File CVE-2018-6612.patch of Package jhead.9036

From: Ludovic Rousseau <rousseau@debian.org>
Date: Sat, 3 Feb 2018 10:23:09 +0100
Subject: Fix heap buffer overflow
Upstream: dead
Bug-Debian: http://bugs.debian.org/889272

Fixed an integer underflow bug in the process_EXIF function of
the exif.c file of raises a heap-based buffer over-read when processing a
malicious JPEGfile, which may allow a remote attacker to cause a DoS

CVE-2018-6612 boo#1079349

--- jhead-3.00.orig/exif.c
+++ jhead-3.00/exif.c
@@ -1019,7 +1019,7 @@ void process_EXIF (unsigned char * ExifS
 
     FirstOffset = Get32u(ExifSection+12);
     if (FirstOffset < 8 || FirstOffset > 16){
-        if (FirstOffset < 16 || FirstOffset > length-16){
+        if (FirstOffset < 16 || length < 16 || FirstOffset > length-16){
             ErrNonfatal("invalid offset for first Exif IFD value",0,0);
             return;
         }