compat-exiv2-026/SOURCES/exiv2-CVE-2017-17723-1.patch

From c037d7377bc7bd63acc3f240101ff44002d19027 Mon Sep 17 00:00:00 2001
From: clanmills <robin@clanmills.com>
Date: Tue, 26 Sep 2017 21:37:53 +0100
Subject: =?UTF-8?q?Fix=20https://github.com/Exiv2/exiv2/issues/55=20=20Tha?=
 =?UTF-8?q?nk=20You,=20Rapha=C3=ABl=20Hertzog.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit


diff --git a/include/exiv2/value.hpp b/include/exiv2/value.hpp
index b61c0f44..2078c6bd 100644
--- a/include/exiv2/value.hpp
+++ b/include/exiv2/value.hpp
@@ -1663,7 +1663,7 @@ namespace Exiv2 {
     template<>
     inline long ValueType<Rational>::toLong(long n) const
     {
-        ok_ = (value_[n].second != 0);
+        ok_ = (value_[n].second != 0 && INT_MIN < value_[n].first && value_[n].first < INT_MAX );
         if (!ok_) return 0;
         return value_[n].first / value_[n].second;
     }
diff --git a/test/bugfixes-test.sh b/test/bugfixes-test.sh
index f91c6759..c90ae559 100755
--- a/test/bugfixes-test.sh
+++ b/test/bugfixes-test.sh
@@ -602,6 +602,7 @@ source ./functions.source
     runTest exiv2 -pX                   $filename | xmllint --format -
 
     num=1231
+    printf "$num " >&3
     for X in a b; do
       filename=exiv2-bug$num$X.jpg
       echo '------>' Bug $filename '<-------' >&2
@@ -622,6 +623,7 @@ source ./functions.source
     runTest exiv2 -pa                   $filename
 
     num=1252
+    printf "$num " >&3
     for X in a b; do
       filename=exiv2-bug$num$X.exv
       echo '------>' Bug $filename '<-------' >&2
@@ -629,6 +631,13 @@ source ./functions.source
       runTest exiv2 -pa --grep lens/i   $filename
     done
 
+    num=g55
+    printf "$num " >&3
+    filename=POC8
+    echo '------>' Bug $filename '<-------' >&2
+    copyTestFile                      $filename
+    runTest exiv2                     $filename 2>/dev/null
+
 ) 3>&1 > $results 2>&1
 
 printf "\n"
diff --git a/test/data/bugfixes-test.out b/test/data/bugfixes-test.out
index d8754025..53d45dc5 100644
Binary files a/test/data/bugfixes-test.out and b/test/data/bugfixes-test.out differ