 +699,14 @@ namespace Exiv2 {
 */
     
 }                                       // namespace Exiv2
+
+// *****************************************************************************
+// local definitions
+namespace {
+    long chunkLength(const Exiv2::byte* pData, long index)
+    {
+        uint32_t length = Exiv2::getULong(&pData[index], Exiv2::bigEndian);
+        if (length > 0x7FFFFFFF) throw Exiv2::Error(14);
+        return static_cast<long>(length);
+    }
+}

-- 
exiv2 packaging

More information about the pkg-kde-commits mailing list