File CVE-2018-7728.patch of Package exempi.openSUSE_Leap_42.3_Update

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2018-7728.patch of Package exempi.openSUSE_Leap_42.3_Update

References: e163667a06a9b656a047b0ec660b871f29a83c9f Mon Sep 17 00:00:00 2001
From: Karol Babioch <kbabioch@suse.de>
Date: Wed Mar 14 15:11:19 CET 2018
Upstream: merged
Subject: Fix for CVE-2018-7728

Backport from upstream. (bsc#1085297)

---
 source/XMPFiles/FileHandlers/TIFF_Handler.cpp |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Index: exempi-2.2.2/source/XMPFiles/FileHandlers/TIFF_Handler.cpp
===================================================================
--- exempi-2.2.2.orig/source/XMPFiles/FileHandlers/TIFF_Handler.cpp
+++ exempi-2.2.2/source/XMPFiles/FileHandlers/TIFF_Handler.cpp
@@ -228,7 +228,10 @@ void TIFF_MetaHandler::ProcessXMP()
 
 			iptcDigestState = PhotoDataUtils::CheckIPTCDigest ( iptcInfo.dataPtr, iptcInfo.dataLen, digestInfo.dataPtr );
 			
-			if ( (iptcDigestState == kDigestDiffers) && (kTIFF_TypeSizes[iptcInfo.type] > 1) ) {
+                        // See bug https://bugs.freedesktop.org/show_bug.cgi?id=105205
+                        // if iptcInfo.dataLen is 0, then there is no digest.
+                        if ( (iptcDigestState == kDigestDiffers) && (kTIFF_TypeSizes[iptcInfo.type] > 1) && iptcInfo.dataLen > 0 ) {
+
 				XMP_Uns8 * endPtr = (XMP_Uns8*)iptcInfo.dataPtr + iptcInfo.dataLen - 1;
 				XMP_Uns8 * minPtr = endPtr - kTIFF_TypeSizes[iptcInfo.type] + 1;
 				while ( (endPtr >= minPtr) && (*endPtr == 0) ) --endPtr;

Places

File CVE-2018-7728.patch of Package exempi.openSUSE_Leap_42.3_Update

Places