Overview

File bug-771229_CVE-2012-2840.patch of Package libexif.648

Update of /cvsroot/libexif/libexif/libexif
In directory vz-cvs-4.sog:/tmp/cvs-serv18116/libexif

Modified Files:
	exif-utils.c 
Log Message:
Fixed an off-by-one error in exif_convert_utf16_to_utf8()
This can cause a one-byte NUL write past the end of the buffer.
This fixes CVE-2012-2840


Index: exif-utils.c
===================================================================
RCS file: /cvsroot/libexif/libexif/libexif/exif-utils.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -d -r1.16 -r1.17
--- libexif/exif-utils.c	27 Oct 2009 06:06:11 -0000	1.16
+++ libexif/exif-utils.c	12 Jul 2012 17:11:30 -0000	1.17
@@ -239,7 +239,7 @@
 				break;
 			}
 		} else {
-			if (maxlen > 2) {
+			if (maxlen > 3) {
 				*out++ = ((*in >> 12) & 0x0F) | 0xE0;
 				*out++ = ((*in >> 6) & 0x3F) | 0x80;
 				*out++ = (*in++ & 0x3F) | 0x80;


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
libexif-cvs mailing list
libexif-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libexif-cvs
openSUSE Build Service is sponsored by
Places