rpms / compat-exiv2-023

Clone
Source Code
GIT

Blame SOURCES/exiv2-CVE-2021-31291.patch

c7 c7-alt c7-beta
  1.   75b56185ddf3aadc70e599e0db2eee52efb5ebc5
  2.   SOURCES
  3.   exiv2-CVE-2021-31291.patch
Blob History Raw
75b561 
From 13e5a3e02339b746abcaee6408893ca2fd8e289d Mon Sep 17 00:00:00 2001
75b561 
From: Pydera <pydera@mailbox.org>
75b561 
Date: Thu, 8 Apr 2021 17:36:16 +0200
75b561 
Subject: [PATCH] Fix out of buffer access in #1529
75b561
75b561 
---
75b561 
 src/jp2image.cpp | 5 +++--
75b561 
 1 file changed, 3 insertions(+), 2 deletions(-)
75b561
75b561 
diff --git a/src/jp2image.cpp b/src/jp2image.cpp
75b561 
index c3fc1eb..09218b1 100644
75b561 
--- a/src/jp2image.cpp
75b561 
+++ b/src/jp2image.cpp
75b561 
@@ -191,9 +191,10 @@ namespace Exiv2
75b561 
 #endif
75b561 
                 return;
75b561 
             }
75b561 
-            if (box.boxLength == 1)
75b561 
+            if (box.boxLength < 8)
75b561 
             {
75b561 
-                // FIXME. Special case. the real box size is given in another place.
75b561 
+                // box is broken, so there is nothing we can do here
75b561 
+                throw Error(14);
75b561 
             }
75b561
75b561 
             switch(box.boxType)

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation