File CVE-2022-3953.patch of Package exiv2

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2022-3953.patch of Package exiv2 (Revision edfc609cf865a78b3f2fb403135d0b95)

Currently displaying revision edfc609cf865a78b3f2fb403135d0b95 , Show latest

From 771ead87321ae6e39e5c9f6f0855c58cde6648f1 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Wed, 26 Oct 2022 22:07:11 +0100
Subject: [PATCH] Credit to OSS-Fuzz:
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52731 Stop looping when
 eof is hit.

---
 src/quicktimevideo.cpp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Index: exiv2-0.27.5/src/quicktimevideo.cpp
===================================================================
--- exiv2-0.27.5.orig/src/quicktimevideo.cpp
+++ exiv2-0.27.5/src/quicktimevideo.cpp
@@ -1304,11 +1304,11 @@ namespace Exiv2 {
         DataBuf buf(4+1);
         io_->read(buf.pData_, 4);
         io_->read(buf.pData_, 4);
-        uint64_t noOfEntries;
+        uint32_t noOfEntries;
 
         noOfEntries = returnUnsignedBufValue(buf);
 
-        for(unsigned long i = 1; i <= noOfEntries; i++)
+        for(uint32_t i = 0; i < noOfEntries && continueTraversing_; i++)
             decodeBlock();
     } // QuickTimeVideo::multipleEntriesDecoder

Places

File CVE-2022-3953.patch of Package exiv2 (Revision edfc609cf865a78b3f2fb403135d0b95)

Places