File php7-CVE-2019-11041.patch of Package php7

X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=aa272c1d2b2df09593f7d2b98b46f4c64f2f0bfb;hp=e04290376ce57cdcc1c7e1dfad9f323d8cfb98bb;hb=f22101c8308669bb63c03a73a2cac2408d844f38;hpb=d561a998c9313749ad2b488685e5c2bec661bc69

diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index e042903..aa272c1 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3892,7 +3892,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
 	size_t          length=2, pos=0;
 	jpeg_sof_info   sof_info;
 
-	if (!data) {
+	if (!data || ImageInfo->Thumbnail.size < 4) {
 		return FALSE; /* nothing to do here */
 	}
 	if (memcmp(data, "\xFF\xD8\xFF", 3)) {
openSUSE Build Service is sponsored by