File php-CVE-2019-11040.patch of Package php7

X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=605b37923f888d320a87947a58f19fd2122475e8;hp=d174def80c1355fc54d09a0ae754ced64d85768d;hb=73ff4193be24192c894dc0502d06e2b2db35eefb;hpb=16e037bd46359a31f218ee220ff09f1c3270e489

diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index d174def..605b379 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3526,6 +3526,8 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
 		if (c == 0xFF)
 			return FALSE;
 		marker = c;
+		if (pos>=ImageInfo->Thumbnail.size)
+			return FALSE;
 		length = php_jpg_get16(data+pos);
 		if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) {
 			return FALSE;
openSUSE Build Service is sponsored by