exiv2/exiv2-CVE-2021-29623.patch

From 82e46b5524fb904e6660dadd2c6d8e5e47375a1a Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Tue, 11 May 2021 12:14:33 +0100
Subject: [PATCH] Use readOrThrow to check error conditions of iIo.read().

---
 src/webpimage.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/webpimage.cpp b/src/webpimage.cpp
index 7c64ff3d7..ca26e514a 100644
--- a/src/webpimage.cpp
+++ b/src/webpimage.cpp
@@ -754,9 +754,9 @@ namespace Exiv2 {
         byte webp[len];
         byte data[len];
         byte riff[len];
-        iIo.read(riff, len);
-        iIo.read(data, len);
-        iIo.read(webp, len);
+        readOrThrow(iIo, riff, len, Exiv2::kerCorruptedMetadata);
+        readOrThrow(iIo, data, len, Exiv2::kerCorruptedMetadata);
+        readOrThrow(iIo, webp, len, Exiv2::kerCorruptedMetadata);
         bool matched_riff = (memcmp(riff, RiffImageId, len) == 0);
         bool matched_webp = (memcmp(webp, WebPImageId, len) == 0);
         iIo.seek(-12, BasicIo::cur);