File php-CVE-2016-7128.patch of Package php5.openSUSE_Leap_42.1_Update
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3768,8 +3768,11 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse
fgot = php_stream_read(ImageInfo->infile, ImageInfo->Thumbnail.data, ImageInfo->Thumbnail.size);
if (fgot < ImageInfo->Thumbnail.size) {
EXIF_ERRLOG_THUMBEOF(ImageInfo)
+ efree(ImageInfo->Thumbnail.data);
+ ImageInfo->Thumbnail.data = NULL;
+ } else {
+ exif_thumbnail_build(ImageInfo TSRMLS_CC);
}
- exif_thumbnail_build(ImageInfo TSRMLS_CC);
}
#ifdef EXIF_DEBUG
exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read next IFD (THUMBNAIL) done");