- eviv2-0.16
This commit is contained in:
Rex Dieter
parent
f7aa4b88f5
commit
ad15fd2e52
@ -3,3 +3,4 @@ exiv2-0.12.tar.gz
|
||||
exiv2-0.14.tar.gz
|
||||
exiv2-0.15.tar.gz
|
||||
exiv2-0.16-pre1.tar.gz
|
||||
exiv2-0.16.tar.gz
|
||||
|
||||
@ -1,89 +0,0 @@
|
||||
--- trunk/src/exif.cpp 2007/09/24 14:30:10 1231
|
||||
+++ trunk/src/exif.cpp 2007/12/14 17:13:21 1346
|
||||
@@ -212,11 +212,13 @@
|
||||
ExifData::const_iterator sizes;
|
||||
ExifKey key("Exif.Thumbnail.StripByteCounts");
|
||||
sizes = exifData.findKey(key);
|
||||
- if (sizes == exifData.end()) return 2;
|
||||
+ if (sizes == exifData.end()) return 1;
|
||||
|
||||
- long totalSize = 0;
|
||||
+ uint32_t totalSize = 0;
|
||||
for (long i = 0; i < sizes->count(); ++i) {
|
||||
- totalSize += sizes->toLong(i);
|
||||
+ uint32_t size = sizes->toLong(i);
|
||||
+ if (size > 0xffffffff - totalSize) return 1;
|
||||
+ totalSize += size;
|
||||
}
|
||||
DataBuf stripsBuf(totalSize);
|
||||
|
||||
@@ -225,21 +227,23 @@
|
||||
ExifData::iterator stripOffsets;
|
||||
key = ExifKey("Exif.Thumbnail.StripOffsets");
|
||||
stripOffsets = exifData.findKey(key);
|
||||
- if (stripOffsets == exifData.end()) return 2;
|
||||
- if (stripOffsets->count() != sizes->count()) return 2;
|
||||
+ if (stripOffsets == exifData.end()) return 1;
|
||||
+ if (stripOffsets->count() != sizes->count()) return 1;
|
||||
|
||||
std::ostringstream os; // for the strip offsets
|
||||
- long currentOffset = 0;
|
||||
- long firstOffset = stripOffsets->toLong(0);
|
||||
- long lastOffset = 0;
|
||||
- long lastSize = 0;
|
||||
+ uint32_t currentOffset = 0;
|
||||
+ uint32_t firstOffset = stripOffsets->toLong(0);
|
||||
+ uint32_t lastOffset = 0;
|
||||
+ uint32_t lastSize = 0;
|
||||
for (long i = 0; i < stripOffsets->count(); ++i) {
|
||||
- long offset = stripOffsets->toLong(i);
|
||||
+ uint32_t offset = stripOffsets->toLong(i);
|
||||
lastOffset = offset;
|
||||
- long size = sizes->toLong(i);
|
||||
+ uint32_t size = sizes->toLong(i);
|
||||
lastSize = size;
|
||||
- if (len < offset + size) return 1;
|
||||
-
|
||||
+ if ( size > 0xffffffff - offset
|
||||
+ || static_cast<uint32_t>(len) < offset + size) {
|
||||
+ return 2;
|
||||
+ }
|
||||
std::memcpy(stripsBuf.pData_ + currentOffset, buf + offset, size);
|
||||
os << currentOffset << " ";
|
||||
currentOffset += size;
|
||||
@@ -300,12 +304,15 @@
|
||||
ExifKey key("Exif.Thumbnail.JPEGInterchangeFormat");
|
||||
ExifData::iterator format = exifData.findKey(key);
|
||||
if (format == exifData.end()) return 1;
|
||||
- long offset = format->toLong();
|
||||
+ uint32_t offset = format->toLong();
|
||||
key = ExifKey("Exif.Thumbnail.JPEGInterchangeFormatLength");
|
||||
ExifData::const_iterator length = exifData.findKey(key);
|
||||
if (length == exifData.end()) return 1;
|
||||
- long size = length->toLong();
|
||||
- if (len < offset + size) return 2;
|
||||
+ uint32_t size = length->toLong();
|
||||
+ if ( size > 0xffffffff - offset
|
||||
+ || static_cast<uint32_t>(len) < offset + size) {
|
||||
+ return 2;
|
||||
+ }
|
||||
format->setDataArea(buf + offset, size);
|
||||
format->setValue("0");
|
||||
if (pIfd1) {
|
||||
@@ -592,8 +599,14 @@
|
||||
if (pIopIfd_) add(pIopIfd_->begin(), pIopIfd_->end(), byteOrder());
|
||||
if (pGpsIfd_) add(pGpsIfd_->begin(), pGpsIfd_->end(), byteOrder());
|
||||
if (pIfd1_) add(pIfd1_->begin(), pIfd1_->end(), byteOrder());
|
||||
- // Read the thumbnail (but don't worry whether it was successful or not)
|
||||
- readThumbnail();
|
||||
+ // Finally, read the thumbnail
|
||||
+ rc = readThumbnail();
|
||||
+ if (0 < rc) {
|
||||
+#ifndef SUPPRESS_WARNINGS
|
||||
+ std::cerr << "Warning: Failed to read thumbnail, rc = "
|
||||
+ << rc << "\n";
|
||||
+#endif
|
||||
+ }
|
||||
|
||||
return 0;
|
||||
} // ExifData::load
|
||||
13
exiv2.spec
13
exiv2.spec
@ -1,6 +1,4 @@
|
||||
|
||||
%define pre pre1
|
||||
|
||||
%if 0%{?fedora} > 7
|
||||
# make -libs subpkg
|
||||
%define libs 1
|
||||
@ -9,7 +7,7 @@
|
||||
Summary: Exif and Iptc metadata manipulation library
|
||||
Name: exiv2
|
||||
Version: 0.16
|
||||
Release: 0.3.%{?pre}%{?dist}
|
||||
Release: 1%{?dist}
|
||||
|
||||
License: GPLv2+
|
||||
Group: Applications/Multimedia
|
||||
@ -24,8 +22,7 @@ BuildRequires: zlib-devel
|
||||
# docs
|
||||
#BuildRequires: doxygen graphviz libxslt
|
||||
|
||||
Patch2: exiv2-0.9.1-deps.patch
|
||||
Patch3: exiv-0.16-CVE-2007-6353.patch
|
||||
Patch1: exiv2-0.9.1-deps.patch
|
||||
|
||||
%if 0%{?libs}
|
||||
Requires: %{name}-libs = %{version}-%{release}
|
||||
@ -74,8 +71,7 @@ methods for Exif thumbnails, classes to access Ifd and so on.
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}%{?pre:-%{pre}}
|
||||
|
||||
%patch2 -p1 -b .deps
|
||||
%patch3 -p1 -b .CVE-2007-6353
|
||||
%patch1 -p1 -b .deps
|
||||
|
||||
mkdir doc/html
|
||||
|
||||
@ -136,6 +132,9 @@ rm -rf %{buildroot}
|
||||
|
||||
|
||||
%changelog
|
||||
* Sun Jan 13 2008 Rex Dieter <rdieter[AT]fedoraproject.org> 0.16-1
|
||||
- eviv2-0.16
|
||||
|
||||
* Mon Dec 17 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.16-0.3.pre1
|
||||
- CVE-2007-6353 (#425924)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user