Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
exempi
CVE-2020-18651.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2020-18651.patch of Package exempi
diff -urp exempi-2.2.1.orig/source/XMPFiles/FormatSupport/ID3_Support.hpp exempi-2.2.1/source/XMPFiles/FormatSupport/ID3_Support.hpp --- exempi-2.2.1.orig/source/XMPFiles/FormatSupport/ID3_Support.hpp 2013-05-25 16:48:42.000000000 -0500 +++ exempi-2.2.1/source/XMPFiles/FormatSupport/ID3_Support.hpp 2023-09-19 15:53:08.819291508 -0500 @@ -535,6 +535,11 @@ namespace ID3_Support return false; // not a frame of interest! bool bigEndian = true; // assume for now (if no BOM follows) + + if (pos + 2 > this->contentSize) { + // No enough for the string + break; + } if ( GetUns16BE(&content[pos]) == 0xFEFF ) { pos += 2; @@ -550,6 +555,10 @@ namespace ID3_Support } break; case 3: // UTF-8 unicode, terminated \0 + if (pos + 4 > this->contentSize) { + // No enough for the string + break; + } // swallow any BOM, just in case if ( (GetUns32BE(&content[pos]) & 0xFFFFFF00 ) == 0xEFBBBF00 ) pos += 3;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor