File CVE-2019-13110.patch of Package exiv2.26214

Index: exiv2-0.23/src/crwimage.cpp
===================================================================
--- exiv2-0.23.orig/src/crwimage.cpp
+++ exiv2-0.23/src/crwimage.cpp
@@ -459,14 +459,14 @@ namespace Exiv2 {
         if (size < 4)
             throw Error(33);
         uint32_t o = getULong(pData + size - 4, byteOrder);
-        if (o + 2 > size) throw Error(33);
+        if (o > size - 2) throw Error(33);
         uint16_t count = getUShort(pData + o, byteOrder);
 #ifdef DEBUG
         std::cout << "Directory at offset " << std::dec << o
                   <<", " << count << " entries \n";
 #endif
         o += 2;
-        if ( (o + (count * 10)) > size )
+        if ( static_cast<uint32_t>(count) * 10 > size-o )
             throw Error(33);
 
         for (uint16_t i = 0; i < count; ++i) {

Places

File CVE-2019-13110.patch of Package exiv2.26214

Places