Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.2
libexif
bug-771229_CVE-2012-2841.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bug-771229_CVE-2012-2841.patch of Package libexif
Update of /cvsroot/libexif/libexif/libexif In directory vz-cvs-4.sog:/tmp/cvs-serv18407/libexif Modified Files: exif-entry.c Log Message: Fixed a buffer overflow problem in exif_entry_get_value If the application passed in a buffer length of 0, then it would be treated as the buffer had unlimited length. This fixes CVE-2012-2841 Index: libexif/exif-entry.c =================================================================== --- libexif/exif-entry.c.orig +++ libexif/exif-entry.c @@ -862,14 +862,15 @@ exif_entry_get_value (ExifEntry *e, char */ bindtextdomain (GETTEXT_PACKAGE, LOCALEDIR); + if (!e || !e->parent || !e->parent->parent || !maxlen) + return val; + /* make sure the returned string is zero terminated */ memset (val, 0, maxlen); maxlen--; memset (b, 0, sizeof (b)); /* We need the byte order */ - if (!e || !e->parent || !e->parent->parent) - return val; o = exif_data_get_byte_order (e->parent->parent); /* Sanity check */ @@ -927,17 +928,16 @@ exif_entry_get_value (ExifEntry *e, char /* * If we reach this point, the tag does not - * comply with the standard and seems to contain data. + * comply with the standard but seems to contain data. * Print as much as possible. */ exif_entry_log (e, EXIF_LOG_CODE_DEBUG, _("Tag UserComment does not comply " "with standard but contains data.")); - for (; (i < e->size) && (strlen (val) < maxlen - 1); i++) { + for (j = 0; (i < e->size) && (j < maxlen); i++, j++) { exif_entry_log (e, EXIF_LOG_CODE_DEBUG, _("Byte at position %i: 0x%02x"), i, e->data[i]); - val[strlen (val)] = - isprint (e->data[i]) ? e->data[i] : '.'; + val[j] = isprint (e->data[i]) ? e->data[i] : '.'; } break;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor