File CVE-2019-17402.patch of Package exiv2.26842

Index: exiv2-0.26/src/crwimage.cpp
===================================================================
--- exiv2-0.26.orig/src/crwimage.cpp
+++ exiv2-0.26/src/crwimage.cpp
@@ -442,6 +442,9 @@ namespace Exiv2 {
 #ifdef DEBUG
         std::cout << "Reading directory 0x" << std::hex << tag() << "\n";
 #endif
+        if (this->offset() + this->size() > size)
+            throw Error(kerOffsetOutOfRange);
+
         readDirectory(pData + offset(), this->size(), byteOrder);
 #ifdef DEBUG
         std::cout << "<---- 0x" << std::hex << tag() << "\n";