[SCM] exiv2 packaging branch, master, updated. debian/0.25-3.1-3734-gdcbc29a
Maximiliano Curia
maxy at moszumanska.debian.org
Thu Jul 13 17:43:38 UTC 2017
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-extras/exiv2.git;a=commitdiff;h=6c80ee6
The following commit has been merged in the master branch:
commit 6c80ee68a1992a83e7fd3625da05a4d52b490ec4
Author: Abhinav Badola <mail.abu.to at gmail.com>
Date: Tue Mar 26 21:11:08 2013 +0000
#890: Fixed some possible issues of crashing due to underflow in buffers in quicktimevideo.cpp
---
src/quicktimevideo.cpp | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/quicktimevideo.cpp b/src/quicktimevideo.cpp
index 05f173b..a4957d8 100644
--- a/src/quicktimevideo.cpp
+++ b/src/quicktimevideo.cpp
@@ -668,6 +668,7 @@ namespace Exiv2 {
if(size < 8)
return;
+// std::cerr<<"
Tag=>"<<buf.pData_<<" size=>"<<size-8;
tagDecoder(buf,size-8);
} // QuickTimeVideo::decodeBlock
@@ -1079,9 +1080,9 @@ namespace Exiv2 {
xmpData_[exvGettext(td->label_)] = Exiv2::toString(Exiv2::getULong( buf.pData_, bigEndian));
// Sanity check with an "unreasonably" large number
- if (dataLength > 200) {
+ if (dataLength > 200 || dataLength < 4) {
#ifndef SUPPRESS_WARNINGS
- EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be larger than 200."
+ EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be of inapropriate size."
<< " Entries considered invalid. Not Processed.
";
#endif
io_->seek(io_->tell() + dataLength - 4, BasicIo::beg);
@@ -1097,9 +1098,9 @@ namespace Exiv2 {
xmpData_[exvGettext(td->label_)] = Exiv2::toString(Exiv2::getUShort( buf.pData_, bigEndian));
// Sanity check with an "unreasonably" large number
- if (dataLength > 200) {
+ if (dataLength > 200 || dataLength < 2) {
#ifndef SUPPRESS_WARNINGS
- EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be larger than 200."
+ EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be of inapropriate size."
<< " Entries considered invalid. Not Processed.
";
#endif
io_->seek(io_->tell() + dataLength - 2, BasicIo::beg);
@@ -1116,9 +1117,9 @@ namespace Exiv2 {
xmpData_[exvGettext(td->label_)] = Exiv2::toString((double)Exiv2::getULong( buf.pData_, bigEndian) / (double)Exiv2::getULong( buf2.pData_, bigEndian));
// Sanity check with an "unreasonably" large number
- if (dataLength > 200) {
+ if (dataLength > 200 || dataLength < 8) {
#ifndef SUPPRESS_WARNINGS
- EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be larger than 200."
+ EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be of inapropriate size."
<< " Entries considered invalid. Not Processed.
";
#endif
io_->seek(io_->tell() + dataLength - 8, BasicIo::beg);
@@ -1135,9 +1136,9 @@ namespace Exiv2 {
xmpData_[exvGettext(td->label_)] = Exiv2::toString(Exiv2::getUShort( buf.pData_, bigEndian) ) + " " + Exiv2::toString(Exiv2::getUShort( buf2.pData_, bigEndian));
// Sanity check with an "unreasonably" large number
- if (dataLength > 200) {
+ if (dataLength > 200 || dataLength < 4) {
#ifndef SUPPRESS_WARNINGS
- EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be larger than 200."
+ EXV_ERROR << "Xmp.video Nikon Tags, dataLength was found to be of inapropriate size."
<< " Entries considered invalid. Not Processed.
";
#endif
io_->seek(io_->tell() + dataLength - 4, BasicIo::beg);
--
exiv2 packaging
More information about the pkg-kde-commits
mailing list