Overview

File CVE-2021-29473.patch of Package exiv2.30965

From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 23 Apr 2021 11:44:44 +0100
Subject: [PATCH 2/2] Add bounds check in Jp2Image::doWriteMetadata().

---
 src/jp2image.cpp | 1 +
 1 file changed, 1 insertion(+)

Index: exiv2-0.23/src/jp2image.cpp
===================================================================
--- exiv2-0.23.orig/src/jp2image.cpp
+++ exiv2-0.23/src/jp2image.cpp
@@ -44,6 +44,7 @@ EXIV2_RCSID("@(#) $Id: jp2image.cpp 2681
 #include "tiffimage.hpp"
 #include "image.hpp"
 #include "basicio.hpp"
+#include "enforce.hpp"
 #include "error.hpp"
 #include "futils.hpp"
 
@@ -578,6 +579,7 @@ static void boxes_check(size_t b,size_t
 
                 case kJp2BoxTypeUuid:
                 {
+                    enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata);
                     if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, sizeof(16)) == 0)
                     {
 #ifdef DEBUG
openSUSE Build Service is sponsored by
Places