17 lines
779 B
Diff
17 lines
779 B
Diff
diff -up libexif-0.6.13/libexif/exif-data.c.cve-2007-6352 libexif-0.6.13/libexif/exif-data.c
|
|
--- libexif-0.6.13/libexif/exif-data.c.cve-2007-6352 2007-12-15 22:06:15.000000000 -0500
|
|
+++ libexif-0.6.13/libexif/exif-data.c 2007-12-15 22:07:27.000000000 -0500
|
|
@@ -285,10 +285,9 @@ static void
|
|
exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d,
|
|
unsigned int ds, ExifLong offset, ExifLong size)
|
|
{
|
|
- if (ds < offset + size) {
|
|
+ if ((ds < offset + size) || (offset < 0) || (size < 0) || (offset + size < offset)) {
|
|
exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
|
|
- "Bogus thumbnail offset and size: %i < %i + %i.",
|
|
- (int) ds, (int) offset, (int) size);
|
|
+ "Bogus thumbnail offset and size");
|
|
return;
|
|
}
|
|
if (data->data)
|