File CVE-2020-18651.patch of Package exempi.30702

diff -urp exempi-2.2.1.orig/source/XMPFiles/FormatSupport/ID3_Support.hpp exempi-2.2.1/source/XMPFiles/FormatSupport/ID3_Support.hpp
--- exempi-2.2.1.orig/source/XMPFiles/FormatSupport/ID3_Support.hpp	2013-05-25 16:48:42.000000000 -0500
+++ exempi-2.2.1/source/XMPFiles/FormatSupport/ID3_Support.hpp	2023-09-19 15:53:08.819291508 -0500
@@ -535,6 +535,11 @@ namespace ID3_Support
 							return false; // not a frame of interest!
 
 					bool bigEndian = true;	// assume for now (if no BOM follows)
+
+			if (pos + 2 > this->contentSize) {
+				// No enough for the string
+				break;
+			}
 					if ( GetUns16BE(&content[pos]) == 0xFEFF )
 					{
 						pos += 2;
@@ -550,6 +555,10 @@ namespace ID3_Support
 				}
 				break;
 			case 3: // UTF-8 unicode, terminated \0
+			if (pos + 4 > this->contentSize) {
+				// No enough for the string
+				break;
+			}
 					// swallow any BOM, just in case
 					if ( (GetUns32BE(&content[pos]) & 0xFFFFFF00 ) == 0xEFBBBF00 )
 						pos += 3;