File CVE-2018-20097.patch of Package exiv2-0_26
From 9296067b95b39bc055112b91d2f4031b7b542aec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
Date: Tue, 12 Feb 2019 22:30:58 +0100
Subject: [PATCH] Fix access to null pointer in TiffParser
---
src/tiffimage_int.cpp | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
Index: exiv2-0.26/src/tiffimage.cpp
===================================================================
--- exiv2-0.26.orig/src/tiffimage.cpp
+++ exiv2-0.26/src/tiffimage.cpp
@@ -2040,10 +2040,8 @@ namespace Exiv2 {
TiffFinder finder(0x00fe, imageGroups[i]);
pSourceDir->accept(finder);
TiffEntryBase* te = dynamic_cast<TiffEntryBase*>(finder.result());
- if ( te
- && te->pValue()->typeId() == unsignedLong
- && te->pValue()->count() == 1
- && (te->pValue()->toLong() & 1) == 0) {
+ const Value* pV = te != NULL ? te->pValue() : NULL;
+ if (pV && pV->typeId() == unsignedLong && pV->count() == 1 && (pV->toLong() & 1) == 0) {
primaryGroups.push_back(te->group());
}
}