rpms / exiv2

Clone
Source Code
GIT

Files

  1.   7244fe72ece7051db37805888c7b4f40c5f7ad46
  2.   exiv2-0.24-CVE-2014-9449.patch
Blob Blame History Raw 
diff -up exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449 exiv2-0.24/src/riffvideo.cpp
--- exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449	2013-12-01 06:13:42.000000000 -0600
+++ exiv2-0.24/src/riffvideo.cpp	2015-01-05 11:21:42.306728309 -0600
@@ -856,7 +856,7 @@ namespace Exiv2 {
 
     void RiffVideo::infoTagsHandler()
     {
-        const long bufMinSize = 100;
+        const long bufMinSize = 10000;
         DataBuf buf(bufMinSize);
         buf.pData_[4] = '\0';
         io_->seek(-12, BasicIo::cur);
@@ -879,10 +879,14 @@ namespace Exiv2 {
             if(infoSize >= 0) {
                 size -= infoSize;
                 io_->read(buf.pData_, infoSize);
+                if(infoSize < 4)
+                    buf.pData_[infoSize] = '\0';
             }
 
             if(tv)
                 xmpData_[exvGettext(tv->label_)] = buf.pData_;
+            else
+                continue;
         }
         io_->seek(cur_pos + size_external, BasicIo::beg);
     } // RiffVideo::infoTagsHandler
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.