Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
exiv2
CVE-2019-13110.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2019-13110.patch of Package exiv2
Index: exiv2-0.23/src/crwimage.cpp =================================================================== --- exiv2-0.23.orig/src/crwimage.cpp +++ exiv2-0.23/src/crwimage.cpp @@ -459,14 +459,14 @@ namespace Exiv2 { if (size < 4) throw Error(33); uint32_t o = getULong(pData + size - 4, byteOrder); - if (o + 2 > size) throw Error(33); + if (o > size - 2) throw Error(33); uint16_t count = getUShort(pData + o, byteOrder); #ifdef DEBUG std::cout << "Directory at offset " << std::dec << o <<", " << count << " entries \n"; #endif o += 2; - if ( (o + (count * 10)) > size ) + if ( static_cast<uint32_t>(count) * 10 > size-o ) throw Error(33); for (uint16_t i = 0; i < count; ++i) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
