[SCM] exiv2 packaging branch, master, updated. debian/0.25-3.1-3734-gdcbc29a
Maximiliano Curia
maxy at moszumanska.debian.org
Thu Jul 13 17:41:00 UTC 2017
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-extras/exiv2.git;a=commitdiff;h=e8f8f2c
The following commit has been merged in the master branch:
commit e8f8f2c14d31c77ccc86fc18bd49e387667fef83
Author: Andreas Huggel <ahuggel at gmx.net>
Date: Tue Dec 29 10:45:39 2009 +0000
#664: Check key size before comparing it.
---
src/pngchunk.cpp | 35 +++++++++++++++++++++--------------
src/pngchunk_int.hpp | 3 ++-
src/pngimage.cpp | 22 +++++++++-------------
3 files changed, 32 insertions(+), 28 deletions(-)
diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
index c676c27..744605a 100644
--- a/src/pngchunk.cpp
+++ b/src/pngchunk.cpp
@@ -103,7 +103,7 @@ namespace Exiv2 {
std::cout << "Exiv2::PngChunk::decodeTXTChunk: TXT chunk data: "
<< std::string((const char*)arr.pData_, 32) << "
";
#endif
- parseChunkContent(pImage, key.pData_, arr);
+ parseChunkContent(pImage, key.pData_, key.size_, arr);
} // PngChunk::decodeTXTChunk
@@ -111,7 +111,7 @@ namespace Exiv2 {
{
// From a tEXt, zTXt, or iTXt chunk,
// we get the key, it's a null terminated string at the chunk start
-
+ if (data.size_ <= (stripHeader ? 8 : 0)) throw Error(14);
const byte *key = data.pData_ + (stripHeader ? 8 : 0);
// Find null string at end of key.
@@ -162,7 +162,6 @@ namespace Exiv2 {
const byte* text = data.pData_ + keysize + 1;
long textsize = data.size_ - keysize - 1;
- arr.alloc(textsize);
arr = DataBuf(text, textsize);
}
else if(type == iTXt_Chunk)
@@ -228,13 +227,17 @@ namespace Exiv2 {
} // PngChunk::parsePngChunk
- void PngChunk::parseChunkContent(Image* pImage, const byte *key, const DataBuf arr)
+ void PngChunk::parseChunkContent( Image* pImage,
+ const byte* key,
+ long keySize,
+ const DataBuf arr)
{
// We look if an ImageMagick EXIF raw profile exist.
- if ( (memcmp("Raw profile type exif", key, 21) == 0 ||
- memcmp("Raw profile type APP1", key, 21) == 0) &&
- pImage->exifData().empty())
+ if ( keySize >= 21
+ && ( memcmp("Raw profile type exif", key, 21) == 0
+ || memcmp("Raw profile type APP1", key, 21) == 0)
+ && pImage->exifData().empty())
{
DataBuf exifData = readRawProfile(arr);
long length = exifData.size_;
@@ -282,7 +285,8 @@ namespace Exiv2 {
// We look if an ImageMagick IPTC raw profile exist.
- if ( memcmp("Raw profile type iptc", key, 21) == 0
+ if ( keySize >= 21
+ && memcmp("Raw profile type iptc", key, 21) == 0
&& pImage->iptcData().empty()) {
DataBuf psData = readRawProfile(arr);
if (psData.size_ > 0) {
@@ -332,8 +336,9 @@ namespace Exiv2 {
// We look if an ImageMagick XMP raw profile exist.
- if ( memcmp("Raw profile type xmp", key, 20) == 0 &&
- pImage->xmpData().empty())
+ if ( keySize >= 20
+ && memcmp("Raw profile type xmp", key, 20) == 0
+ && pImage->xmpData().empty())
{
DataBuf xmpBuf = readRawProfile(arr);
long length = xmpBuf.size_;
@@ -362,8 +367,9 @@ namespace Exiv2 {
// We look if an Adobe XMP string exist.
- if ( memcmp("XML:com.adobe.xmp", key, 17) == 0 &&
- pImage->xmpData().empty())
+ if ( keySize >= 17
+ && memcmp("XML:com.adobe.xmp", key, 17) == 0
+ && pImage->xmpData().empty())
{
if (arr.size_ > 0)
{
@@ -390,8 +396,9 @@ namespace Exiv2 {
// We look if a comments string exist. Note than we use only 'Description' keyword which
// is dedicaced to store long comments. 'Comment' keyword is ignored.
- if ( memcmp("Description", key, 11) == 0 &&
- pImage->comment().empty())
+ if ( keySize >= 11
+ && memcmp("Description", key, 11) == 0
+ && pImage->comment().empty())
{
pImage->comment().assign(reinterpret_cast<char*>(arr.pData_), arr.size_);
}
diff --git a/src/pngchunk_int.hpp b/src/pngchunk_int.hpp
index 90c77da..f1fb8c3 100644
--- a/src/pngchunk_int.hpp
+++ b/src/pngchunk_int.hpp
@@ -134,8 +134,9 @@ namespace Exiv2 {
Xmp packet generated by Adobe ==> Image Xmp metadata.
Description string ==> Image Comments.
*/
- static void parseChunkContent(Image* pImage,
+ static void parseChunkContent( Image* pImage,
const byte* key,
+ long keySize,
const DataBuf arr);
/*!
diff --git a/src/pngimage.cpp b/src/pngimage.cpp
index 0dfd7f0..e56a5f5 100644
--- a/src/pngimage.cpp
+++ b/src/pngimage.cpp
@@ -132,11 +132,7 @@ namespace Exiv2 {
if (io_->error()) throw Error(14);
if (bufRead != cheaderBuf.size_) throw Error(20);
-#ifdef DEBUG
- std::cout << "Exiv2::PngImage::readMetadata: Next Chunk: " << cheaderBuf.pData_ + 4 << "
";
-#endif
// Decode chunk data length.
-
uint32_t dataOffset = Exiv2::getULong(cheaderBuf.pData_, Exiv2::bigEndian);
if (dataOffset > 0x7FFFFFFF) throw Exiv2::Error(14);
@@ -159,35 +155,35 @@ namespace Exiv2 {
{
// Last chunk found: we stop parsing.
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::readMetadata: Found IEND chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::readMetadata: Found IEND chunk (length: " << dataOffset << ")
";
#endif
return;
}
else if (!memcmp(cheaderBuf.pData_ + 4, "IHDR", 4))
{
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::readMetadata: Found IHDR chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::readMetadata: Found IHDR chunk (length: " << dataOffset << ")
";
#endif
PngChunk::decodeIHDRChunk(cdataBuf, &pixelWidth_, &pixelHeight_);
}
else if (!memcmp(cheaderBuf.pData_ + 4, "tEXt", 4))
{
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::readMetadata: Found tEXt chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::readMetadata: Found tEXt chunk (length: " << dataOffset << ")
";
#endif
PngChunk::decodeTXTChunk(this, cdataBuf, PngChunk::tEXt_Chunk);
}
else if (!memcmp(cheaderBuf.pData_ + 4, "zTXt", 4))
{
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::readMetadata: Found zTXt chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::readMetadata: Found zTXt chunk (length: " << dataOffset << ")
";
#endif
PngChunk::decodeTXTChunk(this, cdataBuf, PngChunk::zTXt_Chunk);
}
else if (!memcmp(cheaderBuf.pData_ + 4, "iTXt", 4))
{
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::readMetadata: Found iTXt chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::readMetadata: Found iTXt chunk (length: " << dataOffset << ")
";
#endif
PngChunk::decodeTXTChunk(this, cdataBuf, PngChunk::iTXt_Chunk);
}
@@ -270,7 +266,7 @@ namespace Exiv2 {
{
// Last chunk found: we write it and done.
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::doWriteMetadata: Write IEND chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::doWriteMetadata: Write IEND chunk (length: " << dataOffset << ")
";
#endif
if (outIo.write(chunkBuf.pData_, chunkBuf.size_) != chunkBuf.size_) throw Error(21);
return;
@@ -278,7 +274,7 @@ namespace Exiv2 {
else if (!memcmp(cheaderBuf.pData_ + 4, "IHDR", 4))
{
#ifdef DEBUG
- std::cout << "Exiv2::PngImage::doWriteMetadata: Write IHDR chunk (lenght: " << dataOffset << ")
";
+ std::cout << "Exiv2::PngImage::doWriteMetadata: Write IHDR chunk (length: " << dataOffset << ")
";
#endif
if (outIo.write(chunkBuf.pData_, chunkBuf.size_) != chunkBuf.size_) throw Error(21);
@@ -362,7 +358,7 @@ namespace Exiv2 {
{
#ifdef DEBUG
std::cout << "Exiv2::PngImage::doWriteMetadata: write " << cheaderBuf.pData_ + 4
- << " chunk (lenght: " << dataOffset << ")
";
+ << " chunk (length: " << dataOffset << ")
";
#endif
if (outIo.write(chunkBuf.pData_, chunkBuf.size_) != chunkBuf.size_) throw Error(21);
}
@@ -372,7 +368,7 @@ namespace Exiv2 {
// Write all others chunk as well.
#ifdef DEBUG
std::cout << "Exiv2::PngImage::doWriteMetadata: write " << cheaderBuf.pData_ + 4
- << " chunk (lenght: " << dataOffset << ")
";
+ << " chunk (length: " << dataOffset << ")
";
#endif
if (outIo.write(chunkBuf.pData_, chunkBuf.size_) != chunkBuf.size_) throw Error(21);
--
exiv2 packaging
More information about the pkg-kde-commits
mailing list